Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MWGec5vKk9DaoRBOhUiycMNSq5k.roa
File: MWGec5vKk9DaoRBOhUiycMNSq5k.roa (raw, json)
Hash identifier: nMvgRj4jBy2Dklzoz2M9aI6IB4SjHXeThGslqwW5pQ8=
Subject key identifier: 31:61:9E:73:9B:CA:93:D0:DA:A1:10:4E:85:48:B2:70:C3:52:AB:99
Certificate issuer: /CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Certificate serial: 018CA595AA9D24C0DCF2F38AFE4B9CBC892B
Authority key identifier: E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MWGec5vKk9DaoRBOhUiycMNSq5k.roa
Signing time: Tue 26 Dec 2023 10:04:58 +0000
ROA not before: Tue 26 Dec 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 212.26.37.0/24 maxlen: 24
212.26.38.0/24 maxlen: 24
212.26.36.0/24 maxlen: 24
212.26.42.0/24 maxlen: 24
212.26.40.0/24 maxlen: 24
212.26.41.0/24 maxlen: 24
212.26.39.0/24 maxlen: 24
212.26.45.0/24 maxlen: 24
91.229.52.0/22 maxlen: 22
212.26.0.0/17 maxlen: 17
212.26.6.0/23 maxlen: 24
212.26.7.0/24 maxlen: 24
212.26.8.0/24 maxlen: 24
212.26.16.0/24 maxlen: 24
212.26.17.0/24 maxlen: 24
212.26.19.0/24 maxlen: 24
212.26.20.0/24 maxlen: 24
212.26.18.0/24 maxlen: 24
212.26.23.0/24 maxlen: 24
212.26.21.0/24 maxlen: 24
212.26.22.0/24 maxlen: 24
212.26.24.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 10:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:95:aa:9d:24:c0:dc:f2:f3:8a:fe:4b:9c:bc:89:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e84df52af460ca6fa8c923a49f5cb795ea6707f7
Validity
Not Before: Dec 26 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31619e739bca93d0daa1104e8548b270c352ab99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:33:2f:72:23:c6:8d:f6:9f:de:30:d2:3a:9e:
5e:92:c3:8e:25:07:05:33:fa:c8:e1:23:b8:c7:9a:
53:a4:5e:c8:4e:f6:fb:10:93:8e:fb:c3:05:99:6f:
70:db:e6:e2:23:b9:76:d8:1a:74:c5:89:3a:4e:44:
f1:ec:01:cc:03:e8:0b:40:7d:16:8a:c2:3d:f1:6a:
97:37:2b:29:e1:8f:81:6e:13:f1:9a:94:12:d8:08:
44:55:71:5d:f8:b6:ef:0a:1f:4f:d6:1d:3b:3c:22:
03:ec:ef:db:9d:e4:16:7b:4b:2d:2e:40:4e:99:b9:
78:44:81:42:4a:72:9c:c8:a1:04:af:fc:95:82:f8:
5f:97:86:62:db:77:d5:b3:30:ca:a1:33:36:e0:ea:
0a:8b:67:12:fb:a8:83:3f:8e:26:ba:6e:fe:16:85:
d2:13:eb:6b:02:1f:1f:ea:66:a9:c9:35:04:19:54:
49:0c:3e:db:3e:e4:83:b2:3a:4d:3c:b6:a1:d3:e6:
31:a1:d3:e9:96:f5:e4:5e:1d:cb:c8:55:ab:04:6d:
ed:a7:b8:4f:39:c9:8c:52:40:b9:ff:ad:33:bb:73:
7d:1c:69:73:d8:63:58:ad:b0:e1:f1:82:1e:00:b6:
ae:5a:9e:04:d8:59:6c:71:80:53:16:fd:87:b6:c2:
ee:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:61:9E:73:9B:CA:93:D0:DA:A1:10:4E:85:48:B2:70:C3:52:AB:99
X509v3 Authority Key Identifier:
