Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/mPlMlKCDTCQr_NWw9Vz0IcYHoz4.roa
File: mPlMlKCDTCQr_NWw9Vz0IcYHoz4.roa (raw, json)
Hash identifier: uMix+q9bsaCCj3PTtsOAoGTR2Og6TwtloB1megPghMA=
Subject key identifier: 98:F9:4C:94:A0:83:4C:24:2B:FC:D5:B0:F5:5C:F4:21:C6:07:A3:3E
Certificate issuer: /CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Certificate serial: 01949202D4D5387095600DCDDF443DD6EA74
Authority key identifier: 8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/mPlMlKCDTCQr_NWw9Vz0IcYHoz4.roa
Signing time: Thu 23 Jan 2025 07:14:06 +0000
ROA not before: Thu 23 Jan 2025 07:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49813
IP address blocks: 5.63.128.0/21 maxlen: 21
5.63.131.0/24 maxlen: 24
5.63.132.0/22 maxlen: 24
5.63.134.0/24 maxlen: 24
109.105.128.0/20 maxlen: 20
109.105.129.0/24 maxlen: 24
109.105.133.0/24 maxlen: 24
109.105.135.0/24 maxlen: 24
109.105.137.0/24 maxlen: 24
109.105.138.0/24 maxlen: 24
109.105.139.0/24 maxlen: 24
109.105.144.0/21 maxlen: 24
109.105.144.0/23 maxlen: 24
109.105.144.0/24 maxlen: 24
109.105.146.0/24 maxlen: 24
109.105.147.0/24 maxlen: 24
109.105.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 07:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:02:d4:d5:38:70:95:60:0d:cd:df:44:3d:d6:ea:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ceb23e2c5d9f2c734488904505835ef2809fb3b
Validity
Not Before: Jan 23 07:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f94c94a0834c242bfcd5b0f55cf421c607a33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d7:54:ce:67:11:46:d1:3a:46:3e:09:98:d9:
87:a0:b1:19:7a:ab:43:c9:37:8a:16:71:f9:8b:b6:
84:d2:9b:bb:2a:a3:63:49:c7:15:45:fd:03:aa:e7:
58:b7:94:a4:64:85:89:fb:ce:92:9f:54:56:77:3c:
0d:4c:77:30:60:66:ab:d6:e5:ef:a6:b0:46:c6:1e:
ee:bc:df:51:1c:17:4f:2d:d0:3f:7c:e3:59:a7:62:
ae:55:47:1b:c1:8b:24:76:a5:d7:57:6c:bb:27:00:
69:75:34:c2:13:d4:64:8b:0c:52:48:72:77:b7:bf:
97:6e:cd:33:41:99:7c:f4:98:ff:f5:d0:37:52:90:
7b:0b:06:cf:12:8a:c2:c1:95:3e:09:56:7e:71:b5:
95:be:00:4d:2b:08:6f:b8:d7:3e:86:3c:da:2c:68:
db:76:41:c0:29:1d:91:d9:db:17:c8:9b:bd:e5:f2:
f0:32:38:3e:da:8a:c9:cc:b6:63:80:90:52:1a:54:
81:ec:7e:f9:1e:07:03:94:8f:6b:18:9a:81:33:6a:
42:c7:6b:a5:c9:f7:b7:b4:47:45:b7:70:61:1a:57:
21:d6:d9:ae:99:78:c9:79:ce:a9:88:45:66:df:3c:
76:4b:a6:e3:aa:bf:81:9f:22:68:ef:bf:ec:e1:65:
f1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F9:4C:94:A0:83:4C:24:2B:FC:D5:B0:F5:5C:F4:21:C6:07:A3:3E
X509v3 Authority Key Identifier:
