Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mtDWW_PI7K2qw0oghGV3feiDkrQ.roa
File: mtDWW_PI7K2qw0oghGV3feiDkrQ.roa (raw, json)
Hash identifier: fQZyu+mYZtAp7HJhFBIyV+/C49o5PjPnu5pYipmvEDo=
Subject key identifier: 9A:D0:D6:5B:F3:C8:EC:AD:AA:C3:4A:20:84:65:77:7D:E8:83:92:B4
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019183DBC0E83BAE17AB0EB1BE81C48B3BA7
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mtDWW_PI7K2qw0oghGV3feiDkrQ.roa
Signing time: Sat 24 Aug 2024 10:08:22 +0000
ROA not before: Sat 24 Aug 2024 10:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:83:db:c0:e8:3b:ae:17:ab:0e:b1:be:81:c4:8b:3b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 24 10:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ad0d65bf3c8ecadaac34a208465777de88392b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:36:c5:72:19:92:6f:51:f4:de:ae:f9:58:35:
55:bf:58:04:8e:e3:84:e3:d9:c6:fd:60:58:18:ec:
11:5a:b5:bf:e3:30:bd:85:b6:9c:93:3d:6c:e5:0f:
d1:fb:2a:32:a4:39:44:2b:d1:ea:51:a8:7f:6e:94:
b5:db:6f:56:81:1e:79:56:26:bc:86:c2:96:48:1c:
77:d3:a3:11:82:cc:f3:e7:e9:fe:89:11:d6:88:52:
47:0b:8f:0a:a2:a6:53:12:99:63:ad:e4:93:a6:b8:
ca:8e:85:58:78:7d:7d:51:f5:3e:c6:dd:39:39:ae:
01:6d:c3:21:f0:bd:ef:5c:80:fa:d0:17:1a:37:ae:
df:28:ce:70:bf:5f:fe:09:8a:5c:71:3d:0e:fe:53:
c0:ee:8d:4e:e5:63:cf:db:eb:bf:20:75:d6:7d:29:
7b:7e:56:4d:e0:7f:6e:da:00:ef:94:42:ce:69:17:
6a:1d:2e:05:49:09:6d:9a:a5:0f:44:02:40:15:80:
08:50:62:0d:4d:c0:85:1d:62:53:3f:29:65:34:87:
3d:ed:b7:df:db:d6:ee:d5:fa:60:68:b9:09:e7:6a:
29:62:52:f6:f3:33:70:b4:ac:5c:94:50:7f:b6:5c:
07:9d:a8:d7:d9:bd:a9:31:57:38:2e:ae:8a:e4:48:
56:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D0:D6:5B:F3:C8:EC:AD:AA:C3:4A:20:84:65:77:7D:E8:83:92:B4
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mtDWW_PI7K2qw0oghGV3feiDkrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:36:02:b5:90:ac:a3:fc:95:0f:d5:9e:6d:bb:4d:7b:27:d8:
bf:21:b0:19:87:be:bc:e4:97:c1:6f:fd:72:c6:53:88:9a:f0:
97:3c:70:b2:6d:30:9c:05:37:80:c3:8c:f5:4a:f5:0f:80:e5:
35:0e:c9:4a:26:e1:0e:22:8b:be:5e:03:f4:29:7f:3f:50:f1:
23:82:dc:29:63:6d:08:e3:2e:d7:fa:8f:6a:15:af:12:46:5f:
2b:75:f7:fa:7a:30:fc:9b:9b:67:b3:13:78:79:d5:90:2b:62:
18:2e:19:40:55:80:b7:3b:9d:e9:66:93:a8:23:d3:d1:7f:82:
ab:d6:15:01:10:de:f4:51:67:c4:db:0e:b2:8f:7b:19:59:44:
66:63:6e:f8:09:1f:b3:49:4d:f1:18:8f:76:a9:eb:78:44:2c:
5e:7a:95:83:d7:d8:83:7c:df:8e:9d:fc:21:02:33:c2:93:56:
0a:0d:dc:84:1c:fe:89:0a:fc:94:0f:cd:57:d7:7e:22:0d:69:
51:b2:29:4a:8a:d5:14:5f:ce:b9:d2:ad:d7:41:c2:60:4d:00:
9d:77:be:1c:be:c1:5c:07:ef:bb:f6:c7:13:a2:6a:52:52:63:
ea:5f:c6:27:c9:77:38:bf:ae:42:d8:e7:bd:f1:aa:0f:70:15:
47:dc:2a:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGD28DoO64Xqw6xvoHEizunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODI0MTAwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQwZDY1YmYzYzhlY2FkYWFjMzRhMjA4NDY1Nzc3ZGU4ODM5MmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTbFchmSb1H03q75WDVVv1gEjuOE
49nG/WBYGOwRWrW/4zC9hbackz1s5Q/R+yoypDlEK9HqUah/bpS1229WgR55Via8
hsKWSBx306MRgszz5+n+iRHWiFJHC48KoqZTEpljreSTprjKjoVYeH19UfU+xt05
Oa4BbcMh8L3vXID60BcaN67fKM5wv1/+CYpccT0O/lPA7o1O5WPP2+u/IHXWfSl7
flZN4H9u2gDvlELOaRdqHS4FSQltmqUPRAJAFYAIUGINTcCFHWJTPyllNIc97bff
29bu1fpgaLkJ52opYlL28zNwtKxclFB/tlwHnajX2b2pMVc4Lq6K5EhWMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJrQ1lvzyOytqsNKIIRld33og5K0MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbXREV1dfUEk3SzJxdzBvZ2hHVjNmZWlEa3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbVUAwQA
LV6qAwQAW99uMA0GCSqGSIb3DQEBCwUAA4IBAQAONgK1kKyj/JUP1Z5tu017J9i/
IbAZh7685JfBb/1yxlOImvCXPHCybTCcBTeAw4z1SvUPgOU1DslKJuEOIou+XgP0
KX8/UPEjgtwpY20I4y7X+o9qFa8SRl8rdff6ejD8m5tnsxN4edWQK2IYLhlAVYC3
O53pZpOoI9PRf4Kr1hUBEN70UWfE2w6yj3sZWURmY274CR+zSU3xGI92qet4RCxe
epWD19iDfN+OnfwhAjPCk1YKDdyEHP6JCvyUD81X134iDWlRsilKitUUX8650q3X
QcJgTQCdd74cvsFcB++79scTompSUmPqX8YnyXc4v65C2Oe98aoPcBVH3CpV
-----END CERTIFICATE-----
Generated at Mon Sep 2 12:55:52 2024 by rpki-client on console-fra.rpki-client.org