Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/34MXuRK49oB0ZUvTEE76fjNR3RM.roa
File: 34MXuRK49oB0ZUvTEE76fjNR3RM.roa (raw, json)
Hash identifier: ptDZLv7z+cMJBjum37baJoqheGk2v5d/hIK217OsXrE=
Subject key identifier: DF:83:17:B9:12:B8:F6:80:74:65:4B:D3:10:4E:FA:7E:33:51:DD:13
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 018D0D6BBBF72A6286E8328DA762C9D4CB19
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/34MXuRK49oB0ZUvTEE76fjNR3RM.roa
Signing time: Mon 15 Jan 2024 13:59:40 +0000
ROA not before: Mon 15 Jan 2024 13:59:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58327
IP address blocks: 193.242.188.0/23 maxlen: 24
185.74.194.0/23 maxlen: 24
185.74.193.0/24 maxlen: 24
176.120.168.0/21 maxlen: 24
185.239.4.0/22 maxlen: 24
5.252.252.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
185.224.94.0/23 maxlen: 24
185.226.228.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jun 2024 11:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:6b:bb:f7:2a:62:86:e8:32:8d:a7:62:c9:d4:cb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jan 15 13:59:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df8317b912b8f68074654bd3104efa7e3351dd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:11:56:9b:13:97:cb:dc:d1:e8:9a:7d:4c:
13:32:04:dc:6e:a9:df:50:f8:33:9e:3f:e1:32:d8:
65:20:d2:0f:fb:17:0a:61:e1:8d:bc:0d:d0:4f:22:
f4:c8:77:3f:8f:15:a4:fd:64:96:c9:d1:c5:e3:9f:
19:59:c3:0d:2d:98:ba:40:78:55:1b:fc:4d:94:aa:
3b:2a:4a:4d:c4:24:8a:0f:32:ca:85:a4:6b:8f:66:
77:5e:72:56:94:ac:85:f5:2b:f7:cb:00:d0:1f:d8:
c2:8e:b6:b6:d6:98:fe:32:96:44:9a:c5:92:ff:ce:
1c:3f:14:63:35:6d:66:a4:f3:ac:92:50:05:0d:a0:
a3:5f:0c:ff:7d:f4:61:68:f1:b4:1c:35:61:93:78:
79:80:7d:2c:f2:73:96:f7:e6:b7:9a:b2:38:dd:03:
bc:d9:75:94:38:c2:84:78:13:fc:72:a7:9d:c8:78:
a3:5c:82:64:da:db:87:ce:48:50:fa:e4:78:27:53:
8d:01:02:6d:1f:30:c6:7f:78:6a:de:f9:a1:b6:c5:
ce:ae:aa:1e:6e:5c:37:52:42:b1:b6:f8:6f:21:3a:
ed:50:b6:93:70:5a:18:57:86:24:8f:b2:67:f1:d5:
39:08:ad:38:fd:52:77:44:5f:fe:81:c3:2e:f5:8c:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:83:17:B9:12:B8:F6:80:74:65:4B:D3:10:4E:FA:7E:33:51:DD:13
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/34MXuRK49oB0ZUvTEE76fjNR3RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:2a:f2:8e:68:8d:ab:9f:4d:c1:6f:8d:32:30:bd:90:66:3b:
0b:5c:f6:19:0a:58:7f:18:a5:71:0e:40:16:ae:c3:f9:be:ce:
63:1d:d0:16:b5:4c:ce:f0:99:fc:6f:c1:b0:36:37:81:37:aa:
d2:a5:00:5d:e8:72:a4:20:1e:ad:d4:db:fa:e1:a6:a5:9e:e5:
08:93:d0:b7:ae:86:16:a7:35:1b:34:34:31:85:66:bf:1a:51:
98:28:7b:91:a7:cf:67:bc:48:35:b9:fc:93:dc:74:87:85:ce:
c5:35:5e:87:00:ea:ad:89:ed:e2:84:1a:37:3d:87:da:e0:62:
a0:21:0c:a9:98:40:0a:b2:e2:95:fb:60:79:1e:94:71:09:de:
53:e4:53:43:ae:7d:e5:3f:8a:e6:63:87:29:41:76:4a:87:1f:
ea:8f:9d:90:3f:1a:1d:84:6e:47:22:0b:dc:13:d6:33:1f:0b:
ba:b3:2b:cc:99:12:0e:46:73:8b:33:53:dc:b3:2e:04:1f:a3:
09:0e:f2:0b:3b:24:9b:d2:89:2c:9e:04:c0:aa:75:91:38:8f:
6f:f1:99:bf:ef:f4:ec:d0:16:da:14:a3:ef:b5:c0:61:0c:7d:
46:f0:9d:ed:c5:91:f8:0d:2d:52:ee:9f:5f:83:8a:ba:47:bc:
12:88:08:2e
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY0Na7v3KmKG6DKNp2LJ1MsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjQwMTE1MTM1OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjgzMTdiOTEyYjhmNjgwNzQ2NTRiZDMxMDRlZmE3ZTMzNTFkZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhcRVpsTl8vc0eiafUwTMgTcbqnf
UPgznj/hMthlINIP+xcKYeGNvA3QTyL0yHc/jxWk/WSWydHF458ZWcMNLZi6QHhV
G/xNlKo7KkpNxCSKDzLKhaRrj2Z3XnJWlKyF9Sv3ywDQH9jCjra21pj+MpZEmsWS
/84cPxRjNW1mpPOsklAFDaCjXwz/ffRhaPG0HDVhk3h5gH0s8nOW9+a3mrI43QO8
2XWUOMKEeBP8cqedyHijXIJk2tuHzkhQ+uR4J1ONAQJtHzDGf3hq3vmhtsXOrqoe
blw3UkKxtvhvITrtULaTcFoYV4Ykj7Jn8dU5CK04/VJ3RF/+gcMu9YwvGwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFN+DF7kSuPaAdGVL0xBO+n4zUd0TMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvMzRNWHVSSzQ5b0IwWlV2VEVFNzZmak5SM1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCBfz8AwQD
sHioMAwDBAC5SsEDBAK5SsADBAC5whkwDAMEALngXQMEBbngQAMEALni5AMEArnv
BAMEAbzUIAMEAcHyvDANBgkqhkiG9w0BAQsFAAOCAQEAwyryjmiNq59NwW+NMjC9
kGY7C1z2GQpYfxilcQ5AFq7D+b7OYx3QFrVMzvCZ/G/BsDY3gTeq0qUAXehypCAe
rdTb+uGmpZ7lCJPQt66GFqc1GzQ0MYVmvxpRmCh7kafPZ7xINbn8k9x0h4XOxTVe
hwDqrYnt4oQaNz2H2uBioCEMqZhACrLilftgeR6UcQneU+RTQ6595T+K5mOHKUF2
Socf6o+dkD8aHYRuRyIL3BPWMx8LurMrzJkSDkZzizNT3LMuBB+jCQ7yCzskm9KJ
LJ4EwKp1kTiPb/GZv+/07NAW2hSj77XAYQx9RvCd7cWR+A0tUu6fX4OKuke8EogI
Lg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:37:53 2025 by rpki-client