Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/MkOn41LuTZIHukjCk42CBWudCBU.roa
File: MkOn41LuTZIHukjCk42CBWudCBU.roa (raw, json)
Hash identifier: Wrq6KIVL4prviCqmAdW2/kVBWpZaaqO/02Lsv+d2lRU=
Subject key identifier: 32:43:A7:E3:52:EE:4D:92:07:BA:48:C2:93:8D:82:05:6B:9D:08:15
Certificate issuer: /CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Certificate serial: 018943B15C5250A2FC87F2504E9CE31C0574
Authority key identifier: C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/MkOn41LuTZIHukjCk42CBWudCBU.roa
Signing time: Tue 11 Jul 2023 06:44:04 +0000
ROA not before: Tue 11 Jul 2023 06:44:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15967
IP address blocks: 77.55.208.0/20 maxlen: 20
77.55.224.0/20 maxlen: 20
77.55.240.0/22 maxlen: 22
77.55.246.0/24 maxlen: 24
77.55.248.0/22 maxlen: 22
77.55.252.0/23 maxlen: 23
77.55.247.0/24 maxlen: 24
77.55.152.0/24 maxlen: 24
77.55.159.0/24 maxlen: 24
77.55.158.0/24 maxlen: 24
77.55.153.0/24 maxlen: 24
77.55.156.0/23 maxlen: 23
77.55.155.0/24 maxlen: 24
77.55.154.0/24 maxlen: 24
77.55.166.0/24 maxlen: 24
77.55.160.0/23 maxlen: 23
77.55.160.0/20 maxlen: 20
77.55.164.0/23 maxlen: 23
77.55.162.0/23 maxlen: 23
77.55.172.0/23 maxlen: 23
77.55.167.0/24 maxlen: 24
77.55.170.0/23 maxlen: 23
77.55.168.0/23 maxlen: 23
77.55.174.0/23 maxlen: 23
77.55.178.0/24 maxlen: 24
77.55.177.0/24 maxlen: 24
77.55.176.0/23 maxlen: 23
77.55.176.0/24 maxlen: 24
77.55.176.0/21 maxlen: 21
77.55.179.0/24 maxlen: 24
77.55.186.0/23 maxlen: 23
77.55.181.0/24 maxlen: 24
77.55.180.0/23 maxlen: 23
77.55.184.0/23 maxlen: 23
77.55.182.0/23 maxlen: 23
77.55.192.0/20 maxlen: 20
77.55.188.0/23 maxlen: 23
77.55.190.0/23 maxlen: 23
77.55.0.0/18 maxlen: 18
77.55.0.0/16 maxlen: 16
31.172.170.0/23 maxlen: 23
31.172.169.0/24 maxlen: 24
31.172.168.0/24 maxlen: 24
31.172.168.0/22 maxlen: 22
77.55.96.0/22 maxlen: 22
77.55.104.0/23 maxlen: 23
77.55.100.0/22 maxlen: 22
77.55.112.0/23 maxlen: 23
77.55.108.0/22 maxlen: 22
77.55.106.0/23 maxlen: 23
77.55.118.0/23 maxlen: 23
77.55.116.0/23 maxlen: 23
77.55.114.0/23 maxlen: 23
77.55.122.0/23 maxlen: 23
77.55.121.0/24 maxlen: 24
77.55.120.0/24 maxlen: 24
77.55.125.0/24 maxlen: 24
77.55.124.0/24 maxlen: 24
77.55.126.0/24 maxlen: 24
77.55.128.0/20 maxlen: 20
77.55.127.0/24 maxlen: 24
77.55.144.0/21 maxlen: 21
77.55.64.0/22 maxlen: 22
77.55.68.0/22 maxlen: 22
77.55.76.0/23 maxlen: 23
77.55.78.0/23 maxlen: 23
77.55.72.0/22 maxlen: 22
77.55.84.0/22 maxlen: 22
