Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pk0MHANZyKei7cL6Dl-OwoopFE8.roa
File: pk0MHANZyKei7cL6Dl-OwoopFE8.roa (raw, json)
Hash identifier: 5+wKeUWyzeOWxj+xJ1CL6M41SYtTIQ5Y21yHLliB/l4=
Subject key identifier: A6:4D:0C:1C:03:59:C8:A7:A2:ED:C2:FA:0E:5F:8E:C2:8A:29:14:4F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018FE29244C324F474547B00F63F90428B68
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pk0MHANZyKei7cL6Dl-OwoopFE8.roa
Signing time: Tue 04 Jun 2024 09:26:27 +0000
ROA not before: Tue 04 Jun 2024 09:26:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.115.9.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
103.25.86.0/23 maxlen: 24
188.214.236.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Jun 2024 11:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:92:44:c3:24:f4:74:54:7b:00:f6:3f:90:42:8b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 4 09:26:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a64d0c1c0359c8a7a2edc2fa0e5f8ec28a29144f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d4:63:a9:ef:c9:2b:3e:e4:a6:e2:cc:80:c0:
54:16:58:1d:81:8e:42:24:75:6d:8c:e7:58:a1:fa:
39:0f:d9:bd:72:8f:cf:46:15:2b:d1:23:24:e2:d1:
a6:fd:65:ad:be:e2:2b:ca:0b:d7:42:ab:31:b3:09:
d7:19:5b:2f:f6:1f:39:62:c4:99:04:0f:32:21:f0:
1b:22:78:bb:32:83:70:e4:fa:07:f6:9b:fe:06:0d:
0b:25:cf:b8:97:63:19:d3:ca:fa:88:3b:67:9e:31:
ea:08:f7:c3:33:36:0d:8d:31:95:66:65:57:53:fe:
49:27:5f:b4:12:fa:cf:f7:85:3f:1e:38:ce:df:b7:
43:74:29:53:c7:de:66:25:d2:de:2b:26:84:27:61:
e1:91:70:a3:bd:fe:21:8c:5a:52:bc:98:c5:8a:e2:
27:5d:e4:22:7d:db:1a:92:1b:9b:25:5b:bf:cc:3e:
f3:a9:26:83:ce:f8:4b:6a:27:33:65:de:40:d8:2c:
4e:c8:58:9a:0e:8a:d1:0c:86:65:a1:20:57:5e:12:
23:f5:fc:d2:60:7f:bf:5d:5d:84:3b:bd:d0:e7:07:
c0:84:24:72:e0:4c:e2:b8:4a:07:8c:f2:2e:d2:f1:
5d:e9:26:c7:89:11:23:56:31:1b:b9:cc:28:45:cf:
32:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4D:0C:1C:03:59:C8:A7:A2:ED:C2:FA:0E:5F:8E:C2:8A:29:14:4F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/pk0MHANZyKei7cL6Dl-OwoopFE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.9.0/24
89.251.10.0/24
103.25.86.0/23
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
43:b1:ac:4c:3c:da:ae:c5:a9:3b:dc:1e:0a:66:0b:18:24:cd:
99:d6:4c:87:ec:26:7d:0f:66:f3:51:b5:79:8e:c1:c4:98:d8:
a4:0c:a5:8a:bd:00:7b:47:a7:12:73:3d:fd:8e:a7:80:50:89:
d6:2a:bd:47:84:5c:75:7a:e9:1e:56:58:98:93:88:33:d2:0d:
ae:4b:28:47:84:4b:d0:33:73:ab:73:ea:5d:b1:99:f2:3f:37:
bb:bd:35:d9:55:34:0c:5f:45:fc:f7:a5:3e:d1:69:e9:e8:bd:
e0:65:c2:8e:10:71:7d:91:47:b7:d2:3f:4c:6f:9f:73:33:bf:
a9:81:b6:c8:53:00:9d:97:78:e0:00:fd:5c:29:5a:f2:95:07:
f2:80:94:7c:9a:c2:28:cb:59:80:e9:28:84:cb:5a:4f:a0:60:
07:30:cb:1f:21:76:de:cf:b5:d2:d8:bc:9c:68:f0:4e:46:ad:
85:8b:7d:27:02:a7:dc:8e:68:e2:37:ba:84:59:90:aa:ed:fc:
a8:aa:e6:b6:83:bf:5a:4c:43:52:9a:f7:30:33:f3:3e:22:b4:
d8:e0:e2:53:b2:64:93:90:ea:66:ab:a2:a7:a5:c6:86:69:e3:
b2:ca:be:23:80:53:64:09:3b:49:f4:23:e3:1b:9d:f5:44:b6:
20:d2:1a:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY/ikkTDJPR0VHsA9j+QQotoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjA0MDkyNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjRkMGMxYzAzNTljOGE3YTJlZGMyZmEwZTVmOGVjMjhhMjkxNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNRjqe/JKz7kpuLMgMBUFlgdgY5C
JHVtjOdYofo5D9m9co/PRhUr0SMk4tGm/WWtvuIrygvXQqsxswnXGVsv9h85YsSZ
BA8yIfAbIni7MoNw5PoH9pv+Bg0LJc+4l2MZ08r6iDtnnjHqCPfDMzYNjTGVZmVX
U/5JJ1+0EvrP94U/HjjO37dDdClTx95mJdLeKyaEJ2HhkXCjvf4hjFpSvJjFiuIn
XeQifdsakhubJVu/zD7zqSaDzvhLaiczZd5A2CxOyFiaDorRDIZloSBXXhIj9fzS
YH+/XV2EO73Q5wfAhCRy4EziuEoHjPIu0vFd6SbHiREjVjEbucwoRc8ylQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKZNDBwDWcinou3C+g5fjsKKKRRPMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcGswTUhBTlp5S2VpN2NMNkRsLU93b29wRkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAUnMJAwQA
WfsKAwQBZxlWAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0GCSqGSIb3DQEBCwUA
A4IBAQBDsaxMPNquxak73B4KZgsYJM2Z1kyH7CZ9D2bzUbV5jsHEmNikDKWKvQB7
R6cScz39jqeAUInWKr1HhFx1eukeVliYk4gz0g2uSyhHhEvQM3Orc+pdsZnyPze7
vTXZVTQMX0X896U+0Wnp6L3gZcKOEHF9kUe30j9Mb59zM7+pgbbIUwCdl3jgAP1c
KVrylQfygJR8msIoy1mA6SiEy1pPoGAHMMsfIXbez7XS2LycaPBORq2Fi30nAqfc
jmjiN7qEWZCq7fyoqua2g79aTENSmvcwM/M+IrTY4OJTsmSTkOpmq6KnpcaGaeOy
yr4jgFNkCTtJ9CPjG531RLYg0hqY
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:48 2024 by rpki-client on console-ams.rpki-client.org