Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/MgA9Azs4XOpTbU7yG-fXfNai8-0.roa
File: MgA9Azs4XOpTbU7yG-fXfNai8-0.roa (raw, json)
Hash identifier: eR/+fB58bgemNNK+41Klv2fedQfwI+8uTBFsxYh2IOo=
Subject key identifier: 32:00:3D:03:3B:38:5C:EA:53:6D:4E:F2:1B:E7:D7:7C:D6:A2:F3:ED
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 018B27F20A75CFEFBFF3F1EB0715A60E9D74
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/MgA9Azs4XOpTbU7yG-fXfNai8-0.roa
Signing time: Fri 13 Oct 2023 07:30:55 +0000
ROA not before: Fri 13 Oct 2023 07:30:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201178
IP address blocks: 185.155.148.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:f2:0a:75:cf:ef:bf:f3:f1:eb:07:15:a6:0e:9d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Oct 13 07:30:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32003d033b385cea536d4ef21be7d77cd6a2f3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:34:7a:4d:c0:28:8e:b0:94:3e:7b:81:a9:85:
03:10:91:57:fe:2b:0d:21:67:e4:aa:e7:e5:b7:77:
3e:90:e3:b5:99:4f:06:a3:b1:43:fa:f6:9a:0d:46:
bf:e7:74:a1:e0:fc:a2:fd:79:8c:b4:3e:83:2d:c9:
c0:b8:64:19:c6:ea:0d:6b:1d:56:ef:57:10:8f:9e:
4f:8e:3f:a3:6f:18:a8:d3:a3:6c:f9:f4:d7:e9:19:
bd:2f:37:33:00:d5:65:cb:0b:ad:31:40:ed:88:a6:
fb:e7:79:17:89:61:6a:d8:36:07:ab:27:ae:fa:b5:
57:ed:b8:62:23:fd:11:7e:33:96:4b:ed:5e:b2:25:
e3:4c:78:71:e9:e0:5f:a5:2d:c1:1e:05:ab:7c:ec:
c8:25:3a:1f:82:82:d8:df:92:aa:17:53:68:a4:3a:
81:1b:2c:fa:1b:91:f8:c3:f3:bc:bb:95:6a:0e:7a:
21:c6:0e:f4:a7:54:6f:45:1b:6a:c2:6f:85:e4:13:
7e:1a:37:da:3a:dd:88:5e:51:12:b6:42:32:2e:31:
44:e9:d3:fc:7b:5e:47:65:1b:6f:ff:89:27:14:98:
8a:45:96:e0:22:97:98:12:be:8a:de:43:e3:07:c9:
b5:ad:1a:b6:ef:53:8e:d2:cc:3c:e1:b7:af:1b:4f:
3d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:00:3D:03:3B:38:5C:EA:53:6D:4E:F2:1B:E7:D7:7C:D6:A2:F3:ED
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/MgA9Azs4XOpTbU7yG-fXfNai8-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
5e:62:ba:92:86:fd:b1:9f:93:03:73:65:95:90:87:2a:5c:63:
18:15:15:bc:3c:2b:82:27:a9:e9:9f:64:85:eb:64:45:d1:2f:
39:9a:24:cc:d5:2c:3c:37:20:5a:75:72:64:bd:15:1d:93:e0:
22:58:9a:44:cb:d0:5a:91:8b:b6:71:af:09:bb:32:2f:7a:87:
67:cc:e2:c6:47:e3:1f:66:0b:ea:e5:e2:c1:f5:eb:f0:1d:a5:
60:30:9e:12:af:21:03:68:26:ab:2b:1e:40:f3:d7:bc:95:dd:
88:63:55:33:51:a2:6c:a1:03:e0:19:a2:49:64:85:18:61:ce:
ff:0d:86:3b:b3:29:4f:1b:0f:49:d9:82:82:f8:c7:73:13:5f:
72:0c:10:63:a6:df:d3:d9:1c:79:70:75:80:6b:e6:a1:32:b2:
18:70:e3:cc:3a:f1:27:b2:f9:03:27:f0:1c:df:9c:1e:ef:cf:
fe:f8:6c:8f:75:7e:da:ac:cf:50:10:b7:ba:dd:a9:3b:7c:30:
51:1f:e2:a4:21:ae:93:d4:6a:7f:68:f6:be:d1:55:bf:0f:b7:
be:73:e6:26:b2:da:68:30:dc:b6:31:c1:34:fc:17:bd:ec:de:
de:09:f2:1f:f9:28:51:e9:03:bd:7b:c1:b5:e4:91:79:9a:16:
46:7d:18:08
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYsn8gp1z++/8/HrBxWmDp10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjMxMDEzMDczMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAwM2QwMzNiMzg1Y2VhNTM2ZDRlZjIxYmU3ZDc3Y2Q2YTJmM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozR6TcAojrCUPnuBqYUDEJFX/isN
IWfkquflt3c+kOO1mU8Go7FD+vaaDUa/53Sh4Pyi/XmMtD6DLcnAuGQZxuoNax1W
71cQj55Pjj+jbxio06Ns+fTX6Rm9LzczANVlywutMUDtiKb753kXiWFq2DYHqyeu
+rVX7bhiI/0RfjOWS+1esiXjTHhx6eBfpS3BHgWrfOzIJTofgoLY35KqF1NopDqB
Gyz6G5H4w/O8u5VqDnohxg70p1RvRRtqwm+F5BN+GjfaOt2IXlEStkIyLjFE6dP8
e15HZRtv/4knFJiKRZbgIpeYEr6K3kPjB8m1rRq271OO0sw84bevG089rwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDIAPQM7OFzqU21O8hvn13zWovPtMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvTWdBOUF6czRYT3BUYlU3eUctZlhmTmFpOC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVHsAwQC
uZn4AwQCuZuUMA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQBeYrqS
hv2xn5MDc2WVkIcqXGMYFRW8PCuCJ6npn2SF62RF0S85miTM1Sw8NyBadXJkvRUd
k+AiWJpEy9BakYu2ca8JuzIveodnzOLGR+MfZgvq5eLB9evwHaVgMJ4SryEDaCar
Kx5A89e8ld2IY1UzUaJsoQPgGaJJZIUYYc7/DYY7sylPGw9J2YKC+MdzE19yDBBj
pt/T2Rx5cHWAa+ahMrIYcOPMOvEnsvkDJ/Ac35we78/++GyPdX7arM9QELe63ak7
fDBRH+KkIa6T1Gp/aPa+0VW/D7e+c+YmstpoMNy2McE0/Be97N7eCfIf+ShR6QO9
e8G15JF5mhZGfRgI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org