Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/Mw67vFAwI-4xI0ZvWu0Kx7gbA0E.roa
File: Mw67vFAwI-4xI0ZvWu0Kx7gbA0E.roa (raw, json)
Hash identifier: +mzBq9QfVX4vekRoYwIJEXHNYkpFo7mn4zKAGnAtMo4=
Subject key identifier: 33:0E:BB:BC:50:30:23:EE:31:23:46:6F:5A:ED:0A:C7:B8:1B:03:41
Certificate issuer: /CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Certificate serial: 018C6DE8DAD74123832E010C4F0CA893E156
Authority key identifier: 53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/Mw67vFAwI-4xI0ZvWu0Kx7gbA0E.roa
Signing time: Fri 15 Dec 2023 14:37:06 +0000
ROA not before: Fri 15 Dec 2023 14:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205842
IP address blocks: 185.239.188.0/23 maxlen: 23
185.202.72.0/23 maxlen: 23
185.202.74.0/23 maxlen: 23
2a0a:d2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:e8:da:d7:41:23:83:2e:01:0c:4f:0c:a8:93:e1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53d0359f9f8b20815ce4d988e109bf82306e4c74
Validity
Not Before: Dec 15 14:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=330ebbbc503023ee3123466f5aed0ac7b81b0341
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e1:06:56:b3:d0:72:2e:a2:ee:f7:78:67:31:
91:7b:65:96:76:c3:99:15:c3:b5:18:71:f1:a5:a3:
6f:e4:ec:44:60:bd:c2:72:95:19:c7:b1:c3:41:49:
cb:5e:8f:75:6b:35:c0:d9:cb:db:32:e0:19:10:8d:
56:24:a5:c0:59:3c:18:2e:db:42:39:71:b0:f5:f4:
06:7e:f9:7c:08:17:b2:2f:6b:d4:12:84:9b:27:55:
c0:29:5f:b9:d8:4a:57:21:fb:2a:56:ab:59:65:bb:
14:06:83:24:4c:f0:93:27:31:e5:aa:f4:b9:14:72:
a3:35:a9:80:8c:f0:95:db:b2:33:d1:ff:d1:11:94:
97:11:36:d0:7e:d0:c6:22:90:78:71:2a:3f:51:5a:
eb:21:3e:60:c1:7a:a0:91:7c:41:bd:60:de:ea:5c:
c5:25:ef:46:77:24:c9:20:a0:6a:d7:c7:1d:fc:b2:
b7:c7:b0:28:49:aa:08:d7:55:72:f9:eb:86:13:9d:
9b:a1:db:1d:c6:04:82:86:ef:ba:02:87:2e:4a:9e:
16:ab:4e:f3:83:c5:3a:52:d1:20:3f:3a:68:fd:0a:
33:cf:c6:3f:a6:4e:f2:20:8c:61:d5:87:24:d9:9d:
88:8f:26:2f:55:97:5a:88:04:93:db:d2:a0:e7:96:
1e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0E:BB:BC:50:30:23:EE:31:23:46:6F:5A:ED:0A:C7:B8:1B:03:41
X509v3 Authority Key Identifier:
keyid:53:D0:35:9F:9F:8B:20:81:5C:E4:D9:88:E1:09:BF:82:30:6E:4C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/Mw67vFAwI-4xI0ZvWu0Kx7gbA0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/493571-210e-4d1a-8819-a6c49ce90756/1/U9A1n5-LIIFc5NmI4Qm_gjBuTHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.72.0/22
185.239.188.0/23
IPv6:
