Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/mwmKc7UoA6uYdLLMtgBCRU7U3g4.roa
File: mwmKc7UoA6uYdLLMtgBCRU7U3g4.roa (raw, json)
Hash identifier: wtToFMCy1EqxRnfs/YF7z6mzSLpmFttbMy6FL70kwB8=
Subject key identifier: 9B:09:8A:73:B5:28:03:AB:98:74:B2:CC:B6:00:42:45:4E:D4:DE:0E
Certificate issuer: /CN=c5e172872eb7bef0965df13b0fc5d65e75370a19
Certificate serial: 0185715E773B3E48932D2E4D3DAE2440D5FE
Authority key identifier: C5:E1:72:87:2E:B7:BE:F0:96:5D:F1:3B:0F:C5:D6:5E:75:37:0A:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xeFyhy63vvCWXfE7D8XWXnU3Chk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/mwmKc7UoA6uYdLLMtgBCRU7U3g4.roa
Signing time: Mon 02 Jan 2023 07:24:54 +0000
ROA not before: Mon 02 Jan 2023 07:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60351
IP address blocks: 37.77.201.0/24 maxlen: 24
37.77.204.0/24 maxlen: 24
37.77.200.0/24 maxlen: 24
37.77.203.0/24 maxlen: 24
37.77.206.0/24 maxlen: 24
37.77.202.0/24 maxlen: 24
37.77.205.0/24 maxlen: 24
37.77.207.0/24 maxlen: 24
185.21.164.0/22 maxlen: 22
2a00:8140:1000::/36 maxlen: 36
2a00:8140::/36 maxlen: 36
2a00:8140:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:77:3b:3e:48:93:2d:2e:4d:3d:ae:24:40:d5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5e172872eb7bef0965df13b0fc5d65e75370a19
Validity
Not Before: Jan 2 07:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b098a73b52803ab9874b2ccb60042454ed4de0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b5:10:f3:98:9f:1c:20:89:94:8d:d0:2e:4a:
0d:6c:2c:04:16:3d:2c:11:10:9a:48:db:ff:3d:b4:
8a:5c:8c:74:b5:04:18:53:8d:f9:ec:25:cb:d2:95:
c2:ec:21:9d:43:43:ee:5d:42:fd:fc:cc:ba:cb:ba:
3c:c8:6c:11:8b:69:38:d0:99:4a:84:d3:58:3d:f5:
23:01:c0:78:63:8b:9d:c9:82:77:58:72:af:2c:8c:
cb:cd:ec:20:23:82:7d:ee:f4:1f:66:b9:35:1e:1b:
ac:39:0c:3e:d7:1c:d3:0c:1c:2f:f9:39:94:68:c9:
3b:f0:e7:87:78:87:64:d0:5b:d1:96:33:93:44:bc:
bb:14:e2:1a:16:99:a0:d1:78:39:84:2f:f6:b3:95:
51:c1:d9:e8:7e:7a:6e:38:06:a5:62:42:d0:de:1c:
92:26:9a:ba:df:ba:e5:42:7c:2c:c0:6c:f8:80:53:
d3:07:eb:4f:0b:a7:a2:c0:b2:ca:82:4f:8b:3f:ff:
75:7f:47:bc:6a:c5:7b:81:c0:fc:78:11:33:70:ba:
1e:99:be:b2:88:7f:ca:35:38:59:dd:5f:3b:d3:e9:
98:ce:e1:18:9a:cd:9c:5a:14:a7:99:c1:41:0b:0d:
50:06:94:77:ba:8b:05:0b:ed:b4:69:09:58:9f:70:
d5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:09:8A:73:B5:28:03:AB:98:74:B2:CC:B6:00:42:45:4E:D4:DE:0E
X509v3 Authority Key Identifier:
keyid:C5:E1:72:87:2E:B7:BE:F0:96:5D:F1:3B:0F:C5:D6:5E:75:37:0A:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xeFyhy63vvCWXfE7D8XWXnU3Chk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/mwmKc7UoA6uYdLLMtgBCRU7U3g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/7f0d3c-bbd9-4fee-b60b-c465d8902c1b/1/xeFyhy63vvCWXfE7D8XWXnU3Chk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.200.0/21
