Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MgAl-93Aa5G7YYaEHccaZeVLNL0.roa
File: MgAl-93Aa5G7YYaEHccaZeVLNL0.roa (raw, json)
Hash identifier: v1NQgm6ZquUz7/+hAOK55RphXxxmzytUHDllXf8A3gU=
Subject key identifier: 32:00:25:FB:DD:C0:6B:91:BB:61:86:84:1D:C7:1A:65:E5:4B:34:BD
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018CC94BE33D3A9B0EE4543FE70280081E20
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MgAl-93Aa5G7YYaEHccaZeVLNL0.roa
Signing time: Tue 02 Jan 2024 08:30:42 +0000
ROA not before: Tue 02 Jan 2024 08:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8849
IP address blocks: 5.44.249.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.36.162.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
185.230.245.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
91.192.81.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 May 2024 09:20:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e3:3d:3a:9b:0e:e4:54:3f:e7:02:80:08:1e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jan 2 08:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320025fbddc06b91bb6186841dc71a65e54b34bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:de:46:f4:88:51:c2:61:08:7e:9d:1a:9e:
a5:23:1e:c1:70:31:12:ab:8b:de:8e:b5:c0:47:0e:
aa:03:9d:02:07:d0:03:f2:7a:cb:28:a1:e4:68:2c:
e7:5d:00:e8:f6:f3:9c:8c:a8:f2:82:c4:fd:fd:14:
79:10:1e:c5:f4:28:0f:3d:59:5b:bb:a2:ce:63:48:
27:61:ba:f5:86:1d:26:ae:b1:a3:8d:d0:85:95:c0:
cb:99:fe:60:7d:f4:e1:5a:79:e4:71:f5:96:e7:e7:
9d:5b:38:20:d7:61:1a:5e:73:8b:96:00:6e:1d:dc:
09:e3:04:8b:dc:7f:35:7d:40:c5:13:17:9b:13:53:
a8:40:45:38:b6:fe:34:34:a9:a7:14:0a:82:9e:fb:
46:15:a2:2d:9d:3f:66:28:93:a8:c8:fb:db:75:ea:
0c:45:e6:d3:bb:81:7e:bf:6b:3e:ca:68:f5:56:61:
7b:d9:d6:39:19:25:4e:79:5a:64:2f:1b:ce:e2:14:
3f:7f:f8:e6:b4:bc:8b:37:3a:9b:36:57:2f:66:a8:
d2:73:d4:63:51:98:27:03:8e:34:04:96:77:1a:33:
5c:9d:bd:d1:c5:38:58:28:73:f2:c5:6c:75:d6:ff:
03:cd:e7:d9:d2:42:cb:31:15:8a:e5:7c:e0:3b:dd:
58:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:00:25:FB:DD:C0:6B:91:BB:61:86:84:1D:C7:1A:65:E5:4B:34:BD
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/MgAl-93Aa5G7YYaEHccaZeVLNL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.111.112.0/22
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
Signature Algorithm: sha256WithRSAEncryption
2e:2d:b0:55:37:3d:cb:e0:3e:0f:9e:8b:8e:71:9a:98:d3:c9:
9f:71:43:b2:a5:52:33:08:46:00:a5:6c:81:26:c7:c2:f0:b6:
1f:5f:69:e5:1a:95:ec:dd:62:ff:71:55:b5:72:8b:9b:c5:f2:
2e:33:59:8c:9b:d9:10:ae:ac:c3:83:c8:23:90:3b:9e:6f:3c:
08:a9:0e:85:61:37:7f:05:b7:9a:81:cb:2c:5b:3c:00:f0:93:
c5:18:6a:47:88:bf:f7:0c:86:52:72:f2:61:f4:da:4c:70:44:
d6:03:5f:31:ba:c0:0d:28:eb:7f:5e:3b:aa:78:59:4c:68:b6:
5b:27:b7:fe:97:ed:a8:c6:55:28:d4:1e:27:e4:d4:9e:b7:7f:
ee:59:6a:17:83:28:08:f8:23:54:c4:d8:b5:36:d4:6d:54:bd:
2d:aa:3f:12:2a:27:e3:8c:54:6c:3c:f1:58:f5:c6:fe:a2:1d:
cc:72:85:1a:24:ec:85:7a:21:bf:05:98:b1:57:92:60:bb:19:
bf:9c:f7:57:22:2f:0c:09:98:ec:fe:04:db:05:c2:cd:76:a1:
d5:af:3c:eb:27:be:e1:68:a8:7b:34:63:d8:ab:dd:81:38:95:
4a:ca:08:1a:a4:73:3c:f5:95:1f:17:0c:ab:1f:6d:9b:cb:1f:
03:d4:4f:83
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzJS+M9OpsO5FQ/5wKACB4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjQwMTAyMDgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAwMjVmYmRkYzA2YjkxYmI2MTg2ODQxZGM3MWE2NWU1NGIzNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNfeRvSIUcJhCH6dGp6lIx7BcDES
q4vejrXARw6qA50CB9AD8nrLKKHkaCznXQDo9vOcjKjygsT9/RR5EB7F9CgPPVlb
u6LOY0gnYbr1hh0mrrGjjdCFlcDLmf5gffThWnnkcfWW5+edWzgg12EaXnOLlgBu
HdwJ4wSL3H81fUDFExebE1OoQEU4tv40NKmnFAqCnvtGFaItnT9mKJOoyPvbdeoM
RebTu4F+v2s+ymj1VmF72dY5GSVOeVpkLxvO4hQ/f/jmtLyLNzqbNlcvZqjSc9Rj
UZgnA440BJZ3GjNcnb3RxThYKHPyxWx11v8DzefZ0kLLMRWK5XzgO91YkQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFDIAJfvdwGuRu2GGhB3HGmXlSzS9MB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvTWdBbC05M0FhNUc3WVlhRUhjY2FaZVZMTkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBsBAIAATBmAwQABSz5
AwQAH97iAwQAPnq7AwQBWNIkAwQBWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQCZ29w
AwQAkhPEAwQAnv9MAwQAsGHAAwQBuYzSAwQAuZM1AwQAueD5AwQAueb1AwQAwSPg
MC4EAgACMCgDBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQAMGBCoG+QKA
MA0GCSqGSIb3DQEBCwUAA4IBAQAuLbBVNz3L4D4PnouOcZqY08mfcUOypVIzCEYA
pWyBJsfC8LYfX2nlGpXs3WL/cVW1coubxfIuM1mMm9kQrqzDg8gjkDuebzwIqQ6F
YTd/BbeagcssWzwA8JPFGGpHiL/3DIZScvJh9NpMcETWA18xusANKOt/XjuqeFlM
aLZbJ7f+l+2oxlUo1B4n5NSet3/uWWoXgygI+CNUxNi1NtRtVL0tqj8SKifjjFRs
PPFY9cb+oh3McoUaJOyFeiG/BZixV5Jguxm/nPdXIi8MCZjs/gTbBcLNdqHVrzzr
J77haKh7NGPYq92BOJVKyggapHM89ZUfFwyrH22byx8D1E+D
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:21 2024 by rpki-client on console-fra.rpki-client.org