Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/Mc_NgDxtWYL_0Nt4MTD41Tapi8w.roa
File: Mc_NgDxtWYL_0Nt4MTD41Tapi8w.roa (raw, json)
Hash identifier: iA1RYLLWLG5iuy0QZsIvn/Sx3v4BpyNl/2frWPtFDdM=
Subject key identifier: 31:CF:CD:80:3C:6D:59:82:FF:D0:DB:78:31:30:F8:D5:36:A9:8B:CC
Certificate issuer: /CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Certificate serial: 018CC56EA11AE7393EF9204AD6DB6FB53279
Authority key identifier: 9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/Mc_NgDxtWYL_0Nt4MTD41Tapi8w.roa
Signing time: Mon 01 Jan 2024 14:30:10 +0000
ROA not before: Mon 01 Jan 2024 14:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60533
IP address blocks: 185.29.156.0/23 maxlen: 23
185.29.156.0/22 maxlen: 24
185.29.158.0/23 maxlen: 23
2a00:a8a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 15 Jan 2024 11:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a1:1a:e7:39:3e:f9:20:4a:d6:db:6f:b5:32:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ad6bf12ad5a29327bc6f7b66026f054686cd959
Validity
Not Before: Jan 1 14:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31cfcd803c6d5982ffd0db783130f8d536a98bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a8:de:11:d0:c1:cc:c3:20:f4:f6:78:69:ae:
83:d4:9e:36:e3:51:3b:e0:64:0f:f4:68:47:3c:2b:
aa:6b:af:3e:4d:f2:ce:8c:26:a0:c5:c5:5e:51:40:
19:b4:a9:39:19:25:20:1e:28:d6:f4:83:e9:fb:72:
0a:da:41:41:15:db:f6:a4:bd:c0:b5:2c:b3:7f:83:
23:f5:e4:2a:7a:0b:db:d2:6f:43:47:f2:73:12:0b:
72:28:59:59:fd:af:57:83:be:41:8b:76:a2:99:9c:
49:4a:3b:a4:81:d4:64:30:ee:68:d6:11:fb:27:3a:
89:62:62:b0:63:e4:1b:d5:e0:37:89:b7:12:fd:99:
9c:1f:27:bd:1d:d1:19:17:3b:5e:b7:a7:d8:03:c6:
9a:2f:06:93:07:40:7e:77:6e:e0:d3:c9:cb:82:ee:
d9:df:8b:73:4f:3d:19:df:a9:ea:1a:8a:a4:9b:55:
b1:6d:d2:f5:56:87:c3:a1:4d:0e:36:7b:22:75:96:
1b:91:87:b4:43:2d:c3:b9:43:45:b8:c8:61:78:ef:
14:04:43:b1:b9:62:69:75:4f:c9:d4:e3:83:75:32:
74:f1:a4:55:f9:23:2b:d3:d5:42:72:a0:a0:9d:14:
db:45:12:fe:d6:89:72:fd:09:62:a5:60:26:58:6d:
ba:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CF:CD:80:3C:6D:59:82:FF:D0:DB:78:31:30:F8:D5:36:A9:8B:CC
X509v3 Authority Key Identifier:
keyid:9A:D6:BF:12:AD:5A:29:32:7B:C6:F7:B6:60:26:F0:54:68:6C:D9:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/Mc_NgDxtWYL_0Nt4MTD41Tapi8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/c0ea88-7592-4e84-9a9a-4335670f6b7e/1/mta_Eq1aKTJ7xve2YCbwVGhs2Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.156.0/22
IPv6:
2a00:a8a0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:7a:cd:f0:77:a3:bb:d8:f9:ff:4f:76:67:c1:6e:39:8d:78:
13:1b:81:25:82:29:aa:d2:97:2e:25:1f:c2:3b:e7:1e:4b:21:
41:e7:ab:28:ed:98:78:79:cd:0b:9e:8c:80:83:84:dc:8c:07:
ef:54:74:ab:7a:90:8b:b3:38:fc:61:27:68:d4:23:d6:c9:65:
ac:65:6b:b9:65:7a:75:45:41:52:ea:9d:48:ba:93:3a:f0:01:
5c:52:8b:3b:1a:6d:77:38:1f:ff:a0:57:65:a0:0a:39:9a:68:
7f:a2:31:63:64:e0:99:6b:c0:f5:a1:a7:27:d6:06:2a:2e:ac:
bf:79:77:ce:70:7d:c5:95:5e:6f:4c:64:44:fe:72:82:a8:77:
8c:18:15:d8:25:81:d6:56:35:1e:58:0e:b8:c7:bd:90:17:de:
70:70:10:bc:f3:09:31:de:6b:3b:19:27:a9:89:cb:89:74:dd:
0a:97:1c:fc:af:f6:ba:62:7b:b0:a7:c4:7a:ab:bb:d9:ba:b3:
10:6c:22:92:17:3e:09:89:69:a7:c0:2b:d0:2f:7f:5c:cb:f2:
f3:2e:f2:b4:c7:17:29:38:08:90:9d:1c:05:ff:f9:b3:14:a5:
ed:1a:0f:6b:a1:13:00:08:58:2e:e5:0b:fc:86:14:e1:f0:17:
72:94:ee:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbqEa5zk++SBK1ttvtTJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZDZiZjEyYWQ1YTI5MzI3YmM2ZjdiNjYwMjZmMDU0Njg2
Y2Q5NTkwHhcNMjQwMTAxMTQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNmY2Q4MDNjNmQ1OTgyZmZkMGRiNzgzMTMwZjhkNTM2YTk4YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKjeEdDBzMMg9PZ4aa6D1J4241E7
4GQP9GhHPCuqa68+TfLOjCagxcVeUUAZtKk5GSUgHijW9IPp+3IK2kFBFdv2pL3A
tSyzf4Mj9eQqegvb0m9DR/JzEgtyKFlZ/a9Xg75Bi3aimZxJSjukgdRkMO5o1hH7
JzqJYmKwY+Qb1eA3ibcS/ZmcHye9HdEZFztet6fYA8aaLwaTB0B+d27g08nLgu7Z
34tzTz0Z36nqGoqkm1WxbdL1VofDoU0ONnsidZYbkYe0Qy3DuUNFuMhheO8UBEOx
uWJpdU/J1OODdTJ08aRV+SMr09VCcqCgnRTbRRL+1oly/QlipWAmWG26SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDHPzYA8bVmC/9DbeDEw+NU2qYvMMB8GA1UdIwQY
MBaAFJrWvxKtWikye8b3tmAm8FRobNlZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEt
NDMzNTY3MGY2YjdlLzEvTWNfTmdEeHRXWUxfME50NE1URDQxVGFwaTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9jMGVhODgtNzU5Mi00ZTg0LTlhOWEtNDMzNTY3MGY2Yjdl
LzEvbXRhX0VxMWFLVEo3eHZlMllDYndWR2hzMlZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR2cMA0E
AgACMAcDBQAqAKigMA0GCSqGSIb3DQEBCwUAA4IBAQCaes3wd6O72Pn/T3ZnwW45
jXgTG4Elgimq0pcuJR/CO+ceSyFB56so7Zh4ec0LnoyAg4TcjAfvVHSrepCLszj8
YSdo1CPWyWWsZWu5ZXp1RUFS6p1IupM68AFcUos7Gm13OB//oFdloAo5mmh/ojFj
ZOCZa8D1oacn1gYqLqy/eXfOcH3FlV5vTGRE/nKCqHeMGBXYJYHWVjUeWA64x72Q
F95wcBC88wkx3ms7GSepicuJdN0Klxz8r/a6Ynuwp8R6q7vZurMQbCKSFz4JiWmn
wCvQL39cy/LzLvK0xxcpOAiQnRwF//mzFKXtGg9roRMACFgu5Qv8hhTh8BdylO5S
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:17 2024 by rpki-client on console-fra.rpki-client.org