185.21.164.0/22
IPv6:
2a00:8140::/35
2a00:8140:f000::/36
Signature Algorithm: sha256WithRSAEncryption
89:45:98:d7:92:78:e0:b2:75:7f:0a:49:db:b9:d2:60:76:4b:
0f:00:49:ee:fc:7d:ae:3f:0d:ad:ca:32:f8:1a:d1:bb:19:78:
75:b2:88:e4:74:c8:d8:24:1a:65:2f:30:eb:bb:ee:9f:e8:88:
78:fd:2f:c2:cd:3c:ae:95:45:c9:06:2d:ca:ea:d6:69:ba:dc:
59:8e:32:06:7f:ca:4c:56:d3:34:2e:20:09:ba:0e:1d:aa:bd:
23:6a:c8:da:f6:06:5b:af:f8:bc:5c:3b:85:c9:a8:12:58:ee:
30:cf:6f:a7:62:b0:29:8b:90:9c:3a:08:a5:54:d6:16:f0:22:
e8:24:0e:86:89:f8:75:43:a9:e6:66:3d:02:b4:6c:e9:61:91:
f3:eb:b3:e7:d9:86:9e:71:ae:ff:4c:61:15:93:8b:50:cb:a2:
2a:1a:93:62:8d:cb:df:05:31:97:b3:45:2d:e4:a3:38:95:18:
79:d3:f1:be:2e:34:da:55:89:98:de:ef:4c:b0:84:05:84:8b:
92:53:57:2e:20:7e:b2:9f:4f:dd:e7:18:2a:a8:80:0d:d9:9e:
1b:35:1c:8a:a8:0b:18:ed:6a:a2:f2:37:80:50:a3:49:0a:29:
e7:24:c5:54:7a:e8:19:6d:b3:ed:b3:79:52:ca:1b:3c:1e:3e:
b0:80:e1:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxXnc7PkiTLS5NPa4kQNX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZTE3Mjg3MmViN2JlZjA5NjVkZjEzYjBmYzVkNjVlNzUz
NzBhMTkwHhcNMjMwMTAyMDcyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjA5OGE3M2I1MjgwM2FiOTg3NGIyY2NiNjAwNDI0NTRlZDRkZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbUQ85ifHCCJlI3QLkoNbCwEFj0s
ERCaSNv/PbSKXIx0tQQYU4357CXL0pXC7CGdQ0PuXUL9/My6y7o8yGwRi2k40JlK
hNNYPfUjAcB4Y4udyYJ3WHKvLIzLzewgI4J97vQfZrk1HhusOQw+1xzTDBwv+TmU
aMk78OeHeIdk0FvRljOTRLy7FOIaFpmg0Xg5hC/2s5VRwdnofnpuOAalYkLQ3hyS
Jpq637rlQnwswGz4gFPTB+tPC6eiwLLKgk+LP/91f0e8asV7gcD8eBEzcLoemb6y
iH/KNThZ3V870+mYzuEYms2cWhSnmcFBCw1QBpR3uosFC+20aQlYn3DVhQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJsJinO1KAOrmHSyzLYAQkVO1N4OMB8GA1UdIwQY
MBaAFMXhcocut77wll3xOw/F1l51NwoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGVGeWh5NjN2dkNXWGZFN0Q4WFdYblUzQ2hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83ZjBkM2MtYmJkOS00ZmVlLWI2MGIt
YzQ2NWQ4OTAyYzFiLzEvbXdtS2M3VW9BNnVZZExMTXRnQkNSVTdVM2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83ZjBkM2MtYmJkOS00ZmVlLWI2MGItYzQ2NWQ4OTAyYzFi
LzEveGVGeWh5NjN2dkNXWGZFN0Q4WFdYblUzQ2hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDJU3IAwQC
uRWkMBYEAgACMBADBgUqAIFAAAMGBCoAgUDwMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
RZjXknjgsnV/CknbudJgdksPAEnu/H2uPw2tyjL4GtG7GXh1sojkdMjYJBplLzDr
u+6f6Ih4/S/CzTyulUXJBi3K6tZputxZjjIGf8pMVtM0LiAJug4dqr0jasja9gZb
r/i8XDuFyagSWO4wz2+nYrApi5CcOgilVNYW8CLoJA6Gifh1Q6nmZj0CtGzpYZHz
67Pn2Yaeca7/TGEVk4tQy6IqGpNijcvfBTGXs0Ut5KM4lRh50/G+LjTaVYmY3u9M
sIQFhIuSU1cuIH6yn0/d5xgqqIAN2Z4bNRyKqAsY7Wqi8jeAUKNJCinnJMVUeugZ
bbPts3lSyhs8Hj6wgOEH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:47 2024 by rpki-client on console-fra.rpki-client.org