Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/mftKSbeBNtTZSgpSY9N_-8PO4gM.roa
File: mftKSbeBNtTZSgpSY9N_-8PO4gM.roa (raw, json)
Hash identifier: enFv7MUURUSmmsp122j2goleFyJ9+vll/n2P3/3gjw8=
Subject key identifier: 99:FB:4A:49:B7:81:36:D4:D9:4A:0A:52:63:D3:7F:FB:C3:CE:E2:03
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 01917EA6BEF2420A31337EA4542E2D92FDC8
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/mftKSbeBNtTZSgpSY9N_-8PO4gM.roa
Signing time: Fri 23 Aug 2024 09:52:22 +0000
ROA not before: Fri 23 Aug 2024 09:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:b3c0::/29 maxlen: 29
2a06:cac0::/29 maxlen: 29
2a0a:e2c0::/29 maxlen: 29
2a0e:7780::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a0f:e000::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:dcc0::/29 maxlen: 29
2a11:f140::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:ec0::/29 maxlen: 29
2a12:1900::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:8ec0::/29 maxlen: 29
2a12:ccc0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a13:ba00::/29 maxlen: 29
2a13:dac0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
2a14:7e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Aug 2024 10:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7e:a6:be:f2:42:0a:31:33:7e:a4:54:2e:2d:92:fd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Aug 23 09:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99fb4a49b78136d4d94a0a5263d37ffbc3cee203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:c9:e8:e3:c0:a1:cb:b0:c6:46:49:90:dd:
f7:e5:22:06:51:93:94:77:a5:fb:69:3d:50:35:36:
ae:eb:2b:67:00:59:64:11:ab:a6:0a:dd:a8:05:69:
ca:97:f5:4f:56:76:0c:bb:7b:3e:71:c2:2e:3e:c9:
a2:2c:dd:42:90:0c:19:5c:63:11:ee:63:d8:c9:5d:
9b:69:94:0a:71:9e:96:88:cb:cf:fb:77:e4:b4:fb:
f9:4d:9b:49:af:cb:0c:19:e1:32:4b:0c:8d:ed:56:
03:ff:29:32:63:19:87:24:48:17:92:d6:79:25:0b:
bf:b2:99:b2:b8:97:0e:47:46:b7:dd:85:21:39:8a:
3e:be:17:92:8e:ac:c5:0a:0c:dd:34:ee:18:55:5c:
de:5c:04:d7:4e:42:eb:5e:6c:0a:48:f2:f7:b5:cf:
5d:b0:8b:c0:bb:b3:77:02:c6:15:b3:3b:23:83:f5:
3a:1a:91:12:10:9b:21:3f:3a:6e:92:2f:00:1b:09:
ae:60:40:f3:3a:a4:7a:68:41:f2:40:58:16:87:50:
28:52:92:36:1b:1a:0a:f0:fa:00:b1:49:6c:20:e2:
8b:4a:1d:25:2d:bd:f8:7d:5f:8d:16:9e:1b:ed:00:
19:3a:5c:87:7d:c8:22:f1:18:fc:67:68:07:de:4d:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FB:4A:49:B7:81:36:D4:D9:4A:0A:52:63:D3:7F:FB:C3:CE:E2:03
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/mftKSbeBNtTZSgpSY9N_-8PO4gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:b3c0::/29
2a06:cac0::/29
2a0a:e2c0::/29
2a0e:7780::/29
2a0f:d480::/29
2a0f:e000::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a11:dcc0::/29
2a11:f140::/29
2a12:440::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