77.55.90.0/23 maxlen: 23
77.55.88.0/23 maxlen: 23
85.128.160.0/19 maxlen: 19
85.128.192.0/18 maxlen: 18
85.128.130.0/24 maxlen: 24
85.128.129.0/24 maxlen: 24
85.128.128.0/24 maxlen: 24
85.128.128.0/17 maxlen: 17
85.128.132.0/23 maxlen: 23
85.128.131.0/24 maxlen: 24
85.128.136.0/22 maxlen: 22
85.128.135.0/24 maxlen: 24
85.128.134.0/24 maxlen: 24
85.128.144.0/20 maxlen: 20
85.128.143.0/24 maxlen: 24
85.128.142.0/24 maxlen: 24
85.128.140.0/23 maxlen: 23
2a01:6100:fe01::/48 maxlen: 48
2a01:6100::/32 maxlen: 32
2a01:6100:fe02::/48 maxlen: 48
2a01:6100::/48 maxlen: 48
2a01:6100:fe00::/48 maxlen: 48
2a01:6100:111::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Jul 2023 06:56:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:43:b1:5c:52:50:a2:fc:87:f2:50:4e:9c:e3:1c:05:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a2f42407f21c9d7690fb30fd8cdb2bfdf6d030
Validity
Not Before: Jul 11 06:44:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3243a7e352ee4d9207ba48c2938d82056b9d0815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:65:33:d5:61:65:7d:09:ec:78:10:d8:67:e1:
59:70:ef:7b:cb:ae:3e:61:aa:4d:00:fe:1e:2d:92:
69:9e:b4:19:21:56:9a:3f:ef:9f:91:32:35:f1:b4:
bd:8c:b8:46:20:e5:a6:29:25:6e:2e:dd:41:98:11:
f8:d1:b1:3a:de:12:8b:3f:52:ef:82:42:fc:d5:35:
b8:05:11:45:0e:34:50:3f:1a:d7:e4:6f:ba:93:f0:
88:4c:88:4a:a2:dc:d8:ba:d2:92:db:0a:e3:02:af:
6a:dc:ec:8d:d4:65:a7:9d:5a:1e:4a:31:65:5d:a5:
87:63:26:ec:a5:4d:bd:f5:08:91:f6:1e:52:d7:d2:
41:40:2b:ef:36:73:32:ae:66:95:46:99:42:20:84:
72:7d:89:92:2c:58:88:ed:31:cf:9b:df:3e:bd:a7:
5e:44:9b:ac:c3:71:ec:eb:c5:26:0e:11:fc:5e:99:
b8:bf:f7:50:c5:5a:86:d2:a2:9b:02:b2:45:95:6c:
83:c8:1c:3d:fc:6f:34:52:aa:fe:2b:f6:e3:47:46:
0f:8a:d9:11:0d:31:3d:06:52:41:42:da:b8:e1:cb:
d9:6f:aa:62:e6:c6:7c:b3:4c:35:ad:de:37:f5:a3:
42:54:83:87:fe:11:35:50:36:b2:8f:09:1b:be:27:
17:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:43:A7:E3:52:EE:4D:92:07:BA:48:C2:93:8D:82:05:6B:9D:08:15
X509v3 Authority Key Identifier:
keyid:C5:A2:F4:24:07:F2:1C:9D:76:90:FB:30:FD:8C:DB:2B:FD:F6:D0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaL0JAfyHJ12kPsw_YzbK_320DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/MkOn41LuTZIHukjCk42CBWudCBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a18e1-67c8-492e-8fba-fb5c62e42f6b/1/xaL0JAfyHJ12kPsw_YzbK_320DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.168.0/22
77.55.0.0/16
85.128.128.0/17
IPv6:
2a01:6100::/32
