Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/mGzkkZwT_npKhYOO-zsVq4ggcdk.roa
File: mGzkkZwT_npKhYOO-zsVq4ggcdk.roa (raw, json)
Hash identifier: Qd7BO9HoeMjWWmXqmXx/Wcbko9pkDdEkjqnrvDdmSQY=
Subject key identifier: 98:6C:E4:91:9C:13:FE:7A:4A:85:83:8E:FB:3B:15:AB:88:20:71:D9
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 018DC0EC832A15CD6351DB78311A4D8E2E1A
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/mGzkkZwT_npKhYOO-zsVq4ggcdk.roa
Signing time: Mon 19 Feb 2024 10:32:22 +0000
ROA not before: Mon 19 Feb 2024 10:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199081
IP address blocks: 5.172.192.0/20 maxlen: 20
5.172.192.0/22 maxlen: 22
5.172.192.0/24 maxlen: 24
5.172.193.0/24 maxlen: 24
5.172.194.0/24 maxlen: 24
5.172.195.0/24 maxlen: 24
5.172.196.0/22 maxlen: 22
5.172.196.0/24 maxlen: 24
5.172.197.0/24 maxlen: 24
5.172.198.0/24 maxlen: 24
5.172.199.0/24 maxlen: 24
5.172.200.0/22 maxlen: 22
5.172.201.0/24 maxlen: 24
5.172.202.0/24 maxlen: 24
5.172.203.0/24 maxlen: 24
5.172.204.0/22 maxlen: 22
5.172.204.0/24 maxlen: 24
5.172.205.0/24 maxlen: 24
5.172.206.0/24 maxlen: 24
45.66.185.0/24 maxlen: 24
45.66.186.0/24 maxlen: 24
45.66.187.0/24 maxlen: 24
91.193.60.0/22 maxlen: 22
91.193.60.0/24 maxlen: 24
91.193.61.0/24 maxlen: 24
91.193.62.0/24 maxlen: 24
91.193.63.0/24 maxlen: 24
109.68.144.0/21 maxlen: 21
109.68.144.0/24 maxlen: 24
109.68.145.0/24 maxlen: 24
109.68.147.0/24 maxlen: 24
109.68.149.0/24 maxlen: 24
109.68.150.0/24 maxlen: 24
109.68.151.0/24 maxlen: 24
178.21.168.0/21 maxlen: 21
178.21.168.0/22 maxlen: 22
178.21.168.0/24 maxlen: 24
178.21.169.0/24 maxlen: 24
178.21.170.0/24 maxlen: 24
178.21.171.0/24 maxlen: 24
178.21.172.0/22 maxlen: 22
178.21.172.0/24 maxlen: 24
178.21.173.0/24 maxlen: 24
178.21.174.0/24 maxlen: 24
178.21.175.0/24 maxlen: 24
185.70.76.0/22 maxlen: 22
185.70.76.0/24 maxlen: 24
185.70.77.0/24 maxlen: 24
185.70.78.0/23 maxlen: 23
185.70.78.0/24 maxlen: 24
185.70.79.0/24 maxlen: 24
185.118.125.0/24 maxlen: 24
185.168.36.0/22 maxlen: 22
185.168.38.0/23 maxlen: 23
185.168.38.0/24 maxlen: 24
185.168.39.0/24 maxlen: 24
185.205.96.0/22 maxlen: 22
185.205.96.0/24 maxlen: 24
185.205.97.0/24 maxlen: 24
185.205.98.0/24 maxlen: 24
185.205.99.0/24 maxlen: 24
2a02:4fc0::/32 maxlen: 32
2a02:4fc0:4000::/48 maxlen: 48
2a02:4fc0:4001::/48 maxlen: 48
2a02:4fc0:4100::/40 maxlen: 40
Validation: Failed, certificate revoked on Sun 03 Mar 2024 11:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:ec:83:2a:15:cd:63:51:db:78:31:1a:4d:8e:2e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Feb 19 10:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=986ce4919c13fe7a4a85838efb3b15ab882071d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b8:ee:da:00:48:72:3d:e8:4a:57:f4:1f:c3:
12:03:4d:7d:9b:fb:b3:3b:c0:fc:cd:c7:cd:05:49:
6e:28:74:57:d7:2e:f6:33:de:cb:1c:8c:00:75:19:
f4:35:ad:89:37:b7:4c:48:ce:a1:46:eb:f3:6f:7d:
5a:ec:8c:1d:c3:36:69:a1:39:7a:7b:8c:2d:4e:9b:
bc:b9:83:e5:c7:ab:bb:d8:d5:7c:8d:4d:5d:9a:38:
84:27:cc:53:50:17:7e:60:89:42:aa:46:21:02:4b:
dd:f9:60:82:d7:fd:d0:69:40:0b:b0:5a:b1:ec:fb:
