Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/mMwM8OlVS45zx3K5Sopox4MQZZI.roa
File: mMwM8OlVS45zx3K5Sopox4MQZZI.roa (raw, json)
Hash identifier: NlbmN1AUSFkI9tkM+ENVDLfvmgqoGe6Xop5rLn9dZow=
Subject key identifier: 98:CC:0C:F0:E9:55:4B:8E:73:C7:72:B9:4A:8A:68:C7:83:10:65:92
Certificate issuer: /CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Certificate serial: 018B29F92583A916AEE22AEE6E9372108B32
Authority key identifier: 30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/mMwM8OlVS45zx3K5Sopox4MQZZI.roa
Signing time: Fri 13 Oct 2023 16:57:55 +0000
ROA not before: Fri 13 Oct 2023 16:57:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208660
IP address blocks: 185.213.72.0/22 maxlen: 22
185.226.12.0/22 maxlen: 22
185.226.254.0/24 maxlen: 24
185.226.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Oct 2023 13:13:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:f9:25:83:a9:16:ae:e2:2a:ee:6e:93:72:10:8b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30f1ba6111c8f1d3f37c1b7c1a5ed737402192f2
Validity
Not Before: Oct 13 16:57:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98cc0cf0e9554b8e73c772b94a8a68c783106592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ea:b0:e8:f9:49:1a:3d:3d:a9:7f:5d:7e:c6:
31:94:36:b8:bb:31:63:ec:c2:07:36:ad:f1:a8:ee:
9c:10:02:e3:e3:7b:15:71:de:cd:e0:1b:7a:82:6e:
3a:52:54:12:cc:72:49:38:c2:ec:e8:b6:2e:d8:0f:
80:d6:83:64:84:3e:41:0b:0b:ce:08:2c:43:82:54:
0f:df:10:98:ed:f7:00:24:eb:cd:36:a1:ad:49:e1:
d8:f4:b8:f4:0a:cf:80:ce:df:c5:e9:a3:1f:4f:3f:
d2:d5:dd:98:64:ea:9b:e9:15:99:47:12:92:98:ee:
e9:34:91:c3:12:25:7f:82:b8:6c:3f:20:b7:eb:85:
16:b0:21:ba:2f:3d:f1:aa:da:f9:9a:13:84:f1:72:
f1:8b:40:ad:19:a4:4e:2a:85:d5:59:7a:20:6c:e4:
5b:2e:1f:1e:9b:8f:52:09:a7:8c:1f:e4:c6:19:e0:
b6:44:4e:21:b7:63:73:c2:e4:2f:9a:11:42:de:a8:
27:41:fd:47:d2:1a:04:a3:20:1a:2d:58:9b:6d:21:
39:d5:da:25:05:68:c1:a7:89:38:13:34:99:47:a3:
a1:09:b9:5c:b8:a5:7a:bd:1f:0b:35:1f:9a:93:cf:
d1:7c:83:0f:fb:2f:59:ec:b1:f8:c9:0d:83:21:00:
39:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CC:0C:F0:E9:55:4B:8E:73:C7:72:B9:4A:8A:68:C7:83:10:65:92
X509v3 Authority Key Identifier:
keyid:30:F1:BA:61:11:C8:F1:D3:F3:7C:1B:7C:1A:5E:D7:37:40:21:92:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/mMwM8OlVS45zx3K5Sopox4MQZZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8d7c57-ba65-47fc-bcc4-c33018633d33/1/MPG6YRHI8dPzfBt8Gl7XN0AhkvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.72.0/22
