Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/MJQr83EhPZhkF2pmVyEb5p8tSwc.roa
File: MJQr83EhPZhkF2pmVyEb5p8tSwc.roa (raw, json)
Hash identifier: yslDkFYsY16CNGgB5HYpMtPxI8381mEzIYZ3OydwSfI=
Subject key identifier: 30:94:2B:F3:71:21:3D:98:64:17:6A:66:57:21:1B:E6:9F:2D:4B:07
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 01856B934CEB34F033B655567DC07EC8F4B2
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/MJQr83EhPZhkF2pmVyEb5p8tSwc.roa
Signing time: Sun 01 Jan 2023 04:24:53 +0000
ROA not before: Sun 01 Jan 2023 04:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24989
IP address blocks: 217.79.208.0/20 maxlen: 24
89.202.0.0/17 maxlen: 24
88.84.136.0/21 maxlen: 24
217.68.144.0/20 maxlen: 24
193.110.116.0/22 maxlen: 24
2a02:20a8::/32 maxlen: 48
2001:4c68::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:4c:eb:34:f0:33:b6:55:56:7d:c0:7e:c8:f4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 1 04:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30942bf371213d9864176a6657211be69f2d4b07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:94:75:60:1b:84:49:c8:42:13:ad:38:e8:ba:
ef:de:6e:64:c5:76:b1:f7:e2:40:e5:bd:87:3b:f5:
1d:68:9d:c3:62:3e:62:a3:26:4f:01:91:fb:99:f8:
a4:02:95:05:49:9b:7c:ff:30:f9:d0:e5:0d:1a:80:
00:3a:15:22:57:25:77:00:3d:e3:04:e2:9f:f4:cd:
c8:26:2a:e7:a5:63:ca:65:f2:a7:af:ab:56:89:e2:
5e:0f:9d:c8:dd:c0:0a:66:80:77:d5:b5:7e:57:8b:
2f:4f:b8:d3:5d:2b:07:2d:f6:b2:76:e5:58:b1:df:
cf:f7:29:03:76:be:c4:34:9a:75:a5:ce:43:b6:58:
6b:9b:ff:6b:36:e4:7a:5b:ef:bb:a2:52:bc:e0:9a:
71:b2:fb:a0:69:40:99:d3:9b:b8:c6:63:6c:63:a4:
89:e3:97:42:4e:ef:63:06:a2:0e:c4:4c:7a:bd:3e:
76:d9:72:64:7b:4a:ba:19:7b:1c:33:7b:90:8a:09:
fd:fb:5a:f7:31:a1:31:42:97:43:d9:47:dc:7a:5b:
1e:ff:21:c1:09:99:da:21:de:2b:c2:d4:49:67:70:
98:35:2b:ba:e8:31:fc:97:ea:ac:8d:21:58:4a:9e:
3f:fc:ea:2b:f4:14:cb:8b:19:de:c1:d1:c7:b9:43:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:94:2B:F3:71:21:3D:98:64:17:6A:66:57:21:1B:E6:9F:2D:4B:07
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/MJQr83EhPZhkF2pmVyEb5p8tSwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.136.0/21
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/32
Signature Algorithm: sha256WithRSAEncryption
27:5c:9d:f6:eb:7d:40:94:24:02:38:d8:bd:2b:96:5d:a5:f5:
b6:19:e2:a1:27:88:c9:33:60:64:16:d2:65:8d:5a:04:13:28:
95:d3:a9:be:58:ef:86:df:2c:f9:91:f6:be:02:88:06:4c:65:
5b:63:76:6c:76:da:a2:6c:f9:64:43:c6:bd:fe:b1:32:81:b0:
5e:17:89:48:57:e2:f5:a2:ec:a8:01:87:0c:8c:88:8e:28:43:
ab:bd:22:dd:6d:67:b3:c3:36:98:b9:07:08:36:35:84:53:5b:
9b:d1:bf:58:42:92:59:c6:f6:7d:80:cc:09:cc:7b:e9:18:f2:
b2:45:32:79:57:27:fc:1d:39:85:08:55:71:b7:c9:0f:fe:b7:
34:f2:7f:8f:d8:88:2f:9e:18:8d:dc:bb:ad:82:fe:1a:48:d2:
06:08:49:bd:34:d0:62:d2:64:cb:a3:bd:aa:97:4a:9c:35:f3:
37:c3:40:1a:3b:66:f8:c0:ea:bb:a0:84:e8:58:5b:1f:a6:f5:
f6:4b:08:f3:46:06:10:03:53:2c:e8:20:31:53:3a:e3:8c:64:
8b:b6:9e:94:6b:45:14:95:66:be:fb:0c:df:5b:e2:aa:10:3d:
23:d1:fb:84:f6:e8:26:e0:db:6b:93:3e:1a:7b:16:e3:89:08:
c0:59:34:86
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVrk0zrNPAztlVWfcB+yPSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTc3YzcwOGFmMGJhMWY4MTU0OWM5Zjg3MDg5NTU5Mzkw
MTY3YTUwHhcNMjMwMTAxMDQyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk0MmJmMzcxMjEzZDk4NjQxNzZhNjY1NzIxMWJlNjlmMmQ0YjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJR1YBuESchCE6046Lrv3m5kxXax
9+JA5b2HO/UdaJ3DYj5ioyZPAZH7mfikApUFSZt8/zD50OUNGoAAOhUiVyV3AD3j
BOKf9M3IJirnpWPKZfKnr6tWieJeD53I3cAKZoB31bV+V4svT7jTXSsHLfayduVY
sd/P9ykDdr7ENJp1pc5Dtlhrm/9rNuR6W++7olK84JpxsvugaUCZ05u4xmNsY6SJ
45dCTu9jBqIOxEx6vT522XJke0q6GXscM3uQign9+1r3MaExQpdD2Ufcelse/yHB
CZnaId4rwtRJZ3CYNSu66DH8l+qsjSFYSp4//Oor9BTLixnewdHHuUNX0wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDCUK/NxIT2YZBdqZlchG+afLUsHMB8GA1UdIwQY
MBaAFKynfHCK8LofgVScn4cIlVk5AWelMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYt
MjhiMTllM2ZkNGE2LzEvTUpRcjgzRWhQWmhrRjJwbVZ5RWI1cDh0U3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84ZmU3ZDgtMDE3Yi00MWFhLWE5MWYtMjhiMTllM2ZkNGE2
LzEvcktkOGNJcnd1aC1CVkp5Zmh3aVZXVGtCWjZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDWFSIAwQH
WcoAAwQCwW50AwQE2USQAwQE2U/QMBQEAgACMA4DBQAgAUxoAwUAKgIgqDANBgkq
hkiG9w0BAQsFAAOCAQEAJ1yd9ut9QJQkAjjYvSuWXaX1thnioSeIyTNgZBbSZY1a
BBMoldOpvljvht8s+ZH2vgKIBkxlW2N2bHbaomz5ZEPGvf6xMoGwXheJSFfi9aLs
qAGHDIyIjihDq70i3W1ns8M2mLkHCDY1hFNbm9G/WEKSWcb2fYDMCcx76RjyskUy
eVcn/B05hQhVcbfJD/63NPJ/j9iIL54Yjdy7rYL+GkjSBghJvTTQYtJky6O9qpdK
nDXzN8NAGjtm+MDqu6CE6FhbH6b19ksI80YGEANTLOggMVM644xki7aelGtFFJVm
vvsM31viqhA9I9H7hPboJuDba5M+GnsW44kIwFk0hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:30 2024 by rpki-client on console-ams.rpki-client.org