Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MpJXl07R-w_jcTBf-JOI7ZwnPBM.roa
File: MpJXl07R-w_jcTBf-JOI7ZwnPBM.roa (raw, json)
Hash identifier: nKT43aamQWqC9wfxB9J69DN4X8HBrcpsAbk1EYdocOc=
Subject key identifier: 32:92:57:97:4E:D1:FB:0F:E3:71:30:5F:F8:93:88:ED:9C:27:3C:13
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 0194266BE8FFCC28827BA55E4FAB077FC6F5
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MpJXl07R-w_jcTBf-JOI7ZwnPBM.roa
Signing time: Thu 02 Jan 2025 09:49:53 +0000
ROA not before: Thu 02 Jan 2025 09:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 193.45.0.0/22 maxlen: 22
193.45.6.0/24 maxlen: 24
193.45.10.0/23 maxlen: 24
193.45.14.0/23 maxlen: 23
193.45.142.0/23 maxlen: 23
193.45.142.0/24 maxlen: 24
193.45.254.0/24 maxlen: 24
217.212.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Fri 31 Jan 2025 09:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e8:ff:cc:28:82:7b:a5:5e:4f:ab:07:7f:c6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 09:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=329257974ed1fb0fe371305ff89388ed9c273c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d1:72:d5:3e:23:c8:61:d6:4e:c7:f9:a8:13:
7c:90:f0:a2:cd:2e:4b:d5:ca:fc:ca:a8:59:57:1f:
4e:33:48:4b:62:73:76:b5:5b:87:a1:c8:f2:cd:22:
56:d8:b8:8a:d6:4d:71:f5:90:c4:a1:6f:46:57:2f:
fc:03:5f:16:ca:f4:41:c2:3c:6f:e5:3c:b1:88:70:
28:b9:65:d4:eb:05:28:88:63:3b:14:39:30:b5:31:
f5:42:a8:d5:2d:c2:0e:cd:14:b1:5c:59:bc:2f:11:
e4:3d:85:84:8e:7c:59:5c:7a:da:e9:43:98:0b:27:
85:81:dd:72:e8:7d:04:54:52:19:2e:22:7c:56:2f:
c1:c8:b1:7f:45:74:13:08:c4:91:7a:29:2d:1b:f0:
29:26:1a:fe:88:a1:57:51:72:0f:0e:56:75:58:38:
80:7e:46:7b:6d:a0:f2:ca:e9:4a:fd:f9:0c:14:65:
01:da:a0:91:43:32:5b:a0:13:29:64:cf:98:8d:10:
4e:ae:b4:0f:2d:2b:bd:b1:56:a6:dd:65:07:10:e1:
85:1d:1b:7a:f3:fa:fa:d8:5b:0e:79:4f:32:02:75:
a3:7e:20:12:29:d5:ac:c3:73:48:22:69:6b:ae:07:
97:37:cd:97:86:c1:06:7e:07:6d:24:3a:e6:14:0b:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:92:57:97:4E:D1:FB:0F:E3:71:30:5F:F8:93:88:ED:9C:27:3C:13
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/MpJXl07R-w_jcTBf-JOI7ZwnPBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.45.0.0/22
193.45.6.0/24
193.45.10.0/23
193.45.14.0/23
193.45.142.0/23
193.45.254.0/24
217.212.224.0/19
Signature Algorithm: sha256WithRSAEncryption
ce:50:bd:5d:fb:b1:e5:7d:ca:41:5c:b9:92:32:fa:5e:1e:9d:
d4:97:1a:e8:de:3e:66:6f:03:ac:4d:57:88:4d:4a:7f:9e:2e:
e5:af:91:68:d0:93:6d:50:f1:1e:4c:2a:dc:e6:22:7d:e6:7e:
4d:8c:a1:eb:23:72:5e:bd:0f:58:e5:9f:ac:95:69:92:01:0f:
ff:df:05:10:23:81:c0:d6:ba:12:99:8c:07:39:67:c7:9d:00:
5b:ce:d5:07:64:64:6b:6c:cb:05:fc:83:ae:32:fe:f9:e2:aa:
3e:b4:23:5f:60:29:f8:83:d0:ae:db:e7:9c:e3:dc:0a:f4:cd:
bb:cd:f2:8b:30:f2:51:a0:9b:b5:9e:e9:7a:b1:a5:84:69:06:
5e:ce:91:2c:6f:56:3a:55:3e:26:ae:64:d0:b7:9f:a6:e3:96:
ef:29:69:75:6d:cf:a0:20:14:bb:e6:61:43:2c:5f:31:22:51:
71:f0:82:02:ae:c8:86:f7:8c:5a:e6:fa:13:08:40:31:ec:bf:
59:9e:2f:e7:62:37:e6:44:4f:42:db:d7:99:3f:4c:07:70:82:
99:56:b8:36:8d:70:14:25:ad:62:12:b9:f6:f3:c2:d8:8c:4c:
d1:06:0f:f3:c5:d0:8e:c5:db:bc:64:e5:7e:a5:56:d0:70:d1:
37:33:60:23
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQma+j/zCiCe6VeT6sHf8b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjUwMTAyMDk0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkyNTc5NzRlZDFmYjBmZTM3MTMwNWZmODkzODhlZDljMjczYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9Fy1T4jyGHWTsf5qBN8kPCizS5L
1cr8yqhZVx9OM0hLYnN2tVuHocjyzSJW2LiK1k1x9ZDEoW9GVy/8A18WyvRBwjxv
5TyxiHAouWXU6wUoiGM7FDkwtTH1QqjVLcIOzRSxXFm8LxHkPYWEjnxZXHra6UOY
CyeFgd1y6H0EVFIZLiJ8Vi/ByLF/RXQTCMSReiktG/ApJhr+iKFXUXIPDlZ1WDiA
fkZ7baDyyulK/fkMFGUB2qCRQzJboBMpZM+YjRBOrrQPLSu9sVam3WUHEOGFHRt6
8/r62FsOeU8yAnWjfiASKdWsw3NIImlrrgeXN82XhsEGfgdtJDrmFAutiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDKSV5dO0fsP43EwX/iTiO2cJzwTMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvTXBKWGwwN1Itd19qY1RCZi1KT0k3WnduUEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCwS0AAwQA
wS0GAwQBwS0KAwQBwS0OAwQBwS2OAwQAwS3+AwQF2dTgMA0GCSqGSIb3DQEBCwUA
A4IBAQDOUL1d+7HlfcpBXLmSMvpeHp3Ulxro3j5mbwOsTVeITUp/ni7lr5Fo0JNt
UPEeTCrc5iJ95n5NjKHrI3JevQ9Y5Z+slWmSAQ//3wUQI4HA1roSmYwHOWfHnQBb
ztUHZGRrbMsF/IOuMv754qo+tCNfYCn4g9Cu2+ec49wK9M27zfKLMPJRoJu1nul6
saWEaQZezpEsb1Y6VT4mrmTQt5+m45bvKWl1bc+gIBS75mFDLF8xIlFx8IICrsiG
94xa5voTCEAx7L9Zni/nYjfmRE9C29eZP0wHcIKZVrg2jXAUJa1iErn288LYjEzR
Bg/zxdCOxdu8ZOV+pVbQcNE3M2Aj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:08 2025 by rpki-client