Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/k_mxhtxfmOscaA58pcYLKMlXGD0.roa
File: k_mxhtxfmOscaA58pcYLKMlXGD0.roa (raw, json)
Hash identifier: zjftVbiXEQKW41tGGpkOU+A4PpP62CtFRyvk89Px94w=
Subject key identifier: 93:F9:B1:86:DC:5F:98:EB:1C:68:0E:7C:A5:C6:0B:28:C9:57:18:3D
Certificate issuer: /CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Certificate serial: 018CC2DB05EDFD7BD9D0DDA7C491432B1302
Authority key identifier: 11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/k_mxhtxfmOscaA58pcYLKMlXGD0.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 195.112.64.0/19 maxlen: 19
62.167.0.0/17 maxlen: 17
62.167.0.0/16 maxlen: 16
84.226.0.0/15 maxlen: 16
195.141.0.0/16 maxlen: 16
193.192.224.0/19 maxlen: 19
194.230.0.0/16 maxlen: 16
178.38.0.0/15 maxlen: 16
212.161.128.0/17 maxlen: 17
194.230.144.0/20 maxlen: 20
31.164.0.0/15 maxlen: 16
188.154.0.0/15 maxlen: 16
212.98.32.0/19 maxlen: 19
194.158.224.0/19 maxlen: 19
89.217.0.0/16 maxlen: 16
212.35.32.0/19 maxlen: 19
2001:1700::/27 maxlen: 27
Validation: Failed, certificate revoked on Fri 17 May 2024 10:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:05:ed:fd:7b:d9:d0:dd:a7:c4:91:43:2b:13:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93f9b186dc5f98eb1c680e7ca5c60b28c957183d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d6:76:2f:3e:40:f3:86:23:c5:69:44:3a:f7:
4c:9c:87:24:20:5b:42:f8:41:e9:b1:c9:d2:16:a4:
dd:83:48:e7:c7:4a:9f:09:92:e2:b7:28:aa:03:2f:
60:4c:ad:6d:e2:45:8c:5d:16:cc:90:b9:8e:6f:7f:
2d:33:01:dd:d4:54:9c:e3:d8:0f:0c:5e:dc:de:70:
ad:03:52:2a:bd:0b:78:c6:3d:a2:c0:d7:74:da:05:
55:cc:b4:13:fe:ca:66:c2:37:af:a4:a9:38:a7:71:
fc:20:67:48:e5:43:81:e7:7d:38:cc:63:7d:93:bd:
5a:f2:20:69:30:3b:04:12:e6:94:62:85:af:66:12:
bd:ca:4b:26:92:95:0b:4c:9b:6e:ac:cb:d8:ea:40:
4f:9b:4a:73:8a:3b:3f:7f:46:4c:46:fb:ce:30:f9:
ce:c4:c2:32:73:bf:b2:dc:4f:7d:93:60:56:50:5c:
b5:ef:3d:3f:c8:96:6a:c0:a3:2a:6b:98:94:7f:40:
5b:28:4f:0a:cd:4b:7e:91:48:7d:c9:ec:aa:09:f0:
55:54:90:12:18:4d:fb:8a:da:c2:c5:fe:ed:d7:51:
8e:a5:56:f6:48:53:d7:bf:20:dd:e4:16:f9:77:61:
f3:ef:77:8e:e6:67:3b:0d:38:cc:d3:12:d4:81:a4:
f7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F9:B1:86:DC:5F:98:EB:1C:68:0E:7C:A5:C6:0B:28:C9:57:18:3D
X509v3 Authority Key Identifier:
keyid:11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/k_mxhtxfmOscaA58pcYLKMlXGD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.164.0.0/15
62.167.0.0/16
84.226.0.0/15
89.217.0.0/16
178.38.0.0/15
188.154.0.0/15
193.192.224.0/19
194.158.224.0/19
194.230.0.0/16
195.112.64.0/19
195.141.0.0/16
