Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MaJsoAmVxSn-Eo7Tz1p39MDTr5c.roa
File: MaJsoAmVxSn-Eo7Tz1p39MDTr5c.roa (raw, json)
Hash identifier: fya7e7whQL412t5onJyyJYhW/b+8cmzWn6ZlV9H4kK8=
Subject key identifier: 31:A2:6C:A0:09:95:C5:29:FE:12:8E:D3:CF:5A:77:F4:C0:D3:AF:97
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01903B6293FBDCB4AA93E1AFEB4409AEAC6F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MaJsoAmVxSn-Eo7Tz1p39MDTr5c.roa
Signing time: Fri 21 Jun 2024 15:20:34 +0000
ROA not before: Fri 21 Jun 2024 15:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134176
IP address blocks: 45.138.109.0/24 maxlen: 32
79.174.20.0/24 maxlen: 32
85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 15:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3b:62:93:fb:dc:b4:aa:93:e1:af:eb:44:09:ae:ac:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 21 15:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31a26ca00995c529fe128ed3cf5a77f4c0d3af97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a7:9c:b4:52:5b:45:62:8c:f7:aa:a5:47:0f:
53:8a:5b:80:c5:3e:a1:9f:3a:5c:e0:46:0e:d5:ac:
fb:ea:76:b8:9c:12:8d:07:23:4d:4c:64:89:36:09:
59:a2:22:c2:40:e8:a1:14:dc:db:d6:1e:66:65:e3:
a2:64:42:a8:63:c6:b9:de:82:34:8c:02:7a:64:a2:
3e:8e:78:98:34:6e:2e:c3:98:58:16:d2:b7:bb:f3:
e9:41:79:06:af:94:a4:cd:62:27:2a:69:ff:69:98:
48:45:51:1b:34:50:49:fd:80:db:16:75:1f:ce:9b:
9d:18:90:31:82:78:0a:d7:a1:27:fd:84:8f:7e:0d:
29:55:33:16:6b:8f:c9:ea:11:c5:ff:a8:11:43:73:
5a:47:e7:a6:53:cc:b2:91:62:f1:1f:f9:88:46:d7:
e6:95:7c:eb:70:b8:65:61:3e:da:2a:49:df:0a:07:
44:3e:b3:c8:fa:10:58:f5:84:60:0b:02:d2:ce:d8:
8c:94:36:8f:00:90:b2:d1:28:29:b3:c2:57:3e:98:
c5:d5:96:b7:d3:03:d6:5c:5e:e3:23:db:47:77:e0:
17:ef:bb:c9:e8:4b:38:a5:39:df:91:76:81:1e:bf:
d2:42:a7:ca:ce:76:5e:3d:69:a9:f4:cf:a1:c1:7f:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A2:6C:A0:09:95:C5:29:FE:12:8E:D3:CF:5A:77:F4:C0:D3:AF:97
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MaJsoAmVxSn-Eo7Tz1p39MDTr5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.109.0/24
79.174.20.0/24
85.209.254.0/24
185.190.81.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:12:6a:41:73:df:83:db:8b:23:4b:97:f7:26:60:ad:3e:6c:
f3:72:82:46:3a:79:35:54:dc:15:91:fe:75:2f:b3:ce:29:2b:
98:44:b9:93:e2:b5:d0:38:ab:db:25:56:d7:ba:e2:13:1d:d5:
5e:d1:1e:c5:4a:65:81:51:f9:74:2c:0e:6b:5c:d9:3a:52:b5:
d7:cb:9a:e3:43:f6:ba:c2:21:b4:dd:a5:03:89:78:48:29:f4:
e9:41:f6:41:99:81:a5:75:6c:85:60:8e:85:dd:27:78:c8:ab:
53:d8:8c:bb:f5:ae:f0:78:06:87:09:d9:ca:2e:3a:ad:d9:8b:
f4:8b:11:7d:af:8a:8b:46:3e:10:43:75:00:58:2d:3a:da:b4:
4e:0b:3b:4f:f2:b6:81:26:fb:ef:67:80:50:17:8d:a9:43:18:
0a:f0:3e:45:c4:c9:d8:65:03:2d:94:35:ff:81:e7:6c:90:6c:
33:27:6e:91:b3:f7:72:65:61:75:44:6c:02:4f:d5:88:24:f4:
da:eb:d8:e6:df:a5:4b:a9:bf:38:76:35:8e:5d:d0:40:77:3f:
1c:0e:a4:86:fb:e9:1a:d9:3c:95:ed:43:9e:2d:74:de:d1:68:
4f:a1:e7:c7:ea:90:89:48:9e:e0:3f:18:22:eb:dd:3e:19:34:
1e:ef:52:29
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZA7YpP73LSqk+Gv60QJrqxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwNjIxMTUyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWEyNmNhMDA5OTVjNTI5ZmUxMjhlZDNjZjVhNzdmNGMwZDNhZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aectFJbRWKM96qlRw9TiluAxT6h
nzpc4EYO1az76na4nBKNByNNTGSJNglZoiLCQOihFNzb1h5mZeOiZEKoY8a53oI0
jAJ6ZKI+jniYNG4uw5hYFtK3u/PpQXkGr5SkzWInKmn/aZhIRVEbNFBJ/YDbFnUf
zpudGJAxgngK16En/YSPfg0pVTMWa4/J6hHF/6gRQ3NaR+emU8yykWLxH/mIRtfm
lXzrcLhlYT7aKknfCgdEPrPI+hBY9YRgCwLSztiMlDaPAJCy0Sgps8JXPpjF1Za3
0wPWXF7jI9tHd+AX77vJ6Es4pTnfkXaBHr/SQqfKznZePWmp9M+hwX+HIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDGibKAJlcUp/hKO089ad/TA06+XMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTWFKc29BbVZ4U24tRW83VHoxcDM5TURUcjVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYptAwQA
T64UAwQAVdH+AwQAub5RMA0GCSqGSIb3DQEBCwUAA4IBAQBbEmpBc9+D24sjS5f3
JmCtPmzzcoJGOnk1VNwVkf51L7POKSuYRLmT4rXQOKvbJVbXuuITHdVe0R7FSmWB
Ufl0LA5rXNk6UrXXy5rjQ/a6wiG03aUDiXhIKfTpQfZBmYGldWyFYI6F3Sd4yKtT
2Iy79a7weAaHCdnKLjqt2Yv0ixF9r4qLRj4QQ3UAWC062rROCztP8raBJvvvZ4BQ
F42pQxgK8D5FxMnYZQMtlDX/gedskGwzJ26Rs/dyZWF1RGwCT9WIJPTa69jm36VL
qb84djWOXdBAdz8cDqSG++ka2TyV7UOeLXTe0WhPoefH6pCJSJ7gPxgi690+GTQe
71Ip
Generated at Tue Jul 2 17:56:19 2024 by rpki-client on console-fra.rpki-client.org