97:5f:c5:cd:5c:8f:bd:08:e5:da:16:0e:fe:ea:a2:
1e:1c:5b:2c:0e:e1:4d:10:53:63:42:d3:b6:05:78:
53:f4:fd:c9:d7:cc:c5:ab:11:dd:d2:ad:9e:4a:74:
17:ef:d7:a1:fb:aa:47:d5:b7:c4:45:6f:fa:12:29:
32:43:50:b9:4f:c3:f2:8e:5c:d1:2c:d8:29:2f:3e:
d5:c0:09:2f:f6:d1:ad:78:f0:01:a8:fd:38:76:24:
2a:37:3c:5d:8d:97:c4:f7:06:5a:b4:bd:53:e9:58:
14:a1:7d:dc:96:92:9f:0e:5c:7e:8f:3e:8d:21:93:
93:73:3f:d6:17:35:4d:06:98:b6:1d:af:5d:22:70:
c8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6C:E4:91:9C:13:FE:7A:4A:85:83:8E:FB:3B:15:AB:88:20:71:D9
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/mGzkkZwT_npKhYOO-zsVq4ggcdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.192.0/20
45.66.185.0-45.66.187.255
91.193.60.0/22
109.68.144.0/21
178.21.168.0/21
185.70.76.0/22
185.118.125.0/24
185.168.36.0/22
185.205.96.0/22
IPv6:
2a02:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:92:8b:9a:b2:2b:9c:25:91:27:4d:d3:b0:83:cc:13:9d:60:
8f:b1:44:e5:29:8b:91:6b:41:c5:cf:fe:cd:86:ed:83:be:fd:
9b:80:95:a3:fb:e8:11:e5:44:36:f7:6c:59:3f:bc:12:55:e4:
f6:3f:e1:f5:32:26:fc:4f:d6:ae:bd:3a:ac:de:df:4e:99:7f:
b2:7a:93:57:96:e7:b7:e3:76:25:85:92:38:32:1f:7a:0d:2b:
f1:69:4b:6c:ff:cf:a0:c5:2d:4d:16:f0:4f:89:32:6e:a5:d4:
b9:d3:88:66:0d:1b:39:09:3a:28:ea:3b:9c:92:a3:dc:9a:84:
35:b3:10:43:4e:ac:d7:2a:84:a4:67:f8:3b:c6:e7:02:f5:97:
08:83:a4:15:fa:fd:09:74:59:01:10:d4:89:09:02:6b:c0:4a:
67:9a:bc:a3:64:0a:21:c3:70:d1:1c:e2:02:0b:cf:b1:8f:fc:
92:ce:56:a5:1e:14:90:4d:a1:94:33:1c:f5:2b:2a:2a:57:d3:
aa:28:f3:b4:d3:17:87:49:20:57:4e:55:65:0f:29:df:9a:7e:
89:9f:62:96:2d:81:fd:2d:3f:64:8d:99:3f:9f:f0:9a:a0:64:
2c:0b:20:7c:8f:92:11:78:56:85:b4:f3:96:60:bf:cc:24:1c:
74:0c:83:0b
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY3A7IMqFc1jUdt4MRpNji4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjQwMjE5MTAzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZjZTQ5MTljMTNmZTdhNGE4NTgzOGVmYjNiMTVhYjg4MjA3MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrju2gBIcj3oSlf0H8MSA019m/uz
O8D8zcfNBUluKHRX1y72M97LHIwAdRn0Na2JN7dMSM6hRuvzb31a7IwdwzZpoTl6
e4wtTpu8uYPlx6u72NV8jU1dmjiEJ8xTUBd+YIlCqkYhAkvd+WCC1/3QaUALsFqx
7PuXX8XNXI+9COXaFg7+6qIeHFssDuFNEFNjQtO2BXhT9P3J18zFqxHd0q2eSnQX
79eh+6pH1bfERW/6EikyQ1C5T8PyjlzRLNgpLz7VwAkv9tGtePABqP04diQqNzxd
jZfE9wZatL1T6VgUoX3clpKfDlx+jz6NIZOTcz/WFzVNBpi2Ha9dInDIVwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFJhs5JGcE/56SoWDjvs7FauIIHHZMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvbUd6a2tad1RfbnBLaFlPTy16c1ZxNGdnY2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQEBazAMAwD
BAAtQrkDBAItQrgDBAJbwTwDBANtRJADBAOyFagDBAK5RkwDBAC5dn0DBAK5qCQD
BAK5zWAwDQQCAAIwBwMFACoCT8AwDQYJKoZIhvcNAQELBQADggEBAKqSi5qyK5wl
kSdN07CDzBOdYI+xROUpi5FrQcXP/s2G7YO+/ZuAlaP76BHlRDb3bFk/vBJV5PY/
4fUyJvxP1q69Oqze306Zf7J6k1eW57fjdiWFkjgyH3oNK/FpS2z/z6DFLU0W8E+J
Mm6l1LnTiGYNGzkJOijqO5ySo9yahDWzEENOrNcqhKRn+DvG5wL1lwiDpBX6/Ql0
WQEQ1IkJAmvASmeavKNkCiHDcNEc4gILz7GP/JLOVqUeFJBNoZQzHPUrKipX06oo
87TTF4dJIFdOVWUPKd+afomfYpYtgf0tP2SNmT+f8JqgZCwLIHyPkhF4VoW085Zg
v8wkHHQMgws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:49 2024 by rpki-client on console-ams.rpki-client.org