Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/MHygfGsBxZrO5dAS5tlg2-9Z92k.roa
File: MHygfGsBxZrO5dAS5tlg2-9Z92k.roa (raw, json)
Hash identifier: sVGQgbRT7t66UTReS0CaCiHB5NGhzA7ITdDXTTK21nY=
Subject key identifier: 30:7C:A0:7C:6B:01:C5:9A:CE:E5:D0:12:E6:D9:60:DB:EF:59:F7:69
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 01856F6FE5B0335670A0867C4CAD0147E881
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/MHygfGsBxZrO5dAS5tlg2-9Z92k.roa
Signing time: Sun 01 Jan 2023 22:24:42 +0000
ROA not before: Sun 01 Jan 2023 22:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35539
IP address blocks: 46.160.224.0/21 maxlen: 21
46.160.232.0/21 maxlen: 21
46.160.240.0/21 maxlen: 21
46.160.248.0/21 maxlen: 21
93.123.192.0/18 maxlen: 18
95.131.208.0/22 maxlen: 22
95.131.212.0/22 maxlen: 22
95.131.208.0/21 maxlen: 21
93.95.160.0/21 maxlen: 21
93.95.164.0/22 maxlen: 22
93.95.160.0/22 maxlen: 22
93.123.128.0/17 maxlen: 17
93.123.128.0/18 maxlen: 18
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:e5:b0:33:56:70:a0:86:7c:4c:ad:01:47:e8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Jan 1 22:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=307ca07c6b01c59acee5d012e6d960dbef59f769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:34:e3:65:2a:8e:f0:ff:b4:46:5b:86:a0:58:
a9:71:12:e2:1c:62:84:69:75:ef:4c:19:31:4d:8d:
4e:7a:7b:92:be:9d:a9:ec:7a:95:bb:32:1a:e4:77:
83:91:3f:c7:3a:3c:d9:ea:02:9f:c1:2c:e2:fa:63:
9d:81:e4:26:92:a0:d1:da:a8:11:6f:f6:59:da:2f:
aa:aa:3e:70:a8:68:c4:69:6a:99:a4:25:43:97:af:
c5:be:fe:96:9a:a9:a9:ef:1c:eb:22:79:62:17:88:
cf:f8:3d:07:29:16:d6:45:67:48:de:68:b0:72:f6:
f8:c3:ca:41:ab:77:01:b7:78:b4:ae:f7:2c:7d:04:
e7:45:b6:4a:a4:75:7a:7c:38:93:0a:09:0a:21:c4:
a2:62:16:f5:25:cd:20:c0:83:90:06:0f:b7:a1:93:
dd:d2:23:3e:2a:22:a7:de:a1:bf:b1:82:f3:53:e4:
c4:95:d0:2e:5a:a4:c7:11:d3:fd:8f:6f:2c:5a:45:
d9:0f:57:6a:b5:31:19:91:57:33:8e:b5:cd:95:2d:
cc:e8:93:21:e5:49:7b:31:9b:46:8b:59:ed:3f:0a:
84:cb:27:39:d1:39:bf:f4:50:be:74:e7:90:07:b3:
0f:80:8a:fe:10:7e:c7:de:20:4e:6b:0c:1a:f7:f0:
1c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7C:A0:7C:6B:01:C5:9A:CE:E5:D0:12:E6:D9:60:DB:EF:59:F7:69
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/MHygfGsBxZrO5dAS5tlg2-9Z92k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.160.224.0/19
93.95.160.0/21
93.123.128.0/17
95.131.208.0/21
Signature Algorithm: sha256WithRSAEncryption
69:47:47:be:75:7a:93:73:cc:c9:a7:87:32:e9:65:a7:1d:b8:
56:f4:fb:d6:20:c9:c0:dd:8b:60:49:69:1c:08:61:de:d1:98:
97:cf:04:df:a5:24:53:9f:43:c6:48:c0:c1:dc:ab:1a:33:54:
e1:4b:22:b2:24:68:64:a8:58:75:7e:fb:79:20:2e:4e:a6:30:
9f:a1:83:51:40:f6:7b:f6:74:c1:da:3e:4d:41:86:2e:72:8f:
d2:de:bf:24:9d:e8:d5:aa:33:dd:0c:4a:d3:be:27:6a:2d:f7:
8f:99:07:4c:55:d3:c2:82:1b:12:d6:2a:61:37:a2:e1:4b:a0:
d5:77:92:eb:4b:f0:89:12:91:92:50:29:2b:5a:73:36:97:a8:
80:96:a4:11:cf:12:56:5a:1c:77:c2:c4:f8:32:88:0a:e3:8a:
0a:58:27:19:b6:82:9d:f8:f3:ec:18:00:3f:26:3e:fc:5c:d4:
fa:97:e6:70:a6:47:34:f3:45:8c:fd:23:0e:b0:c0:d4:95:32:
4b:65:4f:75:de:ec:97:a0:98:8b:47:59:a8:12:e3:1c:6c:d5:
46:46:82:72:8c:07:01:51:79:e1:11:ea:0d:d8:da:94:3f:d9:
18:87:1e:25:b8:a3:95:c7:ff:8c:7c:4a:d7:e5:50:6b:99:99:
96:09:a1:25
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvb+WwM1ZwoIZ8TK0BR+iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjMwMTAxMjIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdjYTA3YzZiMDFjNTlhY2VlNWQwMTJlNmQ5NjBkYmVmNTlmNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DTjZSqO8P+0RluGoFipcRLiHGKE
aXXvTBkxTY1OenuSvp2p7HqVuzIa5HeDkT/HOjzZ6gKfwSzi+mOdgeQmkqDR2qgR
b/ZZ2i+qqj5wqGjEaWqZpCVDl6/Fvv6Wmqmp7xzrInliF4jP+D0HKRbWRWdI3miw
cvb4w8pBq3cBt3i0rvcsfQTnRbZKpHV6fDiTCgkKIcSiYhb1Jc0gwIOQBg+3oZPd
0iM+KiKn3qG/sYLzU+TEldAuWqTHEdP9j28sWkXZD1dqtTEZkVczjrXNlS3M6JMh
5Ul7MZtGi1ntPwqEyyc50Tm/9FC+dOeQB7MPgIr+EH7H3iBOawwa9/AcNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDB8oHxrAcWazuXQEubZYNvvWfdpMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvTUh5Z2ZHc0J4WnJPNWRBUzV0bGcyLTlaOTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLqDgAwQD
XV+gAwQHXXuAAwQDX4PQMA0GCSqGSIb3DQEBCwUAA4IBAQBpR0e+dXqTc8zJp4cy
6WWnHbhW9PvWIMnA3YtgSWkcCGHe0ZiXzwTfpSRTn0PGSMDB3KsaM1ThSyKyJGhk
qFh1fvt5IC5OpjCfoYNRQPZ79nTB2j5NQYYuco/S3r8knejVqjPdDErTvidqLfeP
mQdMVdPCghsS1iphN6LhS6DVd5LrS/CJEpGSUCkrWnM2l6iAlqQRzxJWWhx3wsT4
MogK44oKWCcZtoKd+PPsGAA/Jj78XNT6l+Zwpkc080WM/SMOsMDUlTJLZU913uyX
oJiLR1moEuMcbNVGRoJyjAcBUXnhEeoN2NqUP9kYhx4luKOVx/+MfErX5VBrmZmW
CaEl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:25 2024 by rpki-client on console-ams.rpki-client.org