keyid:8C:EB:23:E2:C5:D9:F2:C7:34:48:89:04:50:58:35:EF:28:09:FB:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/mPlMlKCDTCQr_NWw9Vz0IcYHoz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/699292-3da0-4772-af82-8334e362236d/1/jOsj4sXZ8sc0SIkEUFg17ygJ-zs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.128.0/21
109.105.128.0-109.105.151.255
Signature Algorithm: sha256WithRSAEncryption
35:a6:cb:b2:33:2a:fd:97:27:c8:8c:17:77:0c:bf:02:26:83:
f5:35:bf:eb:b5:97:5b:66:e7:f5:27:15:7d:54:d4:ab:89:4b:
fc:f6:17:2b:1d:7a:0e:5b:a6:53:42:23:31:53:ff:19:9f:0a:
e5:0e:34:66:64:32:7c:4c:3e:e9:2b:29:ac:1c:e0:ac:73:50:
38:8c:17:f5:e3:48:50:e1:8e:b8:a1:b4:9b:09:a4:de:4e:8d:
1f:d8:c3:1c:da:46:ea:22:26:0e:2f:e5:41:2f:b0:42:d0:0b:
f8:ab:4a:07:8c:86:57:55:77:c5:4d:1f:de:b6:6a:3b:59:6b:
5f:ce:95:f3:8b:9c:4f:cc:7f:3e:35:c9:f4:fc:7c:d0:9d:8c:
87:70:50:e9:5c:13:0d:63:bf:ad:0c:be:b5:85:64:28:58:d5:
ac:e7:63:83:7d:9d:8d:d4:af:05:2f:5f:41:1c:09:5e:be:d7:
96:0d:6c:83:1a:28:1f:31:25:71:ac:c8:5f:76:ed:2e:d6:47:
9e:03:0e:4b:76:b8:23:38:15:c1:f8:eb:26:4e:77:82:74:b7:
97:03:03:95:a0:b8:67:92:c9:48:76:42:2d:fd:b1:ca:0f:91:
10:a9:d6:95:3c:ee:3c:ba:7b:3d:c7:d9:15:e3:31:0f:8b:23:
d3:02:26:2b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZSSAtTVOHCVYA3N30Q91up0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWIyM2UyYzVkOWYyYzczNDQ4ODkwNDUwNTgzNWVmMjgw
OWZiM2IwHhcNMjUwMTIzMDcxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY5NGM5NGEwODM0YzI0MmJmY2Q1YjBmNTVjZjQyMWM2MDdhMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9dUzmcRRtE6Rj4JmNmHoLEZeqtD
yTeKFnH5i7aE0pu7KqNjSccVRf0DqudYt5SkZIWJ+86Sn1RWdzwNTHcwYGar1uXv
prBGxh7uvN9RHBdPLdA/fONZp2KuVUcbwYskdqXXV2y7JwBpdTTCE9RkiwxSSHJ3
t7+Xbs0zQZl89Jj/9dA3UpB7CwbPEorCwZU+CVZ+cbWVvgBNKwhvuNc+hjzaLGjb
dkHAKR2R2dsXyJu95fLwMjg+2orJzLZjgJBSGlSB7H75HgcDlI9rGJqBM2pCx2ul
yfe3tEdFt3BhGlch1tmumXjJec6piEVm3zx2S6bjqr+BnyJo77/s4WXxWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJj5TJSgg0wkK/zVsPVc9CHGB6M+MB8GA1UdIwQY
MBaAFIzrI+LF2fLHNEiJBFBYNe8oCfs7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODIt
ODMzNGUzNjIyMzZkLzEvbVBsTWxLQ0RUQ1FyX05XdzlWejBJY1lIb3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82OTkyOTItM2RhMC00NzcyLWFmODItODMzNGUzNjIyMzZk
LzEvak9zajRzWFo4c2MwU0lrRVVGZzE3eWdKLXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDBT+AMAwD
BAdtaYADBANtaZAwDQYJKoZIhvcNAQELBQADggEBADWmy7IzKv2XJ8iMF3cMvwIm
g/U1v+u1l1tm5/UnFX1U1KuJS/z2Fysdeg5bplNCIzFT/xmfCuUONGZkMnxMPukr
Kawc4KxzUDiMF/XjSFDhjrihtJsJpN5OjR/YwxzaRuoiJg4v5UEvsELQC/irSgeM
hldVd8VNH962ajtZa1/OlfOLnE/Mfz41yfT8fNCdjIdwUOlcEw1jv60MvrWFZChY
1aznY4N9nY3UrwUvX0EcCV6+15YNbIMaKB8xJXGsyF927S7WR54DDkt2uCM4FcH4
6yZOd4J0t5cDA5WguGeSyUh2Qi39scoPkRCp1pU87jy6ez3H2RXjMQ+LI9MCJis=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:34:51 2025 by rpki-client