Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/mDtus4Hooah48EJe_6Xbb0EdoSI.roa
File: mDtus4Hooah48EJe_6Xbb0EdoSI.roa (raw, json)
Hash identifier: verneNXLiYrOS8o2naCGAzUrvheClb2UF0t7/HBck2k=
Subject key identifier: 98:3B:6E:B3:81:E8:A1:A8:78:F0:42:5E:FF:A5:DB:6F:41:1D:A1:22
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 018E2E425E1B04CE1D2467ED8B8528B1EFA4
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/mDtus4Hooah48EJe_6Xbb0EdoSI.roa
Signing time: Mon 11 Mar 2024 16:04:45 +0000
ROA not before: Mon 11 Mar 2024 16:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
153.92.32.0/21 maxlen: 21
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Mar 2024 21:12:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:42:5e:1b:04:ce:1d:24:67:ed:8b:85:28:b1:ef:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Mar 11 16:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=983b6eb381e8a1a878f0425effa5db6f411da122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:52:6b:97:65:4b:0d:e5:63:7a:8f:21:64:
26:ff:0c:0c:1e:6d:05:6a:9e:b9:69:d3:32:97:72:
65:22:c0:bc:d9:2b:f0:7a:a2:22:af:8c:b3:d3:d6:
ed:3a:3a:ff:3d:07:08:b3:1d:c3:57:90:ba:1a:8d:
dc:8f:94:72:eb:98:90:21:53:0f:fa:ed:86:d7:dd:
f7:5d:f1:97:ce:7d:79:fc:1a:73:81:a9:c3:3d:50:
5a:a2:11:c3:b4:70:95:7f:e3:2e:dd:9b:a2:d2:e9:
ff:1c:79:69:e1:50:0d:62:d6:32:a8:78:59:15:3f:
7b:f5:a2:18:d7:48:84:34:37:95:80:2e:33:bc:64:
31:a3:2d:ca:c3:49:ad:5d:f6:65:f0:ce:e9:0f:01:
15:2c:fb:ed:7e:7b:18:89:ee:1a:93:c7:8a:3a:86:
f9:bc:80:d9:df:bb:ba:6b:f1:83:ba:5d:fc:74:8d:
53:24:e0:53:20:3d:79:cb:af:e4:16:89:5c:71:71:
54:7e:b2:a7:7d:90:f7:ac:e9:ad:36:7d:3b:7b:8a:
59:e5:ba:60:40:41:88:52:0e:0e:bc:ed:d2:0c:b4:
d5:91:bd:de:1b:64:f4:bb:c8:4c:a3:7b:79:c5:31:
df:b1:49:c0:b4:f6:48:fa:14:fd:d2:4b:6a:0e:f9:
88:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3B:6E:B3:81:E8:A1:A8:78:F0:42:5E:FF:A5:DB:6F:41:1D:A1:22
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/mDtus4Hooah48EJe_6Xbb0EdoSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
153.92.32.0/21
185.8.86.0/23
185.62.88.0/22
185.65.198.0/23
185.68.76.0/22
193.57.0.0/22
IPv6:
2a04:6ec0::/29
Signature Algorithm: sha256WithRSAEncryption
0c:99:3c:d7:49:37:df:07:9e:10:f4:09:43:65:40:6c:9b:90:
ac:15:b8:35:96:34:29:8e:5e:9b:8a:54:9a:09:13:94:dc:17:
8d:cc:43:ef:8e:82:61:15:b6:04:03:ee:64:df:68:e6:30:87:
05:d6:61:ae:f0:b8:21:65:05:db:89:cb:6a:69:9d:80:0a:b0:
21:16:46:36:dc:19:33:13:04:22:78:5c:9c:88:3c:90:a9:b9:
90:be:c7:01:fb:d2:8b:e5:92:3f:42:93:7a:f2:ed:a0:90:8b:
15:f9:0a:49:41:b1:e7:48:03:9d:61:7a:72:83:7b:44:74:04:
b4:c6:33:dc:64:1a:30:b2:47:bd:8e:6d:1e:4a:bb:29:06:16:
75:3d:b4:16:1a:ff:d0:e8:52:64:71:fa:d0:42:bc:f8:dd:e4:
00:8a:98:e6:0b:74:14:97:7f:51:ee:43:35:57:38:89:65:f6:
e9:66:3a:8a:f3:78:ea:4a:64:58:3a:dc:4b:21:e6:98:60:13:
88:30:15:e2:cb:9f:24:69:5a:31:10:8d:a1:54:d6:8c:79:fd:
9d:21:99:2b:b0:1a:ff:d9:49:cb:1e:1b:23:35:30:4b:b3:86:
cd:09:ab:b6:e9:4d:5b:35:aa:c7:7b:2d:4d:29:43:f2:8b:3c:
14:7a:cc:65
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY4uQl4bBM4dJGfti4Uose+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjQwMzExMTYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNiNmViMzgxZThhMWE4NzhmMDQyNWVmZmE1ZGI2ZjQxMWRhMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjZSa5dlSw3lY3qPIWQm/wwMHm0F
ap65adMyl3JlIsC82SvweqIir4yz09btOjr/PQcIsx3DV5C6Go3cj5Ry65iQIVMP
+u2G1933XfGXzn15/BpzganDPVBaohHDtHCVf+Mu3Zui0un/HHlp4VANYtYyqHhZ
FT979aIY10iENDeVgC4zvGQxoy3Kw0mtXfZl8M7pDwEVLPvtfnsYie4ak8eKOob5
vIDZ37u6a/GDul38dI1TJOBTID15y6/kFolccXFUfrKnfZD3rOmtNn07e4pZ5bpg
QEGIUg4OvO3SDLTVkb3eG2T0u8hMo3t5xTHfsUnAtPZI+hT90ktqDvmIKwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJg7brOB6KGoePBCXv+l229BHaEiMB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvbUR0dXM0SG9vYWg0OEVKZV82WGJiMEVkb1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDHxmYAwQD
JWPIAwQDJXt4AwQDmVwgAwQBuQhWAwQCuT5YAwQBuUHGAwQCuURMAwQCwTkAMA0E
AgACMAcDBQMqBG7AMA0GCSqGSIb3DQEBCwUAA4IBAQAMmTzXSTffB54Q9AlDZUBs
m5CsFbg1ljQpjl6bilSaCROU3BeNzEPvjoJhFbYEA+5k32jmMIcF1mGu8LghZQXb
ictqaZ2ACrAhFkY23BkzEwQieFyciDyQqbmQvscB+9KL5ZI/QpN68u2gkIsV+QpJ
QbHnSAOdYXpyg3tEdAS0xjPcZBowske9jm0eSrspBhZ1PbQWGv/Q6FJkcfrQQrz4
3eQAipjmC3QUl39R7kM1VziJZfbpZjqK83jqSmRYOtxLIeaYYBOIMBXiy58kaVox
EI2hVNaMef2dIZkrsBr/2UnLHhsjNTBLs4bNCau26U1bNarHey1NKUPyizwUesxl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:55 2024 by rpki-client on console-fra.rpki-client.org