Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/MNlnKhgmYYcAIRdoSCZjJWwLxf8.roa
File: MNlnKhgmYYcAIRdoSCZjJWwLxf8.roa (raw, json)
Hash identifier: HFYSJCjuSW9hUjIIKzwkWzOjSgVL/44xj40aH4SbBUw=
Subject key identifier: 30:D9:67:2A:18:26:61:87:00:21:17:68:48:26:63:25:6C:0B:C5:FF
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 0190C4B9923E547D1EC16B38B0A1B559A05A
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/MNlnKhgmYYcAIRdoSCZjJWwLxf8.roa
Signing time: Thu 18 Jul 2024 07:23:34 +0000
ROA not before: Thu 18 Jul 2024 07:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.88.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.124.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:e000::/35 maxlen: 35
Validation: Failed, certificate revoked on Fri 27 Sep 2024 15:03:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c4:b9:92:3e:54:7d:1e:c1:6b:38:b0:a1:b5:59:a0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jul 18 07:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d9672a1826618700211768482663256c0bc5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4f:d0:cc:3f:7b:4b:1b:aa:ad:e1:2a:02:c8:
18:c0:98:88:23:88:5a:b2:58:9e:b4:db:97:b1:96:
c1:1a:93:53:c9:2d:7e:6d:0a:ac:be:74:46:ae:e3:
e6:32:b8:f3:87:3b:cc:a0:21:a1:0f:90:05:fe:33:
18:e7:bd:45:07:17:ca:bf:c3:04:1b:9d:a7:5e:b2:
8e:bf:14:c1:6b:b7:21:4a:ed:33:c4:ea:b4:b9:65:
10:14:5a:75:e3:c3:c8:ba:95:f8:fe:2a:0b:ec:9a:
e4:8f:c9:7c:d0:fc:f0:78:c2:55:c4:d1:52:d8:6b:
3c:5e:3a:15:a3:cd:35:c6:18:d9:0e:40:e1:2b:b7:
95:92:30:b2:25:b7:39:58:4c:4f:65:47:c5:cf:44:
c2:29:6e:10:92:2d:3e:f4:58:df:d6:ed:16:7d:eb:
77:53:47:25:46:31:75:e3:f9:85:f1:09:5d:a4:20:
3a:f4:d8:a4:be:20:67:fc:0b:7b:96:6a:01:17:04:
f9:dd:5e:7c:6f:52:71:9d:9a:fb:01:0a:89:d2:67:
5e:e0:80:89:a8:10:55:90:13:71:e0:ee:34:4d:eb:
9d:76:91:46:59:74:7b:e0:3f:83:18:f8:60:bb:d5:
a1:41:da:9b:64:f6:8b:3b:43:43:62:b6:5c:02:4b:
63:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D9:67:2A:18:26:61:87:00:21:17:68:48:26:63:25:6C:0B:C5:FF
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/MNlnKhgmYYcAIRdoSCZjJWwLxf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
5b:05:aa:44:ec:cd:a3:bc:fe:93:82:7b:25:a6:77:cc:66:ec:
4d:f9:00:cb:b6:63:06:b9:98:74:14:79:c9:81:3b:b4:2c:38:
db:01:e1:0c:1d:e2:f2:08:9d:aa:3b:c5:74:42:99:12:61:ff:
30:cb:e2:d6:a5:f7:df:88:e0:60:30:5d:1e:a6:d9:14:02:a5:
de:08:cf:cc:16:3c:37:d6:f0:e5:26:27:b3:c9:ba:b2:0c:4e:
98:98:66:10:7e:a6:d8:0e:62:8f:7b:84:d8:81:13:f3:fb:c2:
26:8f:cc:aa:19:af:62:dd:10:a7:bc:44:6c:28:93:d9:0a:87:
c4:36:91:bb:b6:c6:e6:6c:69:1c:c7:82:b4:97:82:82:5d:21:
44:f0:2e:b5:d0:2b:71:71:1f:fa:d1:bc:5d:a2:4a:04:be:a6:
8d:77:49:dd:c2:ce:50:d1:1f:fc:31:a6:3e:26:cd:48:78:dc:
68:a4:bf:c6:02:c2:94:b6:86:15:cd:aa:67:f2:cf:eb:a8:39:
2f:a9:cb:99:8d:a1:a5:5a:40:7a:64:88:a4:f9:f7:e1:ee:1f:
67:95:0d:c2:98:9d:4c:62:83:3a:1f:f8:21:01:81:aa:e8:9b:
57:53:77:de:19:5a:2b:c0:7d:1e:b1:c5:66:3a:13:a4:c3:c3:
37:50:f3:42
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZDEuZI+VH0ewWs4sKG1WaBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjQwNzE4MDcyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ5NjcyYTE4MjY2MTg3MDAyMTE3Njg0ODI2NjMyNTZjMGJjNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU/QzD97SxuqreEqAsgYwJiII4ha
slietNuXsZbBGpNTyS1+bQqsvnRGruPmMrjzhzvMoCGhD5AF/jMY571FBxfKv8ME
G52nXrKOvxTBa7chSu0zxOq0uWUQFFp148PIupX4/ioL7Jrkj8l80PzweMJVxNFS
2Gs8XjoVo801xhjZDkDhK7eVkjCyJbc5WExPZUfFz0TCKW4Qki0+9Fjf1u0Wfet3
U0clRjF14/mF8QldpCA69NikviBn/At7lmoBFwT53V58b1JxnZr7AQqJ0mde4ICJ
qBBVkBNx4O40TeuddpFGWXR74D+DGPhgu9WhQdqbZPaLO0NDYrZcAktj1wIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDDZZyoYJmGHACEXaEgmYyVsC8X/MB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvTU5sbktoZ21ZWWNBSVJkb1NDWmpKV3dMeGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIf
DvgDBAIlnEgDBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZ
LCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAME
ArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAH
AwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAWwWqROzNo7z+k4J7JaZ3zGbsTfkA
y7ZjBrmYdBR5yYE7tCw42wHhDB3i8gidqjvFdEKZEmH/MMvi1qX334jgYDBdHqbZ
FAKl3gjPzBY8N9bw5SYns8m6sgxOmJhmEH6m2A5ij3uE2IET8/vCJo/MqhmvYt0Q
p7xEbCiT2QqHxDaRu7bG5mxpHMeCtJeCgl0hRPAutdArcXEf+tG8XaJKBL6mjXdJ
3cLOUNEf/DGmPibNSHjcaKS/xgLClLaGFc2qZ/LP66g5L6nLmY2hpVpAemSIpPn3
4e4fZ5UNwpidTGKDOh/4IQGBquibV1N33hlaK8B9HrHFZjoTpMPDN1DzQg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:37:42 2025 by rpki-client