2a12:6640::/29
2a12:6740::/29
2a12:6b80::/29
2a12:6f40::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:e240::/29
2a12:f0c0::/29
2a13:ba00::/29
2a13:dac0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
2a14:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:10:f8:0d:34:24:44:f2:c5:4e:d0:c5:ab:28:da:65:39:68:
4e:1e:03:fe:09:2a:75:5e:33:19:84:32:11:cf:97:04:2d:ef:
35:53:57:c6:4d:ec:f4:86:9e:f5:23:54:bb:f5:26:60:ac:c5:
89:fd:43:cb:d1:08:cd:b0:8f:f7:61:44:da:dd:5e:5b:e1:c0:
09:ca:94:ae:30:56:4d:e2:41:34:3d:20:23:e4:ea:b9:e1:46:
ce:46:7d:9c:da:7e:89:5d:7e:73:04:84:e1:9b:6f:cb:6c:38:
f9:ed:24:5c:b2:6d:fe:54:c8:f3:71:b7:4a:ee:35:d1:48:5c:
09:0f:15:a6:34:2a:93:9f:ce:12:ae:2b:24:a9:b3:fa:f3:9b:
47:96:ee:f9:cd:5b:42:c7:60:df:c3:e3:c7:f0:9a:d5:d8:f9:
06:92:26:22:1e:1a:5e:c8:44:55:bb:6f:9b:e8:62:6f:45:41:
98:f7:75:f0:e0:c5:9f:35:49:01:62:3e:8e:79:08:f0:c3:d9:
2a:4a:e6:58:da:43:67:92:b9:5a:97:98:d5:93:e4:f5:98:72:
f6:37:e9:99:27:66:0e:f7:c9:53:14:a9:6b:87:4a:c1:fc:34:
2d:2e:12:fd:fd:b2:c8:7a:85:8e:1c:69:4d:95:79:55:b2:41:
5a:63:1e:00
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZF+pr7yQgoxM36kVC4tkv3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwODIzMDk1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZiNGE0OWI3ODEzNmQ0ZDk0YTBhNTI2M2QzN2ZmYmMzY2VlMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsofJ6OPAocuwxkZJkN335SIGUZOU
d6X7aT1QNTau6ytnAFlkEaumCt2oBWnKl/VPVnYMu3s+ccIuPsmiLN1CkAwZXGMR
7mPYyV2baZQKcZ6WiMvP+3fktPv5TZtJr8sMGeEySwyN7VYD/ykyYxmHJEgXktZ5
JQu/spmyuJcOR0a33YUhOYo+vheSjqzFCgzdNO4YVVzeXATXTkLrXmwKSPL3tc9d
sIvAu7N3AsYVszsjg/U6GpESEJshPzpuki8AGwmuYEDzOqR6aEHyQFgWh1AoUpI2
GxoK8PoAsUlsIOKLSh0lLb34fV+NFp4b7QAZOlyHfcgi8Rj8Z2gH3k303wIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFJn7Skm3gTbU2UoKUmPTf/vDzuIDMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvbWZ0S1NiZUJOdFRaU2dwU1k5Tl8tOFBPNGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MBIEAgABMAwDBAK5
qBwDBAK5yYgwgecEAgACMIHgAwUDKgazwAMFAyoGysADBQMqCuLAAwUDKg53gAMF
AyoP1IADBQMqD+AAAwUDKhEvQAMFAyoRO0ADBQMqEXJAAwUDKhGWAAMFAyoR3MAD
BQMqEfFAAwUDKhIEQAMFAyoSDsADBQMqEhkAAwUDKhIowAMFAyoSZkADBQMqEmdA
AwUDKhJrgAMFAyoSb0ADBQMqEo7AAwUDKhLMwAMFAyoS4kADBQMqEvDAAwUDKhO6
AAMFAyoT2sADBQMqFADAAwUDKhQBQAMFAyoUAcADBQMqFAgAAwUDKhQPQAMFAyoU
fgAwDQYJKoZIhvcNAQELBQADggEBAIsQ+A00JETyxU7Qxaso2mU5aE4eA/4JKnVe
MxmEMhHPlwQt7zVTV8ZN7PSGnvUjVLv1JmCsxYn9Q8vRCM2wj/dhRNrdXlvhwAnK
lK4wVk3iQTQ9ICPk6rnhRs5GfZzafoldfnMEhOGbb8tsOPntJFyybf5UyPNxt0ru
NdFIXAkPFaY0KpOfzhKuKySps/rzm0eW7vnNW0LHYN/D48fwmtXY+QaSJiIeGl7I
RFW7b5voYm9FQZj3dfDgxZ81SQFiPo55CPDD2SpK5ljaQ2eSuVqXmNWT5PWYcvY3
6ZknZg73yVMUqWuHSsH8NC0uEv39ssh6hY4caU2VeVWyQVpjHgA=
-----END CERTIFICATE-----
Generated at Sat Aug 24 13:38:18 2024 by rpki-client on console-ams.rpki-client.org