Signature Algorithm: sha256WithRSAEncryption
34:90:9d:7c:0f:a6:94:22:86:2e:aa:68:04:6a:23:89:a8:32:
f8:4e:84:2f:9b:14:47:e8:d0:b2:35:2c:b5:d1:e1:1a:d8:a1:
f6:ca:81:b1:cf:04:92:b6:9c:91:cb:1a:a3:15:29:a3:87:b0:
66:62:41:7e:99:33:0c:9c:43:6f:b5:c3:2a:bc:ee:e6:9d:e2:
8b:c0:dc:66:00:b5:e4:e1:09:b5:85:c2:f8:ac:5c:5d:60:65:
c8:58:38:47:77:36:9a:ed:25:e9:2c:99:5a:fe:80:5a:db:6e:
3c:16:61:26:50:24:78:c3:36:e0:38:8a:38:e4:31:ca:10:43:
87:97:14:59:c9:16:d8:d1:a5:95:82:50:90:c9:d2:bb:b4:3c:
b8:78:f5:08:c1:44:07:76:8f:37:39:6e:6d:cd:34:73:47:ed:
b2:e1:60:07:37:9d:cf:ea:8e:0e:3b:5a:df:c0:d1:71:b2:ed:
a1:6a:35:52:f4:f5:bd:a6:ee:fe:e5:4e:8a:07:fd:83:2d:d8:
fb:d4:e7:8e:fb:42:e4:27:53:a7:2a:4e:d0:70:58:d2:f6:4d:
66:43:eb:a3:1b:44:7c:54:18:6d:cd:31:b0:7b:15:fd:25:6b:
cb:eb:36:20:f3:f4:d7:dd:ab:fc:86:a1:4e:4d:2c:72:ed:ae:
63:07:46:8e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYlDsVxSUKL8h/JQTpzjHAV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTJmNDI0MDdmMjFjOWQ3NjkwZmIzMGZkOGNkYjJiZmRm
NmQwMzAwHhcNMjMwNzExMDY0NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQzYTdlMzUyZWU0ZDkyMDdiYTQ4YzI5MzhkODIwNTZiOWQwODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWUz1WFlfQnseBDYZ+FZcO97y64+
YapNAP4eLZJpnrQZIVaaP++fkTI18bS9jLhGIOWmKSVuLt1BmBH40bE63hKLP1Lv
gkL81TW4BRFFDjRQPxrX5G+6k/CITIhKotzYutKS2wrjAq9q3OyN1GWnnVoeSjFl
XaWHYybspU299QiR9h5S19JBQCvvNnMyrmaVRplCIIRyfYmSLFiI7THPm98+vade
RJusw3Hs68UmDhH8Xpm4v/dQxVqG0qKbArJFlWyDyBw9/G80Uqr+K/bjR0YPitkR
DTE9BlJBQtq44cvZb6pi5sZ8s0w1rd439aNCVIOH/hE1UDayjwkbvicXDwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDJDp+NS7k2SB7pIwpONggVrnQgVMB8GA1UdIwQY
MBaAFMWi9CQH8hyddpD7MP2M2yv99tAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEt
ZmI1YzYyZTQyZjZiLzEvTWtPbjQxTHVUWklIdWtqQ2s0MkNCV3VkQ0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTE4ZTEtNjdjOC00OTJlLThmYmEtZmI1YzYyZTQyZjZi
LzEveGFMMEpBZnlISjEya1Bzd19ZemJLXzMyMERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQCH6yoAwMA
TTcDBAdVgIAwDQQCAAIwBwMFACoBYQAwDQYJKoZIhvcNAQELBQADggEBADSQnXwP
ppQihi6qaARqI4moMvhOhC+bFEfo0LI1LLXR4RrYofbKgbHPBJK2nJHLGqMVKaOH
sGZiQX6ZMwycQ2+1wyq87uad4ovA3GYAteThCbWFwvisXF1gZchYOEd3NprtJeks
mVr+gFrbbjwWYSZQJHjDNuA4ijjkMcoQQ4eXFFnJFtjRpZWCUJDJ0ru0PLh49QjB
RAd2jzc5bm3NNHNH7bLhYAc3nc/qjg47Wt/A0XGy7aFqNVL09b2m7v7lTooH/YMt
2PvU5477QuQnU6cqTtBwWNL2TWZD66MbRHxUGG3NMbB7Ff0la8vrNiDz9Nfdq/yG
oU5NLHLtrmMHRo4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:39 2024 by rpki-client on console-fra.rpki-client.org