Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MzfbjrtI5dAFbWqJ2MVirjRanrk.roa
File: MzfbjrtI5dAFbWqJ2MVirjRanrk.roa (raw, json)
Hash identifier: RaR33fPhsqXlpM5vX1lnTOEre8gmvD+r2pMeIIORtWs=
Subject key identifier: 33:37:DB:8E:BB:48:E5:D0:05:6D:6A:89:D8:C5:62:AE:34:5A:9E:B9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D8464334F1DDD6AF0D9C07F7D0DC0464E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MzfbjrtI5dAFbWqJ2MVirjRanrk.roa
Signing time: Wed 07 Feb 2024 16:26:15 +0000
ROA not before: Wed 07 Feb 2024 16:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15731
IP address blocks: 192.124.178.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
193.124.16.0/24 maxlen: 24
193.124.80.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
194.58.47.0/24 maxlen: 24
194.87.1.0/24 maxlen: 24
194.87.11.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.21.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.56.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.114.0/23 maxlen: 23
194.87.114.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.131.0/24 maxlen: 24
194.87.134.0/23 maxlen: 23
194.87.179.0/24 maxlen: 24
195.58.58.0/23 maxlen: 23
195.58.62.0/23 maxlen: 23
195.133.0.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.84.0/23 maxlen: 23
212.192.222.0/24 maxlen: 24
2a0b:7300::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 13 Feb 2024 10:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:64:33:4f:1d:dd:6a:f0:d9:c0:7f:7d:0d:c0:46:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 7 16:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3337db8ebb48e5d0056d6a89d8c562ae345a9eb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ce:60:32:96:bf:2b:eb:01:8e:10:90:d0:44:
8b:d8:f8:db:aa:f6:40:aa:e9:9f:29:03:a5:cc:90:
69:5f:a1:eb:01:12:4e:0e:25:fd:44:b9:be:00:f4:
c9:74:8c:95:48:58:4b:7a:34:37:55:e0:3e:49:82:
e0:61:69:9b:4a:b8:22:07:72:10:1a:96:d8:48:7b:
a9:2d:2d:a8:74:39:72:2b:e4:fe:66:f2:6a:6f:b9:
19:89:34:c0:7e:5b:64:17:83:98:87:52:d6:fa:f5:
5e:25:bc:79:d2:11:c0:73:86:71:5e:27:ae:f0:8b:
78:10:b6:09:88:b3:6f:03:36:f2:8d:0d:94:59:c9:
c3:61:2b:b3:0c:1e:e1:06:de:ca:f5:61:c7:2d:15:
a2:ea:75:d6:e5:6d:ce:7d:ea:4a:69:08:3b:5b:f4:
a3:1c:18:9b:3c:65:73:ac:a3:53:fd:1d:66:8d:9a:
a4:2a:b3:3b:02:b7:cf:c1:75:cf:4c:f7:cc:29:50:
42:01:d5:57:48:f9:4c:53:da:bc:88:53:bd:73:6f:
64:b6:42:df:3b:a5:50:e5:80:82:af:4a:91:1c:b5:
e1:40:a8:ed:aa:b0:7a:18:6f:18:e2:8f:a0:77:be:
02:b7:87:5d:eb:bc:ec:57:17:c4:97:87:8f:05:e4:
01:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:37:DB:8E:BB:48:E5:D0:05:6D:6A:89:D8:C5:62:AE:34:5A:9E:B9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MzfbjrtI5dAFbWqJ2MVirjRanrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.178.0/24
192.124.189.0/24
193.124.16.0/24
193.124.80.0/24
193.124.133.0/24
