Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/mvvgEJ-f9jSjTC17yIVSF-PGPns.roa
File: mvvgEJ-f9jSjTC17yIVSF-PGPns.roa (raw, json)
Hash identifier: koJFq3bxtlwgxzgt8TDR44YOhDidzAmlbh3hW/A7NLY=
Subject key identifier: 9A:FB:E0:10:9F:9F:F6:34:A3:4C:2D:7B:C8:85:52:17:E3:C6:3E:7B
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 018CCA99E88005F68C4D991E379C3AF00260
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/mvvgEJ-f9jSjTC17yIVSF-PGPns.roa
Signing time: Tue 02 Jan 2024 14:35:33 +0000
ROA not before: Tue 02 Jan 2024 14:35:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49675
IP address blocks: 185.161.180.0/24 maxlen: 24
185.161.180.0/22 maxlen: 22
185.161.181.0/24 maxlen: 24
185.161.183.0/24 maxlen: 24
185.161.182.0/24 maxlen: 24
46.17.201.0/24 maxlen: 24
46.17.200.0/21 maxlen: 21
46.17.202.0/24 maxlen: 24
46.17.206.0/24 maxlen: 24
46.17.200.0/24 maxlen: 24
46.17.204.0/24 maxlen: 24
46.17.205.0/24 maxlen: 24
46.17.203.0/24 maxlen: 24
46.17.207.0/24 maxlen: 24
2a02:26a8:f001::/48 maxlen: 48
2a02:26a8:ffff::/48 maxlen: 48
2a02:26a8:3::/48 maxlen: 48
2a02:26a8:fffe::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 13:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:e8:80:05:f6:8c:4d:99:1e:37:9c:3a:f0:02:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Jan 2 14:35:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9afbe0109f9ff634a34c2d7bc8855217e3c63e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fa:ed:d3:bf:da:12:f0:5e:e4:12:af:83:89:
77:1c:83:40:1c:18:d1:20:01:9e:b2:c2:f4:d2:ee:
7c:d1:91:87:87:c0:79:2d:58:f6:17:31:56:26:21:
df:af:31:85:90:71:87:97:8e:0f:5d:c5:9e:49:69:
33:cd:39:52:32:49:ac:e8:0b:22:ff:76:b2:29:0d:
d9:01:37:66:12:00:ee:5a:eb:02:3b:03:38:42:43:
54:b5:44:4b:2d:f1:c2:16:bc:f1:32:3c:38:47:d6:
8f:c6:9c:8e:03:45:37:22:b8:f6:24:31:f9:8e:dd:
1d:8e:66:6d:b5:96:a9:69:d6:0d:11:d0:50:7e:0b:
1a:31:d3:33:7c:8c:66:88:78:a1:b0:04:ae:d0:90:
c6:58:83:05:e9:fc:5b:ec:5f:39:f5:87:d8:6b:48:
67:77:20:d8:27:bf:4e:18:d2:31:92:46:f6:c8:7a:
c4:a1:b9:bb:f0:4f:06:11:e3:85:75:a3:61:dc:8c:
fe:e1:50:4d:3c:9c:75:c1:6f:e4:4a:d5:a8:b9:82:
4f:e0:70:8a:3f:ec:18:08:e5:2f:4c:5b:23:1d:27:
3a:d5:57:40:5f:34:5c:5d:37:6f:7d:c3:f7:f5:97:
51:5c:c3:de:27:ee:a0:e5:7f:cd:e7:4b:46:4b:28:
c9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:FB:E0:10:9F:9F:F6:34:A3:4C:2D:7B:C8:85:52:17:E3:C6:3E:7B
