Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/MWcWD2B3lhRn7MpZNkHWJmEuVdo.roa
File: MWcWD2B3lhRn7MpZNkHWJmEuVdo.roa (raw, json)
Hash identifier: ihRWytImvuF7jte7AvSeQ4I2MOP/uSGRvaCe7i6G0eI=
Subject key identifier: 31:67:16:0F:60:77:96:14:67:EC:CA:59:36:41:D6:26:61:2E:55:DA
Certificate issuer: /CN=d518bf60d1ef4c76cd07a53f7ec683771aab5cfd
Certificate serial: 018C342F90FEBC3016F42825984B644C66AB
Authority key identifier: D5:18:BF:60:D1:EF:4C:76:CD:07:A5:3F:7E:C6:83:77:1A:AB:5C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/MWcWD2B3lhRn7MpZNkHWJmEuVdo.roa
Signing time: Mon 04 Dec 2023 09:36:21 +0000
ROA not before: Mon 04 Dec 2023 09:36:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199419
IP address blocks: 185.16.237.0/24 maxlen: 24
185.16.238.0/24 maxlen: 24
185.16.239.0/24 maxlen: 24
185.16.236.0/24 maxlen: 24
2a03:df40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:2f:90:fe:bc:30:16:f4:28:25:98:4b:64:4c:66:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d518bf60d1ef4c76cd07a53f7ec683771aab5cfd
Validity
Not Before: Dec 4 09:36:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3167160f6077961467ecca593641d626612e55da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cb:db:fe:01:b9:eb:67:28:99:3f:cd:f3:12:
4d:63:36:ad:cd:6d:78:a7:54:eb:f1:7b:a3:4c:35:
a1:c7:38:d4:01:ee:56:7e:10:cd:59:7a:ed:e6:22:
f3:f5:69:f9:97:f3:33:8a:75:ad:11:85:e5:27:f3:
a0:ae:83:cf:90:7d:2b:4e:4f:a8:78:b8:35:26:b6:
ce:96:73:a6:c3:8c:75:7d:d8:0e:fe:81:ed:6c:ef:
57:47:49:16:3a:95:24:65:f0:dc:2e:7f:7b:3f:e9:
9a:0b:78:22:29:fd:ca:07:4b:cb:cb:cf:27:e4:3c:
20:1f:e4:29:76:aa:b8:58:d4:6a:42:67:06:c0:c2:
ee:b9:ce:df:1d:76:a4:90:4b:ef:0f:db:c9:20:40:
9e:d5:9a:62:ae:ba:3c:64:bd:74:23:e4:46:ad:bb:
9f:9b:8c:8e:ef:27:74:c2:43:72:89:95:66:8e:6f:
46:c0:cb:d5:1b:fc:de:21:09:bf:fe:a4:8a:b4:f8:
c9:e8:1c:fe:54:cb:37:44:a8:82:6c:af:06:60:83:
74:06:ab:df:e0:5f:84:7c:7f:fd:ec:39:73:40:64:
8a:87:e0:f8:42:73:8c:d2:88:cc:3c:aa:66:9e:e1:
7b:b8:1f:43:25:72:bc:47:77:be:9e:08:10:99:a5:
6c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:67:16:0F:60:77:96:14:67:EC:CA:59:36:41:D6:26:61:2E:55:DA
X509v3 Authority Key Identifier:
keyid:D5:18:BF:60:D1:EF:4C:76:CD:07:A5:3F:7E:C6:83:77:1A:AB:5C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/MWcWD2B3lhRn7MpZNkHWJmEuVdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/5bfdb5-4824-402c-b39b-24488b27ca41/1/1Ri_YNHvTHbNB6U_fsaDdxqrXP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.236.0/22
IPv6:
2a03:df40::/32
Signature Algorithm: sha256WithRSAEncryption