212.35.32.0/19
212.98.32.0/19
212.161.128.0/17
IPv6:
2001:1700::/27
Signature Algorithm: sha256WithRSAEncryption
03:3d:b3:75:34:e2:fa:6b:ed:3a:06:22:21:79:6f:72:b8:8b:
0f:c9:f7:36:f1:95:ce:6e:1f:2b:80:d5:6f:55:dc:ae:19:da:
f9:02:78:78:41:ce:c0:94:fe:f9:24:bd:02:92:3a:f1:b3:e1:
d7:4b:79:3f:8f:fb:13:09:08:d7:fe:11:06:f8:4e:8c:7a:be:
c6:e0:1a:e1:3b:b2:6b:2d:7a:4f:d0:f6:3a:88:1d:17:70:2e:
54:ee:91:be:f2:01:eb:e8:a1:ee:99:a7:39:bb:e7:86:0a:8a:
2a:b2:21:3b:6a:e0:9d:85:d1:2c:60:61:b2:75:20:39:32:3c:
42:71:80:bf:a2:af:37:3e:9c:06:cf:fe:f5:3c:0c:78:91:45:
e7:34:fc:b5:cf:46:8d:bb:b5:65:97:c0:0d:80:fc:73:25:63:
45:65:67:c1:a1:62:18:68:5a:a8:e0:2d:d8:27:3c:f2:85:0c:
a4:e1:13:ba:56:fd:53:23:da:51:3d:d4:ac:28:21:3d:21:00:
c0:03:28:2b:0d:83:bf:72:16:f9:ea:8b:d9:fc:3f:b8:49:96:
74:98:76:ee:5d:85:cc:b6:ed:0a:f0:9a:28:13:1b:53:e0:ea:
2e:f9:82:80:2d:16:d8:58:56:65:d4:11:e2:1a:d2:5b:64:48:
2f:32:2a:48
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzC2wXt/XvZ0N2nxJFDKxMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWRiYzAwNDMzZTI5ZjJhZGViMDM4ZmVhMmZiZDcwNDhm
YjYzMmYwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y5YjE4NmRjNWY5OGViMWM2ODBlN2NhNWM2MGIyOGM5NTcxODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNZ2Lz5A84YjxWlEOvdMnIckIFtC
+EHpscnSFqTdg0jnx0qfCZLityiqAy9gTK1t4kWMXRbMkLmOb38tMwHd1FSc49gP
DF7c3nCtA1IqvQt4xj2iwNd02gVVzLQT/spmwjevpKk4p3H8IGdI5UOB5304zGN9
k71a8iBpMDsEEuaUYoWvZhK9yksmkpULTJturMvY6kBPm0pzijs/f0ZMRvvOMPnO
xMIyc7+y3E99k2BWUFy17z0/yJZqwKMqa5iUf0BbKE8KzUt+kUh9yeyqCfBVVJAS
GE37itrCxf7t11GOpVb2SFPXvyDd5Bb5d2Hz73eO5mc7DTjM0xLUgaT30QIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJP5sYbcX5jrHGgOfKXGCyjJVxg9MB8GA1UdIwQY
MBaAFBFdvABDPinyresDj+ovvXBI+2MvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTkt
MjI5YjRhZTc0MmRlLzEva19teGh0eGZtT3NjYUE1OHBjWUxLTWxYR0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTktMjI5YjRhZTc0MmRl
LzEvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwMBH6QDAwA+
pwMDAVTiAwMAWdkDAwGyJgMDAbyaAwQFwcDgAwQFwp7gAwMAwuYDBAXDcEADAwDD
jQMEBdQjIAMEBdRiIAMEB9ShgDANBAIAAjAHAwUFIAEXADANBgkqhkiG9w0BAQsF
AAOCAQEAAz2zdTTi+mvtOgYiIXlvcriLD8n3NvGVzm4fK4DVb1Xcrhna+QJ4eEHO
wJT++SS9ApI68bPh10t5P4/7EwkI1/4RBvhOjHq+xuAa4Tuyay16T9D2OogdF3Au
VO6RvvIB6+ih7pmnObvnhgqKKrIhO2rgnYXRLGBhsnUgOTI8QnGAv6KvNz6cBs/+
9TwMeJFF5zT8tc9Gjbu1ZZfADYD8cyVjRWVnwaFiGGhaqOAt2Cc88oUMpOETulb9
UyPaUT3UrCghPSEAwAMoKw2Dv3IW+eqL2fw/uEmWdJh27l2FzLbtCvCaKBMbU+Dq
LvmCgC0W2FhWZdQR4hrSW2RILzIqSA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:53 2024 by rpki-client on console-ams.rpki-client.org