keyid:E8:4D:F5:2A:F4:60:CA:6F:A8:C9:23:A4:9F:5C:B7:95:EA:67:07:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6E31KvRgym-oySOkn1y3lepnB_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/MWGec5vKk9DaoRBOhUiycMNSq5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be692b-7932-4554-8c15-94c2fda39ead/1/6E31KvRgym-oySOkn1y3lepnB_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.52.0/22
212.26.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ae:b2:b2:78:6d:56:34:98:65:af:a7:06:5e:50:c2:bc:75:c7:
d0:b5:6b:2f:17:aa:9c:d3:e1:ec:7d:c2:4b:19:02:49:5f:5b:
56:d4:fb:92:6e:c7:7e:a7:61:6c:8f:ee:91:b1:f9:7a:77:ed:
a9:33:45:8c:c7:be:3f:9a:76:eb:2c:19:4b:86:e9:ee:5b:a0:
3b:e8:fa:64:c7:f0:ee:55:62:b7:8b:80:45:78:c3:aa:4b:98:
b8:68:22:55:df:11:57:0d:50:ab:7d:ae:6a:14:fb:d1:ef:4d:
bb:69:6e:00:13:4c:e8:3e:ce:eb:17:e7:4b:06:eb:78:53:21:
02:0b:2f:44:7a:0d:92:a7:43:49:4d:83:be:f8:03:11:c2:2c:
8b:fc:fc:a6:bd:ec:90:90:fe:ae:32:a2:b7:92:9f:c6:0d:b4:
34:27:ef:34:4e:c1:80:61:dd:75:06:ef:ec:66:a9:82:8d:8e:
f8:b6:d1:4a:e3:df:21:6b:3a:1f:4a:db:f3:65:ad:78:5f:0d:
34:65:a3:ae:47:cc:30:9e:15:e6:0b:8c:4c:2c:cb:04:dd:9f:
ec:f8:98:a0:b7:60:df:75:59:29:38:53:d8:0c:ed:cf:b6:b2:
bc:b6:c2:59:4a:51:9f:24:5c:a4:4b:8e:35:ec:da:85:cc:18:
f7:82:0b:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyllaqdJMDc8vOK/kucvIkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NGRmNTJhZjQ2MGNhNmZhOGM5MjNhNDlmNWNiNzk1ZWE2
NzA3ZjcwHhcNMjMxMjI2MTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYxOWU3MzliY2E5M2QwZGFhMTEwNGU4NTQ4YjI3MGMzNTJhYjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDMvciPGjfaf3jDSOp5eksOOJQcF
M/rI4SO4x5pTpF7ITvb7EJOO+8MFmW9w2+biI7l22Bp0xYk6TkTx7AHMA+gLQH0W
isI98WqXNysp4Y+BbhPxmpQS2AhEVXFd+LbvCh9P1h07PCID7O/bneQWe0stLkBO
mbl4RIFCSnKcyKEEr/yVgvhfl4Zi23fVszDKoTM24OoKi2cS+6iDP44mum7+FoXS
E+trAh8f6mapyTUEGVRJDD7bPuSDsjpNPLah0+YxodPplvXkXh3LyFWrBG3tp7hP
OcmMUkC5/60zu3N9HGlz2GNYrbDh8YIeALauWp4E2FlscYBTFv2HtsLunwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDFhnnObypPQ2qEQToVIsnDDUquZMB8GA1UdIwQY
MBaAFOhN9Sr0YMpvqMkjpJ9ct5XqZwf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUt
OTRjMmZkYTM5ZWFkLzEvTVdHZWM1dktrOURhb1JCT2hVaXljTU5TcTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY5MmItNzkzMi00NTU0LThjMTUtOTRjMmZkYTM5ZWFk
LzEvNkUzMUt2Umd5bS1veVNPa24xeTNsZXBuQl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+U0AwQH
1BoAMA0GCSqGSIb3DQEBCwUAA4IBAQCusrJ4bVY0mGWvpwZeUMK8dcfQtWsvF6qc
0+HsfcJLGQJJX1tW1PuSbsd+p2Fsj+6Rsfl6d+2pM0WMx74/mnbrLBlLhunuW6A7
6Ppkx/DuVWK3i4BFeMOqS5i4aCJV3xFXDVCrfa5qFPvR7027aW4AE0zoPs7rF+dL
But4UyECCy9Eeg2Sp0NJTYO++AMRwiyL/PymveyQkP6uMqK3kp/GDbQ0J+80TsGA
Yd11Bu/sZqmCjY74ttFK498hazofStvzZa14Xw00ZaOuR8wwnhXmC4xMLMsE3Z/s
+Jigt2DfdVkpOFPYDO3PtrK8tsJZSlGfJFykS4417NqFzBj3ggtj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:04 2024 by rpki-client on console-ams.rpki-client.org