Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/MAgemi8I-25DxrAtNbRuAS5Rn9g.roa
File: MAgemi8I-25DxrAtNbRuAS5Rn9g.roa (raw, json)
Hash identifier: cvDpfAr07oEb6LIussk1JxbflYDKcbldZ6Vb8IcSgBM=
Subject key identifier: 30:08:1E:9A:2F:08:FB:6E:43:C6:B0:2D:35:B4:6E:01:2E:51:9F:D8
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ACB323F8E6CFBB7409BD66A62BB60
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/MAgemi8I-25DxrAtNbRuAS5Rn9g.roa
Signing time: Mon 02 Jan 2023 17:15:05 +0000
ROA not before: Mon 02 Jan 2023 17:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199738
IP address blocks: 176.32.54.0/24 maxlen: 24
185.48.84.0/22 maxlen: 24
176.32.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Nov 2023 15:22:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:cb:32:3f:8e:6c:fb:b7:40:9b:d6:6a:62:bb:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30081e9a2f08fb6e43c6b02d35b46e012e519fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:6a:48:63:d4:79:47:07:b5:9e:f2:a8:2b:
de:27:d2:82:48:7b:2f:7b:cb:9d:fd:22:05:8b:35:
4c:2e:f0:20:7c:9c:d7:c2:c2:a0:e5:21:a5:9b:b2:
1f:e6:15:de:74:83:88:39:12:bb:78:27:26:6f:a6:
b3:8d:2b:c1:20:4e:2b:cf:27:7a:a3:44:19:65:e2:
b9:0f:87:a5:90:1f:f1:6b:3a:96:f5:85:fb:b0:c5:
c2:fa:98:18:ef:07:36:c5:52:30:96:a5:0a:5e:2b:
49:d5:54:3f:b0:ac:24:18:32:e5:c0:a4:5d:11:db:
cd:e3:c8:74:02:02:6d:ff:40:94:c5:21:50:25:67:
ed:91:57:81:b6:ba:a2:4e:59:ef:0b:5d:79:37:bb:
59:e1:50:20:fd:2c:43:c2:19:70:37:50:07:17:9e:
b2:a0:03:17:b2:80:ed:25:14:9a:66:07:b3:e1:a6:
45:b2:75:fe:1a:46:5c:6d:0d:80:b6:09:72:cd:6c:
0d:b4:f3:7c:dd:13:b4:f1:76:57:fd:89:5f:4b:e6:
3b:97:ad:23:92:a3:16:41:2d:51:25:69:e9:93:bd:
7a:27:3b:1a:d4:c5:d1:ff:51:07:63:08:5f:e4:73:
c9:82:7a:d7:0d:9a:a9:96:02:f8:d3:96:86:cd:1c:
de:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:08:1E:9A:2F:08:FB:6E:43:C6:B0:2D:35:B4:6E:01:2E:51:9F:D8
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/MAgemi8I-25DxrAtNbRuAS5Rn9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.50.0/24
176.32.54.0/24
185.48.84.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:fb:d3:cc:76:1f:c7:57:b8:ed:9f:a6:1a:4e:ce:1b:7f:67:
5a:23:13:df:b8:18:ba:4f:92:1a:f0:7f:2d:fc:39:a6:6c:7b:
48:d2:cc:a7:5b:ff:5f:10:41:9e:18:aa:df:fe:a2:90:62:27:
d6:75:a6:f2:da:27:79:a8:21:c4:0e:f7:29:08:94:10:3f:c2:
21:e5:ca:4d:53:a5:e2:7f:c1:a2:4d:e3:e8:54:20:a3:c5:b7:
4e:0d:72:53:c0:b5:b6:f5:99:63:aa:0e:73:c3:f1:6e:96:84:
25:7a:2c:9e:a7:cb:5b:8b:de:12:c5:d2:f7:04:63:60:42:b5:
32:bb:3a:d1:30:20:02:ef:37:cf:14:43:dc:b7:1a:4f:46:e0:
77:41:ee:f8:29:79:ab:37:7e:f1:eb:ec:7d:68:f5:80:ed:b9:
d0:25:c2:50:bd:32:1e:f7:46:83:82:50:f4:63:65:1f:34:64:
d4:bf:66:7b:7a:49:ae:db:2a:49:42:7e:88:c8:8d:27:8e:61:
a0:f9:cd:38:74:aa:9d:37:ca:b2:ac:97:0d:8e:2c:da:b7:34:
b0:36:f2:93:dd:11:4f:0c:10:20:9c:00:57:e7:3f:e4:62:a8:
a1:30:df:64:66:05:71:d3:20:63:61:15:9b:ec:00:19:f0:c0:
89:94:9a:82
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzessyP45s+7dAm9ZqYrtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA4MWU5YTJmMDhmYjZlNDNjNmIwMmQzNWI0NmUwMTJlNTE5ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0hqSGPUeUcHtZ7yqCveJ9KCSHsv
e8ud/SIFizVMLvAgfJzXwsKg5SGlm7If5hXedIOIORK7eCcmb6azjSvBIE4rzyd6
o0QZZeK5D4elkB/xazqW9YX7sMXC+pgY7wc2xVIwlqUKXitJ1VQ/sKwkGDLlwKRd
EdvN48h0AgJt/0CUxSFQJWftkVeBtrqiTlnvC115N7tZ4VAg/SxDwhlwN1AHF56y
oAMXsoDtJRSaZgez4aZFsnX+GkZcbQ2AtglyzWwNtPN83RO08XZX/YlfS+Y7l60j
kqMWQS1RJWnpk716Jzsa1MXR/1EHYwhf5HPJgnrXDZqplgL405aGzRzeaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDAIHpovCPtuQ8awLTW0bgEuUZ/YMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTUFnZW1pOEktMjVEeHJBdE5iUnVBUzVSbjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsCAyAwQA
sCA2AwQCuTBUMA0GCSqGSIb3DQEBCwUAA4IBAQAb+9PMdh/HV7jtn6YaTs4bf2da
IxPfuBi6T5Ia8H8t/DmmbHtI0synW/9fEEGeGKrf/qKQYifWdaby2id5qCHEDvcp
CJQQP8Ih5cpNU6Xif8GiTePoVCCjxbdODXJTwLW29Zljqg5zw/FuloQleiyep8tb
i94SxdL3BGNgQrUyuzrRMCAC7zfPFEPctxpPRuB3Qe74KXmrN37x6+x9aPWA7bnQ
JcJQvTIe90aDglD0Y2UfNGTUv2Z7ekmu2ypJQn6IyI0njmGg+c04dKqdN8qyrJcN
jizatzSwNvKT3RFPDBAgnABX5z/kYqihMN9kZgVx0yBjYRWb7AAZ8MCJlJqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:50 2024 by rpki-client on console-ams.rpki-client.org