Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Mm2lxu7YWT7Pa-wjRpsDGESRBKk.roa
File: Mm2lxu7YWT7Pa-wjRpsDGESRBKk.roa (raw, json)
Hash identifier: JkBV+hT0l4+StY3VAd2SfZdt54Xfi65excqAfmZvKGA=
Subject key identifier: 32:6D:A5:C6:EE:D8:59:3E:CF:6B:EC:23:46:9B:03:18:44:91:04:A9
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 018CC500F0DB8A8EA3F89EF215E43AFA28C0
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Mm2lxu7YWT7Pa-wjRpsDGESRBKk.roa
Signing time: Mon 01 Jan 2024 12:30:22 +0000
ROA not before: Mon 01 Jan 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.173.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
104.247.189.0/24 maxlen: 24
104.247.188.0/24 maxlen: 24
104.247.190.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 23 Mar 2024 19:06:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f0:db:8a:8e:a3:f8:9e:f2:15:e4:3a:fa:28:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jan 1 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=326da5c6eed8593ecf6bec23469b0318449104a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:f4:cc:e0:d2:45:79:a2:bb:13:34:02:14:
7d:b4:dd:99:03:36:d3:8e:0e:4f:1d:8c:9c:0d:f7:
ef:1b:71:1a:d0:d8:3b:f3:20:08:ec:b6:e5:88:1b:
e4:be:9a:86:c2:e7:21:e9:60:72:6e:8e:e7:c2:37:
01:f8:bb:e8:40:48:0c:1c:0a:27:47:b9:8d:7b:0c:
3c:e6:28:a8:c9:2c:6e:ea:26:ba:90:18:de:04:c0:
d4:f3:b3:bc:29:33:d9:85:47:a2:7e:b4:40:1b:47:
e5:05:75:0c:33:4d:08:1f:75:9c:0a:a8:08:85:73:
20:54:17:14:76:0a:45:cb:1c:1e:bb:01:2d:f4:6e:
24:a3:00:74:95:5d:8a:06:c1:ac:8d:cb:af:62:9e:
90:a7:ee:eb:c2:3d:34:18:34:ab:97:de:23:56:fa:
07:32:18:a8:00:36:b3:36:f1:2d:f0:c3:98:0e:0c:
7c:03:cc:e8:17:5f:38:26:ff:26:bb:4c:b1:36:43:
7d:54:49:74:2c:fd:4a:34:e2:a6:d0:53:12:43:d3:
28:c4:79:bd:dd:a7:1a:4e:f0:fd:62:4c:da:d8:5a:
dd:97:da:6f:af:24:b7:e5:4a:95:6f:b0:a4:95:1e:
64:38:c5:70:3d:9c:8a:ee:95:73:a1:50:ed:90:c0:
8d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:6D:A5:C6:EE:D8:59:3E:CF:6B:EC:23:46:9B:03:18:44:91:04:A9
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/Mm2lxu7YWT7Pa-wjRpsDGESRBKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.180.255
104.247.182.0/24
104.247.184.0-104.247.186.255
104.247.188.0-104.247.190.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
54:ba:21:66:2d:8b:cd:c3:6c:71:84:a2:ed:0f:e1:50:e6:c2:
2a:ac:d3:27:53:31:25:b0:b8:3a:81:ee:ba:0c:b9:cf:92:37:
67:11:bb:34:3f:37:9d:71:ab:94:68:0e:d9:a3:b1:2f:3d:b3:
1b:37:98:81:3d:ec:4d:6a:a7:4e:53:28:f7:2b:e3:cf:2b:85:
5c:ee:b8:c3:c5:bf:a2:42:02:61:9f:a8:a8:a6:9c:c1:3e:fa:
2d:9a:70:2d:c5:2d:a2:02:48:a8:76:dd:5f:fe:ee:39:7b:5e:
a2:db:a4:f4:ba:8f:85:3b:d6:b0:ba:b3:17:33:0d:e6:e0:98:
67:37:69:db:ff:79:3f:4d:f5:71:a3:60:98:df:68:41:8f:29:
f2:a0:61:28:e7:87:9f:f9:c0:9d:c9:bd:5f:08:c6:1f:33:12:
fa:b9:00:77:5a:92:b3:02:13:fa:1e:a5:c8:5c:0b:b2:9d:b5:
8a:34:d5:fa:f9:8f:f3:20:ab:f3:9e:c9:5a:83:a1:e5:f3:ab:
5d:07:fd:d8:30:f9:40:39:d7:71:44:d6:55:3a:47:dc:f2:34:
76:d3:2d:6d:ba:87:60:a2:e8:55:34:8a:c2:10:87:7c:d4:ed:
c6:db:79:fe:c3:d2:7a:bb:e0:a0:df:a8:3e:8c:a6:66:68:43:
28:d5:0a:5a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzFAPDbio6j+J7yFeQ6+ijAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjZkYTVjNmVlZDg1OTNlY2Y2YmVjMjM0NjliMDMxODQ0OTEwNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUf0zODSRXmiuxM0AhR9tN2ZAzbT
jg5PHYycDffvG3Ea0Ng78yAI7LbliBvkvpqGwuch6WBybo7nwjcB+LvoQEgMHAon
R7mNeww85iioySxu6ia6kBjeBMDU87O8KTPZhUeifrRAG0flBXUMM00IH3WcCqgI
hXMgVBcUdgpFyxweuwEt9G4kowB0lV2KBsGsjcuvYp6Qp+7rwj00GDSrl94jVvoH
MhioADazNvEt8MOYDgx8A8zoF184Jv8mu0yxNkN9VEl0LP1KNOKm0FMSQ9MoxHm9
3acaTvD9Ykza2Frdl9pvryS35UqVb7CklR5kOMVwPZyK7pVzoVDtkMCNWwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDJtpcbu2Fk+z2vsI0abAxhEkQSpMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvTW0ybHh1N1lXVDdQYS13alJwc0RHRVNSQktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8MAwDBAFo96oD
BABo97QDBABo97YwDAMEA2j3uAMEAGj3ujAMAwQCaPe8AwQAaPe+AwQCuUmAAwQA
uYnXMA0EAgACMAcDBQAqA6WgMA0GCSqGSIb3DQEBCwUAA4IBAQBUuiFmLYvNw2xx
hKLtD+FQ5sIqrNMnUzElsLg6ge66DLnPkjdnEbs0PzedcauUaA7Zo7EvPbMbN5iB
PexNaqdOUyj3K+PPK4Vc7rjDxb+iQgJhn6ioppzBPvotmnAtxS2iAkiodt1f/u45
e16i26T0uo+FO9awurMXMw3m4JhnN2nb/3k/TfVxo2CY32hBjynyoGEo54ef+cCd
yb1fCMYfMxL6uQB3WpKzAhP6HqXIXAuynbWKNNX6+Y/zIKvznslag6Hl86tdB/3Y
MPlAOddxRNZVOkfc8jR20y1tuodgouhVNIrCEId81O3G23n+w9J6u+Cg36g+jKZm
aEMo1Qpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org