Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/MPvAGMYklEa9JwKV2C_P84b7RVE.roa
File: MPvAGMYklEa9JwKV2C_P84b7RVE.roa (raw, json)
Hash identifier: z0hT4cUf+uVoiTIboINDZdYfrxZyzGKv4jNT3GCHEVE=
Subject key identifier: 30:FB:C0:18:C6:24:94:46:BD:27:02:95:D8:2F:CF:F3:86:FB:45:51
Certificate issuer: /CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Certificate serial: 0185708CA35ED6579D0DA3779898923B7324
Authority key identifier: 41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/MPvAGMYklEa9JwKV2C_P84b7RVE.roa
Signing time: Mon 02 Jan 2023 03:35:43 +0000
ROA not before: Mon 02 Jan 2023 03:35:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35185
IP address blocks: 91.208.199.0/24 maxlen: 24
85.209.165.0/24 maxlen: 24
85.209.166.0/24 maxlen: 24
85.209.164.0/24 maxlen: 24
85.209.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a3:5e:d6:57:9d:0d:a3:77:98:98:92:3b:73:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Validity
Not Before: Jan 2 03:35:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30fbc018c6249446bd270295d82fcff386fb4551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:59:e2:94:9c:24:31:bb:4d:76:e2:aa:71:93:
f0:c9:59:40:51:d5:98:fe:62:3c:f4:46:9d:f7:b6:
fd:b6:c5:b6:52:0f:a6:5f:0c:43:16:11:77:91:7f:
68:03:17:d9:1d:f2:41:9d:d6:ef:0b:62:1d:60:57:
c0:74:04:7a:5f:89:8a:29:6a:91:2c:31:73:e7:96:
99:62:a7:71:be:2f:d3:d5:6c:57:d4:b5:41:32:99:
bb:e5:90:ed:c2:6b:22:2c:64:e7:da:c2:33:9d:64:
9e:16:c5:86:c6:4b:03:22:95:f2:e8:48:a4:f3:e0:
c1:1f:9e:44:fb:63:7c:fb:c3:48:b3:e6:24:ea:2b:
2e:66:c5:f3:c7:63:26:30:84:6b:8d:8b:f9:fe:e4:
3e:8e:88:70:3c:ba:6c:b3:45:2c:3a:f5:68:6f:74:
19:70:9b:ce:97:50:e1:a1:62:fe:1e:f1:3b:7c:e7:
6b:22:5b:49:fb:7e:33:69:d1:0a:10:df:16:33:60:
c5:5c:9f:cf:0f:8a:1c:dc:8f:5f:3f:93:7c:8b:44:
46:0a:46:34:34:82:bb:a0:b4:00:b2:b2:1b:d8:c1:
83:d9:a6:35:e7:47:41:a3:49:11:a4:d8:d1:6c:c3:
05:dc:56:c2:86:cc:ef:d6:9a:b9:11:1d:e1:7f:8b:
ea:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FB:C0:18:C6:24:94:46:BD:27:02:95:D8:2F:CF:F3:86:FB:45:51
X509v3 Authority Key Identifier:
keyid:41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/MPvAGMYklEa9JwKV2C_P84b7RVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.164.0/22
91.208.199.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ca:a4:a2:b9:cf:6b:48:e4:fa:ab:03:3c:17:fe:e2:23:8e:
3f:05:66:34:b6:07:98:92:96:2c:aa:7a:ef:1c:b2:32:3d:be:
25:b1:11:90:e1:9b:91:16:32:d8:54:21:7f:ff:52:bc:7a:20:
f4:06:d5:90:a6:55:a8:9d:15:0b:e7:68:35:7a:a1:48:d5:51:
c8:c7:55:58:fc:33:f1:cb:3a:2e:45:8d:70:3e:b9:73:09:cd:
03:a4:7f:96:32:f1:b6:f8:58:ff:7b:aa:91:43:ab:88:f5:4d:
f5:47:d7:6c:63:b7:4f:7e:f2:00:50:71:a2:de:a6:a4:9c:fe:
e9:ab:e8:64:b1:45:36:22:05:4c:7c:93:0d:9a:5d:40:6b:aa:
05:54:a4:8d:a9:92:e2:b9:b9:7e:e1:71:cd:8a:b4:86:1d:de:
ad:c8:16:6c:ad:c9:2d:d7:d8:23:ba:64:3a:a8:bf:b8:57:d4:
9d:2f:1c:4c:86:28:8d:f6:08:9b:e2:74:46:de:a7:79:a0:68:
34:dc:47:47:2b:84:f3:01:e2:89:3d:09:2f:7c:df:23:59:35:
14:2d:be:51:13:21:b0:df:b4:0e:65:82:4d:6f:c0:c8:84:64:
e6:19:3b:f6:32:42:24:42:f0:2e:3a:eb:b1:41:b8:85:01:72:
53:99:1f:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwjKNe1ledDaN3mJiSO3MkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjZhYzRhZmFmZDI2OTg4MWMxMGFkMmVjYTJmNGRlZjhl
ZGJkMjEwHhcNMjMwMTAyMDMzNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZiYzAxOGM2MjQ5NDQ2YmQyNzAyOTVkODJmY2ZmMzg2ZmI0NTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVnilJwkMbtNduKqcZPwyVlAUdWY
/mI89Ead97b9tsW2Ug+mXwxDFhF3kX9oAxfZHfJBndbvC2IdYFfAdAR6X4mKKWqR
LDFz55aZYqdxvi/T1WxX1LVBMpm75ZDtwmsiLGTn2sIznWSeFsWGxksDIpXy6Eik
8+DBH55E+2N8+8NIs+Yk6isuZsXzx2MmMIRrjYv5/uQ+johwPLpss0UsOvVob3QZ
cJvOl1DhoWL+HvE7fOdrIltJ+34zadEKEN8WM2DFXJ/PD4oc3I9fP5N8i0RGCkY0
NIK7oLQAsrIb2MGD2aY150dBo0kRpNjRbMMF3FbChszv1pq5ER3hf4vqZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDD7wBjGJJRGvScCldgvz/OG+0VRMB8GA1UdIwQY
MBaAFEEmrEr6/SaYgcEK0uyi9N747b0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEt
YzM5OWJlMDMxYjRhLzEvTVB2QUdNWWtsRWE5SndLVjJDX1A4NGI3UlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEtYzM5OWJlMDMxYjRh
LzEvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVdGkAwQA
W9DHMA0GCSqGSIb3DQEBCwUAA4IBAQAnyqSiuc9rSOT6qwM8F/7iI44/BWY0tgeY
kpYsqnrvHLIyPb4lsRGQ4ZuRFjLYVCF//1K8eiD0BtWQplWonRUL52g1eqFI1VHI
x1VY/DPxyzouRY1wPrlzCc0DpH+WMvG2+Fj/e6qRQ6uI9U31R9dsY7dPfvIAUHGi
3qaknP7pq+hksUU2IgVMfJMNml1Aa6oFVKSNqZLiubl+4XHNirSGHd6tyBZsrckt
19gjumQ6qL+4V9SdLxxMhiiN9gib4nRG3qd5oGg03EdHK4TzAeKJPQkvfN8jWTUU
Lb5REyGw37QOZYJNb8DIhGTmGTv2MkIkQvAuOuuxQbiFAXJTmR/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org