Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mgJa_1S9FFZdaXKsgbqyzsEuZsA.roa
File: mgJa_1S9FFZdaXKsgbqyzsEuZsA.roa (raw, json)
Hash identifier: j7kU8BuIkyQRjTM5iJ4chghxX7EXlbJHpbNAI6mxOT4=
Subject key identifier: 9A:02:5A:FF:54:BD:14:56:5D:69:72:AC:81:BA:B2:CE:C1:2E:66:C0
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018571E7AC70450D76EBF2B0BF464D3CF2C9
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mgJa_1S9FFZdaXKsgbqyzsEuZsA.roa
Signing time: Mon 02 Jan 2023 09:54:46 +0000
ROA not before: Mon 02 Jan 2023 09:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204168
IP address blocks: 92.52.204.0/22 maxlen: 22
185.38.124.0/22 maxlen: 22
185.93.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e7:ac:70:45:0d:76:eb:f2:b0:bf:46:4d:3c:f2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 2 09:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a025aff54bd14565d6972ac81bab2cec12e66c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7e:63:72:7b:3f:1e:8e:49:de:79:d1:90:b5:
69:29:b4:58:2c:6a:c4:2a:b3:e9:a0:5d:f2:ea:52:
67:9f:7e:f1:5c:42:9f:e4:6a:5d:83:6b:b0:8e:38:
86:98:e8:77:fb:ab:66:2a:58:c9:fd:0e:cb:0c:13:
80:e9:64:d4:20:26:8b:4a:d7:c0:bb:86:1d:16:46:
b2:0d:70:b3:4c:cb:15:0c:77:0c:08:43:52:21:ef:
a0:5a:09:26:65:ab:0b:f8:3c:12:4e:07:3b:42:e6:
b6:58:d0:1b:be:73:1f:26:73:29:ce:e6:97:14:7b:
3a:d4:64:26:ef:c8:30:11:45:98:4a:b1:73:9e:a2:
53:a8:fe:08:dd:78:d6:69:a9:af:d6:6c:89:30:fc:
d0:e6:3a:a6:80:b8:57:82:40:cb:78:b7:0b:29:54:
a8:00:13:e2:e4:33:30:cc:98:84:62:4a:e6:b9:96:
7a:cd:c9:a4:ae:1a:56:3d:07:46:4e:c1:09:dc:45:
99:d3:f0:1f:fc:9b:a5:22:a1:a4:56:7e:13:c7:ba:
0e:7b:76:e8:e3:4c:5e:13:b8:21:f2:59:60:b4:15:
73:54:8e:95:37:11:50:b3:49:67:74:9f:ed:ac:80:
53:d6:81:ea:e6:f0:9b:c7:db:f4:3d:3e:43:0f:c1:
c5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:02:5A:FF:54:BD:14:56:5D:69:72:AC:81:BA:B2:CE:C1:2E:66:C0
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/mgJa_1S9FFZdaXKsgbqyzsEuZsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.52.204.0/22
185.38.124.0/22
185.93.64.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:ad:7f:e5:ad:46:0d:9b:54:52:ce:ad:99:0f:09:50:6b:ba:
28:48:d6:f8:9a:bc:8d:92:de:75:29:56:b9:c6:73:7a:7a:20:
22:d0:6f:79:c5:2e:4d:e8:7d:e5:3b:a0:2a:5f:69:3d:05:58:
21:3b:e1:33:50:91:17:e5:f5:3e:c3:e5:bb:ca:22:b3:69:fe:
67:60:11:0d:78:72:33:4d:d3:6b:cf:7b:02:fa:aa:a1:da:43:
e9:5e:25:6a:75:80:d4:66:cf:c3:aa:bf:45:14:f2:9c:0b:bc:
a2:80:da:a4:74:be:6c:e0:83:db:7c:9d:2d:92:7c:83:72:f3:
cd:a0:76:58:f1:60:d9:69:f2:26:36:e6:70:07:28:8b:ec:c7:
ae:cd:29:1a:35:76:ef:1a:1b:33:60:6f:bd:3a:ab:c6:08:32:
ee:07:b2:09:63:bf:31:0d:43:63:58:af:f7:d7:cb:81:95:c7:
05:54:cb:eb:76:b8:f4:fc:c7:d4:d7:87:90:74:b1:1c:1f:ef:
82:1a:4d:61:0b:29:72:58:fa:72:37:8b:a9:ae:35:7b:f5:86:
8e:1d:2a:45:a0:ce:2d:49:f6:64:55:a0:58:fb:cf:47:06:26:
26:d7:9e:a3:64:b0:bf:86:9b:f3:de:d3:2a:17:cf:36:b2:74:
0e:45:7c:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx56xwRQ126/Kwv0ZNPPLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMTAyMDk1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAyNWFmZjU0YmQxNDU2NWQ2OTcyYWM4MWJhYjJjZWMxMmU2NmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH5jcns/Ho5J3nnRkLVpKbRYLGrE
KrPpoF3y6lJnn37xXEKf5Gpdg2uwjjiGmOh3+6tmKljJ/Q7LDBOA6WTUICaLStfA
u4YdFkayDXCzTMsVDHcMCENSIe+gWgkmZasL+DwSTgc7Qua2WNAbvnMfJnMpzuaX
FHs61GQm78gwEUWYSrFznqJTqP4I3XjWaamv1myJMPzQ5jqmgLhXgkDLeLcLKVSo
ABPi5DMwzJiEYkrmuZZ6zcmkrhpWPQdGTsEJ3EWZ0/Af/JulIqGkVn4Tx7oOe3bo
40xeE7gh8llgtBVzVI6VNxFQs0lndJ/trIBT1oHq5vCbx9v0PT5DD8HFOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJoCWv9UvRRWXWlyrIG6ss7BLmbAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvbWdKYV8xUzlGRlpkYVhLc2dicXl6c0V1WnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDTMAwQC
uSZ8AwQCuV1AMA0GCSqGSIb3DQEBCwUAA4IBAQA7rX/lrUYNm1RSzq2ZDwlQa7oo
SNb4mryNkt51KVa5xnN6eiAi0G95xS5N6H3lO6AqX2k9BVghO+EzUJEX5fU+w+W7
yiKzaf5nYBENeHIzTdNrz3sC+qqh2kPpXiVqdYDUZs/Dqr9FFPKcC7yigNqkdL5s
4IPbfJ0tknyDcvPNoHZY8WDZafImNuZwByiL7MeuzSkaNXbvGhszYG+9OqvGCDLu
B7IJY78xDUNjWK/318uBlccFVMvrdrj0/MfU14eQdLEcH++CGk1hCylyWPpyN4up
rjV79YaOHSpFoM4tSfZkVaBY+89HBiYm156jZLC/hpvz3tMqF882snQORXzr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:56 2024 by rpki-client on console-ams.rpki-client.org