194.58.47.0/24
194.87.1.0/24
194.87.11.0-194.87.12.255
194.87.18.0/24
194.87.21.0/24
194.87.30.0/24
194.87.56.0/24
194.87.108.0/24
194.87.114.0/23
194.87.122.0/24
194.87.124.0/24
194.87.131.0/24
194.87.134.0/23
194.87.179.0/24
195.58.58.0/23
195.58.62.0/23
195.133.0.0/24
195.133.40.0/23
195.133.84.0/23
212.192.222.0/24
IPv6:
2a0b:7300::/29
Signature Algorithm: sha256WithRSAEncryption
7c:e7:67:d6:21:5c:3b:b5:08:1f:d3:cc:b1:bf:e0:87:ef:08:
5f:14:e5:77:d0:fa:30:1b:1f:83:b7:c0:33:f2:67:82:7b:ca:
99:88:e6:db:90:29:94:0f:be:97:ac:c5:3e:e6:ce:f7:42:7a:
8f:ed:20:13:3f:0c:25:b2:ed:8c:89:bc:d9:c1:05:87:31:8c:
3d:f3:a6:ae:94:b6:a6:60:2f:74:1c:82:01:46:5d:65:a0:cb:
6f:02:a1:e3:cc:69:5e:aa:78:58:95:60:07:6a:ef:54:84:c3:
1f:b7:56:5d:37:6c:8a:ed:af:d3:72:8c:ed:94:2c:6c:69:88:
3b:4f:8a:ff:78:ac:ad:6d:d3:c9:1d:47:d7:dc:25:e7:4c:84:
5a:b0:38:35:33:0e:40:39:06:86:1a:d5:77:5f:1a:8a:60:99:
6e:4f:9e:6d:11:9d:49:93:08:bc:d1:51:8b:21:6a:19:49:1f:
6c:96:78:79:cf:8a:82:51:9b:b9:dc:e4:fb:fa:1b:b1:00:40:
50:8d:67:8e:46:4b:99:b0:b2:4d:8f:33:3c:84:f9:63:76:2a:
0d:e5:64:7f:05:e8:32:04:c8:61:40:22:90:ca:ee:e1:19:03:
cc:d0:57:c0:2e:d7:23:12:4f:45:ef:73:1c:19:fc:a1:13:d6:
6a:07:49:18
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAY2EZDNPHd1q8NnAf30NwEZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA3MTYyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM3ZGI4ZWJiNDhlNWQwMDU2ZDZhODlkOGM1NjJhZTM0NWE5ZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs5gMpa/K+sBjhCQ0ESL2PjbqvZA
qumfKQOlzJBpX6HrARJODiX9RLm+APTJdIyVSFhLejQ3VeA+SYLgYWmbSrgiB3IQ
GpbYSHupLS2odDlyK+T+ZvJqb7kZiTTAfltkF4OYh1LW+vVeJbx50hHAc4ZxXieu
8It4ELYJiLNvAzbyjQ2UWcnDYSuzDB7hBt7K9WHHLRWi6nXW5W3OfepKaQg7W/Sj
HBibPGVzrKNT/R1mjZqkKrM7ArfPwXXPTPfMKVBCAdVXSPlMU9q8iFO9c29ktkLf
O6VQ5YCCr0qRHLXhQKjtqrB6GG8Y4o+gd74Ct4dd67zsVxfEl4ePBeQBmQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFDM32467SOXQBW1qidjFYq40Wp65MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXpmYmpydEk1ZEFGYldxSjJNVmlyalJhbnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHKBggrBgEFBQcBBwEB/wSBujCBtzCBpQQCAAEwgZ4DBADA
fLIDBADAfL0DBADBfBADBADBfFADBADBfIUDBADCOi8DBADCVwEwDAMEAMJXCwME
AMJXDAMEAMJXEgMEAMJXFQMEAMJXHgMEAMJXOAMEAMJXbAMEAcJXcgMEAMJXegME
AMJXfAMEAMJXgwMEAcJXhgMEAMJXswMEAcM6OgMEAcM6PgMEAMOFAAMEAcOFKAME
AcOFVAMEANTA3jANBAIAAjAHAwUDKgtzADANBgkqhkiG9w0BAQsFAAOCAQEAfOdn
1iFcO7UIH9PMsb/gh+8IXxTld9D6MBsfg7fAM/JngnvKmYjm25AplA++l6zFPubO
90J6j+0gEz8MJbLtjIm82cEFhzGMPfOmrpS2pmAvdByCAUZdZaDLbwKh48xpXqp4
WJVgB2rvVITDH7dWXTdsiu2v03KM7ZQsbGmIO0+K/3isrW3TyR1H19wl50yEWrA4
NTMOQDkGhhrVd18aimCZbk+ebRGdSZMIvNFRiyFqGUkfbJZ4ec+KglGbudzk+/ob
sQBAUI1njkZLmbCyTY8zPIT5Y3YqDeVkfwXoMgTIYUAikMru4RkDzNBXwC7XIxJP
Re9zHBn8oRPWagdJGA==
-----END CERTIFICATE-----
Generated at Tue Feb 13 14:35:31 2024 by rpki-client on console-ams.rpki-client.org