2a0a:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:19:40:15:ee:0d:b9:b8:cd:85:44:cb:98:4f:9f:90:c3:12:
d8:b0:38:39:61:56:92:fd:74:a6:b6:47:1f:c6:47:cb:98:b4:
b4:de:af:ee:04:32:51:8c:c2:f0:a4:0f:87:1b:c9:01:c0:71:
49:bf:cc:f5:97:cd:f2:2e:e9:9a:db:08:76:f4:e5:04:5d:40:
5b:0a:99:47:df:a3:81:f2:a9:ea:7b:6a:ae:be:27:25:42:04:
69:fe:31:9c:12:6a:01:bd:f6:08:8e:1c:0c:54:d3:0c:fc:83:
dd:18:f3:f0:b7:9e:83:b9:e8:3a:41:29:ad:33:29:df:28:05:
bb:cb:aa:8d:0e:a2:6d:aa:7c:1b:45:c0:06:ed:08:97:83:7e:
8b:3c:2e:09:47:ed:aa:c3:6f:8f:4a:08:3d:74:e4:f2:05:94:
77:17:43:24:a8:56:1a:1f:5a:06:63:c1:8f:53:e0:37:f3:b5:
5e:d9:fc:9f:35:5a:77:86:5d:23:eb:fd:76:1c:b0:df:80:e6:
b5:0e:ac:ce:45:5f:76:1a:13:8c:c8:dc:37:64:63:21:af:38:
b2:b9:77:ea:bf:8b:02:03:4d:33:7d:a3:9c:ba:0a:02:ca:c0:
cb:8b:69:e3:d6:ac:5d:c5:33:52:88:8e:11:f5:5b:7d:c8:1b:
55:1d:82:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxt6NrXQSODLgEMTwyok+FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDAzNTlmOWY4YjIwODE1Y2U0ZDk4OGUxMDliZjgyMzA2
ZTRjNzQwHhcNMjMxMjE1MTQzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzBlYmJiYzUwMzAyM2VlMzEyMzQ2NmY1YWVkMGFjN2I4MWIwMzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluEGVrPQci6i7vd4ZzGRe2WWdsOZ
FcO1GHHxpaNv5OxEYL3CcpUZx7HDQUnLXo91azXA2cvbMuAZEI1WJKXAWTwYLttC
OXGw9fQGfvl8CBeyL2vUEoSbJ1XAKV+52EpXIfsqVqtZZbsUBoMkTPCTJzHlqvS5
FHKjNamAjPCV27Iz0f/REZSXETbQftDGIpB4cSo/UVrrIT5gwXqgkXxBvWDe6lzF
Je9GdyTJIKBq18cd/LK3x7AoSaoI11Vy+euGE52bodsdxgSChu+6AocuSp4Wq07z
g8U6UtEgPzpo/Qozz8Y/pk7yIIxh1Yck2Z2IjyYvVZdaiAST29Kg55YepQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMOu7xQMCPuMSNGb1rtCse4GwNBMB8GA1UdIwQY
MBaAFFPQNZ+fiyCBXOTZiOEJv4Iwbkx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTkt
YTZjNDljZTkwNzU2LzEvTXc2N3ZGQXdJLTR4STBadld1MEt4N2diQTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC80OTM1NzEtMjEwZS00ZDFhLTg4MTktYTZjNDljZTkwNzU2
LzEvVTlBMW41LUxJSUZjNU5tSTRRbV9nakJ1VEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucpIAwQB
ue+8MA0EAgACMAcDBQMqCtLAMA0GCSqGSIb3DQEBCwUAA4IBAQBfGUAV7g25uM2F
RMuYT5+QwxLYsDg5YVaS/XSmtkcfxkfLmLS03q/uBDJRjMLwpA+HG8kBwHFJv8z1
l83yLuma2wh29OUEXUBbCplH36OB8qnqe2quviclQgRp/jGcEmoBvfYIjhwMVNMM
/IPdGPPwt56Dueg6QSmtMynfKAW7y6qNDqJtqnwbRcAG7QiXg36LPC4JR+2qw2+P
Sgg9dOTyBZR3F0MkqFYaH1oGY8GPU+A387Ve2fyfNVp3hl0j6/12HLDfgOa1DqzO
RV92GhOMyNw3ZGMhrziyuXfqv4sCA00zfaOcugoCysDLi2nj1qxdxTNSiI4R9Vt9
yBtVHYKI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org