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/mvvgEJ-f9jSjTC17yIVSF-PGPns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.200.0/21
185.161.180.0/22
IPv6:
2a02:26a8:3::/48
2a02:26a8:f001::/48
2a02:26a8:fffe::/47
Signature Algorithm: sha256WithRSAEncryption
03:27:54:44:83:9a:ab:fc:5e:13:7e:af:52:a6:78:19:2d:3c:
b9:b7:77:11:60:d8:1a:10:df:1c:50:52:59:5f:21:43:89:a6:
cb:14:39:f4:a4:08:a4:d4:4b:26:21:da:6d:ab:f3:2f:f0:dc:
4a:f4:2b:04:ea:af:0e:d4:da:c9:4a:d6:18:fb:b7:b0:d0:97:
94:1e:1a:13:37:e7:6a:2d:e6:fe:aa:f0:02:7a:9c:3c:42:3e:
35:aa:2f:c7:3f:9b:fe:0d:87:b4:dd:94:bc:8e:05:52:db:bf:
3e:19:78:72:30:7c:bb:ef:6a:d2:8a:8a:af:1d:57:ef:26:8d:
ee:3f:9b:5a:1a:11:5a:f9:d9:f4:3b:b8:10:79:3d:b0:4c:a8:
75:5b:28:78:2f:40:23:4b:37:39:85:21:92:60:00:a5:6b:43:
b5:a8:78:ca:23:82:5a:0e:6f:17:e0:8a:f7:5f:d7:de:a7:21:
89:03:8b:f8:81:aa:2a:fd:37:7e:4e:fd:f0:8d:4a:0c:9e:71:
c1:2d:e3:df:e8:e1:09:88:8d:47:25:d7:2a:e4:0f:33:0b:1c:
29:2c:30:aa:fb:76:37:3f:32:82:22:63:1e:ea:e1:ce:e8:ac:
9f:5a:bd:91:a3:80:7a:77:46:1e:b6:52:c2:3e:34:43:17:1e:
7c:8b:a8:d0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzKmeiABfaMTZkeN5w68AJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjQwMTAyMTQzNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWZiZTAxMDlmOWZmNjM0YTM0YzJkN2JjODg1NTIxN2UzYzYzZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfrt07/aEvBe5BKvg4l3HINAHBjR
IAGessL00u580ZGHh8B5LVj2FzFWJiHfrzGFkHGHl44PXcWeSWkzzTlSMkms6Asi
/3ayKQ3ZATdmEgDuWusCOwM4QkNUtURLLfHCFrzxMjw4R9aPxpyOA0U3Irj2JDH5
jt0djmZttZapadYNEdBQfgsaMdMzfIxmiHihsASu0JDGWIMF6fxb7F859YfYa0hn
dyDYJ79OGNIxkkb2yHrEobm78E8GEeOFdaNh3Iz+4VBNPJx1wW/kStWouYJP4HCK
P+wYCOUvTFsjHSc61VdAXzRcXTdvfcP39ZdRXMPeJ+6g5X/N50tGSyjJKQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJr74BCfn/Y0o0wte8iFUhfjxj57MB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEvbXZ2Z0VKLWY5alNqVEMxN3lJVlNGLVBHUG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQDLhHIAwQC
uaG0MCEEAgACMBsDBwAqAiaoAAMDBwAqAiao8AEDBwEqAiao//4wDQYJKoZIhvcN
AQELBQADggEBAAMnVESDmqv8XhN+r1KmeBktPLm3dxFg2BoQ3xxQUllfIUOJpssU
OfSkCKTUSyYh2m2r8y/w3Er0KwTqrw7U2slK1hj7t7DQl5QeGhM352ot5v6q8AJ6
nDxCPjWqL8c/m/4Nh7TdlLyOBVLbvz4ZeHIwfLvvatKKiq8dV+8mje4/m1oaEVr5
2fQ7uBB5PbBMqHVbKHgvQCNLNzmFIZJgAKVrQ7WoeMojgloObxfgivdf196nIYkD
i/iBqir9N35O/fCNSgyeccEt49/o4QmIjUcl1yrkDzMLHCksMKr7djc/MoIiYx7q
4c7orJ9avZGjgHp3Rh62UsI+NEMXHnyLqNA=
-----END CERTIFICATE-----
Generated at Tue Oct 8 17:14:56 2024 by rpki-client on console-fra.rpki-client.org