04:5b:53:6b:bf:9b:e6:6e:2a:4d:e5:2a:48:6c:ad:6d:5d:d4:
ed:9c:02:13:e5:0f:ab:6a:3a:fe:dc:9c:65:2e:4c:71:a3:3f:
08:06:0d:97:b9:f3:3e:2b:82:37:e6:d8:f5:6d:2f:5d:8d:ca:
c6:2e:dc:20:2d:a7:7a:01:6d:70:81:8f:43:9c:87:41:6a:15:
08:8e:b7:41:8b:4a:00:76:a2:bb:82:de:1d:4b:28:72:fb:a4:
ef:15:8f:15:78:18:36:7c:9a:4d:2c:3a:12:af:9c:d2:35:3e:
c2:4f:cd:7d:22:ff:d6:2d:e4:e5:61:85:de:b4:a9:e7:38:96:
03:3c:77:11:ca:b5:a2:45:96:72:2a:26:0b:bf:4e:49:de:56:
2c:12:6b:84:29:d9:5f:d5:2d:61:12:ff:5f:ef:44:d4:c8:a9:
1f:e6:41:1c:83:c7:0f:72:48:21:0c:8e:94:e3:5a:7f:13:8f:
d9:4f:f0:51:d6:06:d0:4d:84:d2:99:68:29:f4:5d:28:00:85:
3a:aa:ff:59:0d:31:b1:e3:ef:39:e5:0a:ab:13:a3:d7:e7:6d:
0f:30:7c:97:4c:f3:87:05:08:78:2a:af:45:85:1b:6b:db:05:
f1:bb:14:d8:bf:0d:94:fa:b9:01:fd:84:fb:ff:92:00:a1:e7:
13:eb:c8:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYw0L5D+vDAW9CglmEtkTGarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MThiZjYwZDFlZjRjNzZjZDA3YTUzZjdlYzY4Mzc3MWFh
YjVjZmQwHhcNMjMxMjA0MDkzNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY3MTYwZjYwNzc5NjE0NjdlY2NhNTkzNjQxZDYyNjYxMmU1NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksvb/gG562comT/N8xJNYzatzW14
p1Tr8XujTDWhxzjUAe5WfhDNWXrt5iLz9Wn5l/MzinWtEYXlJ/OgroPPkH0rTk+o
eLg1JrbOlnOmw4x1fdgO/oHtbO9XR0kWOpUkZfDcLn97P+maC3giKf3KB0vLy88n
5DwgH+Qpdqq4WNRqQmcGwMLuuc7fHXakkEvvD9vJIECe1Zpirro8ZL10I+RGrbuf
m4yO7yd0wkNyiZVmjm9GwMvVG/zeIQm//qSKtPjJ6Bz+VMs3RKiCbK8GYIN0Bqvf
4F+EfH/97DlzQGSKh+D4QnOM0ojMPKpmnuF7uB9DJXK8R3e+nggQmaVsYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDFnFg9gd5YUZ+zKWTZB1iZhLlXaMB8GA1UdIwQY
MBaAFNUYv2DR70x2zQelP37Gg3caq1z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVJpX1lOSHZUSGJOQjZVX2ZzYURkeHFyWFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS81YmZkYjUtNDgyNC00MDJjLWIzOWIt
MjQ0ODhiMjdjYTQxLzEvTVdjV0QyQjNsaFJuN01wWk5rSFdKbUV1VmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS81YmZkYjUtNDgyNC00MDJjLWIzOWItMjQ0ODhiMjdjYTQx
LzEvMVJpX1lOSHZUSGJOQjZVX2ZzYURkeHFyWFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRDsMA0E
AgACMAcDBQAqA99AMA0GCSqGSIb3DQEBCwUAA4IBAQAEW1Nrv5vmbipN5SpIbK1t
XdTtnAIT5Q+rajr+3JxlLkxxoz8IBg2XufM+K4I35tj1bS9djcrGLtwgLad6AW1w
gY9DnIdBahUIjrdBi0oAdqK7gt4dSyhy+6TvFY8VeBg2fJpNLDoSr5zSNT7CT819
Iv/WLeTlYYXetKnnOJYDPHcRyrWiRZZyKiYLv05J3lYsEmuEKdlf1S1hEv9f70TU
yKkf5kEcg8cPckghDI6U41p/E4/ZT/BR1gbQTYTSmWgp9F0oAIU6qv9ZDTGx4+85
5QqrE6PX520PMHyXTPOHBQh4Kq9FhRtr2wXxuxTYvw2U+rkB/YT7/5IAoecT68jW
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:02:44 2024 by rpki-client on console.sobornost.net