185.226.12.0/22
185.226.254.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:fa:27:6c:41:6c:ea:e3:db:d0:6b:3f:d6:33:46:a8:48:37:
4a:3a:e9:89:48:c4:dd:1e:9b:77:1e:d4:de:1e:8e:d4:de:38:
3f:49:af:93:dd:c7:dd:55:80:75:c5:52:bb:99:25:61:a6:57:
c1:2a:8d:8e:1b:9a:89:61:44:cc:64:03:53:93:6e:c7:41:c1:
da:fb:94:38:c2:98:40:ca:b6:50:c0:3d:04:1c:6a:e6:42:ee:
c0:c5:e3:21:be:49:81:7d:32:18:f3:96:c6:8d:a4:58:f6:fe:
fc:d0:cc:fc:6d:a8:94:5b:fb:1e:6d:5b:72:06:f3:0b:db:56:
b1:fb:b8:f2:28:bc:ee:59:e7:39:90:df:4a:f3:15:65:2c:8e:
a5:4d:30:47:cf:87:fa:75:36:6f:3b:81:0e:1f:ca:78:bc:d8:
02:1d:80:28:3a:a4:0b:89:57:87:a8:bb:1b:5e:32:92:35:80:
2a:56:39:1a:ec:5f:5a:47:98:8c:1b:cc:ec:e2:0f:d6:51:d1:
21:d5:4f:d7:17:2d:c9:99:26:64:69:0c:0b:d2:4d:ff:44:b9:
6e:f3:0b:94:0f:f2:4d:2a:b4:e7:ad:00:83:4e:46:9d:a9:03:
93:b1:d4:97:ca:65:2e:89:ba:5a:12:61:54:c1:a1:74:2b:b8:
c1:87:c0:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsp+SWDqRau4irubpNyEIsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZjFiYTYxMTFjOGYxZDNmMzdjMWI3YzFhNWVkNzM3NDAy
MTkyZjIwHhcNMjMxMDEzMTY1NzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGNjMGNmMGU5NTU0YjhlNzNjNzcyYjk0YThhNjhjNzgzMTA2NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOqw6PlJGj09qX9dfsYxlDa4uzFj
7MIHNq3xqO6cEALj43sVcd7N4Bt6gm46UlQSzHJJOMLs6LYu2A+A1oNkhD5BCwvO
CCxDglQP3xCY7fcAJOvNNqGtSeHY9Lj0Cs+Azt/F6aMfTz/S1d2YZOqb6RWZRxKS
mO7pNJHDEiV/grhsPyC364UWsCG6Lz3xqtr5mhOE8XLxi0CtGaROKoXVWXogbORb
Lh8em49SCaeMH+TGGeC2RE4ht2NzwuQvmhFC3qgnQf1H0hoEoyAaLVibbSE51dol
BWjBp4k4EzSZR6OhCblcuKV6vR8LNR+ak8/RfIMP+y9Z7LH4yQ2DIQA5QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJjMDPDpVUuOc8dyuUqKaMeDEGWSMB8GA1UdIwQY
MBaAFDDxumERyPHT83wbfBpe1zdAIZLyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQt
YzMzMDE4NjMzZDMzLzEvbU13TThPbFZTNDV6eDNLNVNvcG94NE1RWlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZDdjNTctYmE2NS00N2ZjLWJjYzQtYzMzMDE4NjMzZDMz
LzEvTVBHNllSSEk4ZFB6ZkJ0OEdsN1hOMEFoa3ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudVIAwQC
ueIMAwQBueL+MA0GCSqGSIb3DQEBCwUAA4IBAQAu+idsQWzq49vQaz/WM0aoSDdK
OumJSMTdHpt3HtTeHo7U3jg/Sa+T3cfdVYB1xVK7mSVhplfBKo2OG5qJYUTMZANT
k27HQcHa+5Q4wphAyrZQwD0EHGrmQu7AxeMhvkmBfTIY85bGjaRY9v780Mz8baiU
W/sebVtyBvML21ax+7jyKLzuWec5kN9K8xVlLI6lTTBHz4f6dTZvO4EOH8p4vNgC
HYAoOqQLiVeHqLsbXjKSNYAqVjka7F9aR5iMG8zs4g/WUdEh1U/XFy3JmSZkaQwL
0k3/RLlu8wuUD/JNKrTnrQCDTkadqQOTsdSXymUuibpaEmFUwaF0K7jBh8AG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org