Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MTAzUYUoCAMgBOdfXLof07efFwo.roa
File: MTAzUYUoCAMgBOdfXLof07efFwo.roa (raw, json)
Hash identifier: CYTIzH8laOjycBuxUxeVJpWOjvosTQ2IntrsIq0KaEI=
Subject key identifier: 31:30:33:51:85:28:08:03:20:04:E7:5F:5C:BA:1F:D3:B7:9F:17:0A
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018AA4C8130F9C35FE37B2705695ABFB7FAB
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MTAzUYUoCAMgBOdfXLof07efFwo.roa
Signing time: Sun 17 Sep 2023 20:14:50 +0000
ROA not before: Sun 17 Sep 2023 20:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.186.208.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
83.147.244.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 12:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:c8:13:0f:9c:35:fe:37:b2:70:56:95:ab:fb:7f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 17 20:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31303351852808032004e75f5cba1fd3b79f170a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c1:43:0e:a0:b3:c1:70:3a:c5:2a:ed:64:5f:
12:7d:09:cd:9d:02:b7:11:a5:6b:5d:6d:92:cd:50:
ee:26:ca:16:bf:24:29:b7:ea:15:07:f2:fc:0f:bf:
60:0b:66:51:d9:54:e5:4c:1b:35:8b:05:29:80:cd:
b2:8e:80:6e:4e:ab:58:66:46:fa:56:10:5b:27:60:
d3:8f:0c:aa:9e:8c:b6:0d:41:38:6f:6b:f5:dc:47:
96:00:78:b3:0e:bb:ee:24:29:c6:2d:b5:02:01:ec:
92:ff:db:06:23:a3:c8:1f:ab:95:d4:ac:42:04:17:
19:95:f8:d9:50:7c:b2:cb:1b:e8:60:23:c9:ce:69:
d0:4a:e4:ea:75:ef:01:d8:72:e2:0a:1e:06:0b:af:
dd:09:13:e7:46:50:e3:14:87:df:0b:22:98:8a:ae:
2d:ba:6e:53:a5:d2:7a:2d:f7:37:9d:95:9b:e4:21:
0e:0f:e0:9d:b4:8f:44:64:b1:2e:88:07:bc:a1:ca:
e5:a7:8f:ad:64:c6:bc:57:e1:7b:d9:09:70:4e:ea:
8f:d9:61:00:f4:11:52:54:2b:b9:29:79:45:a8:85:
af:bb:cb:03:e9:6d:1a:f8:31:2a:57:31:c5:ea:a4:
94:7d:37:3f:b7:53:76:f4:7d:74:a9:a8:70:95:46:
a9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:30:33:51:85:28:08:03:20:04:E7:5F:5C:BA:1F:D3:B7:9F:17:0A
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MTAzUYUoCAMgBOdfXLof07efFwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
83.147.252.0/22
91.186.208.0/22
91.186.216.0/22
94.241.168.0/21
Signature Algorithm: sha256WithRSAEncryption
33:26:72:16:a2:79:bd:54:8f:f2:0e:5d:94:4f:de:69:8c:07:
35:10:50:6d:12:d5:75:c5:fe:17:f7:79:30:13:a7:82:c6:97:
ff:26:c6:ee:b2:5d:e2:73:01:89:66:eb:f0:2f:91:65:ee:67:
9a:99:4c:62:6c:e0:81:33:ba:a6:9b:75:aa:e6:37:aa:cd:07:
02:fd:d5:e7:22:e4:f8:d9:cf:f3:33:4d:32:1f:ec:f2:76:35:
ff:e0:c1:1e:27:7a:25:04:75:ba:c3:b2:0a:06:d6:25:87:cd:
d0:bd:2c:80:0f:50:11:c7:b5:07:a0:58:6a:66:b7:86:f3:22:
ed:21:64:c8:32:86:b0:c2:dc:45:a7:9b:59:f8:33:40:18:ec:
e8:05:3e:8c:2b:df:d1:68:a2:03:d0:05:57:ca:16:0d:0c:04:
85:4a:0b:0c:b7:1d:d3:b6:08:19:bf:a1:05:56:8a:e4:26:62:
46:43:29:25:4c:d4:1b:67:5e:88:ee:96:5a:23:7f:29:a3:cc:
87:9b:34:9c:6b:ba:70:65:cb:2e:92:ef:67:29:04:c7:f8:59:
85:59:fb:f4:2a:19:a0:16:0a:c8:20:3e:e0:cd:02:ce:fa:8b:
74:9d:dd:94:6f:af:dc:c8:08:90:ff:25:b7:64:f6:9b:a5:25:
c8:73:a0:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqkyBMPnDX+N7JwVpWr+3+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwOTE3MjAxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMwMzM1MTg1MjgwODAzMjAwNGU3NWY1Y2JhMWZkM2I3OWYxNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcFDDqCzwXA6xSrtZF8SfQnNnQK3
EaVrXW2SzVDuJsoWvyQpt+oVB/L8D79gC2ZR2VTlTBs1iwUpgM2yjoBuTqtYZkb6
VhBbJ2DTjwyqnoy2DUE4b2v13EeWAHizDrvuJCnGLbUCAeyS/9sGI6PIH6uV1KxC
BBcZlfjZUHyyyxvoYCPJzmnQSuTqde8B2HLiCh4GC6/dCRPnRlDjFIffCyKYiq4t
um5TpdJ6Lfc3nZWb5CEOD+CdtI9EZLEuiAe8ocrlp4+tZMa8V+F72QlwTuqP2WEA
9BFSVCu5KXlFqIWvu8sD6W0a+DEqVzHF6qSUfTc/t1N29H10qahwlUap4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDEwM1GFKAgDIATnX1y6H9O3nxcKMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTVRBelVZVW9DQU1nQk9kZlhMb2YwN2VmRndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU5P0AwQC
U5P8AwQCW7rQAwQCW7rYAwQDXvGoMA0GCSqGSIb3DQEBCwUAA4IBAQAzJnIWonm9
VI/yDl2UT95pjAc1EFBtEtV1xf4X93kwE6eCxpf/Jsbusl3icwGJZuvwL5Fl7mea
mUxibOCBM7qmm3Wq5jeqzQcC/dXnIuT42c/zM00yH+zydjX/4MEeJ3olBHW6w7IK
BtYlh83QvSyAD1ARx7UHoFhqZreG8yLtIWTIMoawwtxFp5tZ+DNAGOzoBT6MK9/R
aKID0AVXyhYNDASFSgsMtx3TtggZv6EFVorkJmJGQyklTNQbZ16I7pZaI38po8yH
mzSca7pwZcsuku9nKQTH+FmFWfv0KhmgFgrIID7gzQLO+ot0nd2Ub6/cyAiQ/yW3
ZPabpSXIc6B1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org