Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/MlSLd-bxBy5viKcyhI-2SZawCwg.roa
File: MlSLd-bxBy5viKcyhI-2SZawCwg.roa (raw, json)
Hash identifier: I4ICjN4CgMkIobZjWLpxBa8hWILFshU2mQNEDmbKeCg=
Subject key identifier: 32:54:8B:77:E6:F1:07:2E:6F:88:A7:32:84:8F:B6:49:96:B0:0B:08
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 0191DD102604E42FFA9E3A17A286A9CD89B2
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/MlSLd-bxBy5viKcyhI-2SZawCwg.roa
Signing time: Tue 10 Sep 2024 17:51:48 +0000
ROA not before: Tue 10 Sep 2024 17:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 24
37.98.232.0/22 maxlen: 24
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 24
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 24
148.139.8.0/22 maxlen: 24
148.139.12.0/22 maxlen: 24
148.139.16.0/22 maxlen: 24
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 24
148.139.48.0/20 maxlen: 24
148.139.64.0/20 maxlen: 24
148.139.80.0/20 maxlen: 24
148.139.96.0/22 maxlen: 24
148.139.100.0/22 maxlen: 24
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 24
148.139.112.0/22 maxlen: 24
148.139.116.0/22 maxlen: 24
148.139.120.0/22 maxlen: 24
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.136.0/22 maxlen: 24
148.139.140.0/24 maxlen: 24
148.139.142.0/24 maxlen: 24
148.139.143.0/24 maxlen: 24
148.139.144.0/22 maxlen: 24
148.139.144.0/24 maxlen: 24
148.139.148.0/22 maxlen: 22
148.139.152.0/22 maxlen: 24
148.139.156.0/22 maxlen: 24
148.139.160.0/20 maxlen: 24
148.139.176.0/20 maxlen: 24
148.139.192.0/24 maxlen: 24
148.139.193.0/24 maxlen: 24
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:3910::/48 maxlen: 48
2a04:37c0:3920::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Sep 2024 14:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:10:26:04:e4:2f:fa:9e:3a:17:a2:86:a9:cd:89:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Sep 10 17:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32548b77e6f1072e6f88a732848fb64996b00b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cd:2e:8c:0d:ba:91:0d:79:55:9b:6d:79:d3:
76:5b:3b:61:07:ee:54:5c:0c:4c:eb:19:45:4a:3d:
b6:55:0f:c2:93:0e:63:fd:82:50:97:02:50:73:36:
47:a7:16:71:0e:28:3a:c4:33:5f:04:80:8c:bc:1a:
97:fd:5f:b8:3a:f9:3c:a1:70:d6:59:af:4c:ff:f8:
ed:f3:6c:15:d0:03:49:88:e3:d4:8a:e6:fd:da:1e:
d1:c8:ac:bf:1d:59:60:16:7d:dd:94:07:af:4a:61:
00:36:f7:38:40:0c:a7:bf:e1:ab:ad:a6:0f:e8:13:
df:50:90:b1:e5:39:52:3b:81:47:14:f8:e1:b0:51:
1e:b4:4e:b7:62:52:ce:7c:97:32:2e:f6:5b:2b:06:
03:16:19:9d:99:46:73:d4:25:de:e0:79:93:9d:31:
b4:a0:9c:09:1a:40:e0:54:9b:f5:26:6c:b7:0d:09:
df:ef:d7:ba:d7:b6:41:d4:df:60:89:3f:d4:5c:5e:
61:b6:3b:af:24:4c:2a:87:fb:11:85:c4:2d:5c:a1:
34:bc:90:22:f9:ce:24:a6:75:1f:77:a1:b7:b2:5c:
d6:b9:99:fd:c6:7e:4e:9a:29:a1:c5:51:8b:f3:d6:
c4:60:10:ff:23:47:6c:3a:49:89:c9:44:ff:f5:1a:
c9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:54:8B:77:E6:F1:07:2E:6F:88:A7:32:84:8F:B6:49:96:B0:0B:08
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/MlSLd-bxBy5viKcyhI-2SZawCwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:16:a0:cd:f8:ac:8a:c6:d7:2b:a0:9b:68:ca:69:a6:f9:32:
15:fd:2b:78:57:9a:41:f0:f4:19:dc:05:82:f7:7d:b7:84:5a:
b9:13:a8:68:36:70:01:eb:63:7c:dc:c0:6b:8e:f7:67:80:ce:
86:1d:dd:07:b8:5f:68:9b:12:2f:7c:14:56:e8:7e:1e:a8:e6:
e0:07:58:95:7e:e9:90:2a:b4:13:b9:0b:ea:9d:2b:59:52:ca:
6e:b5:99:7a:51:5f:21:7e:a1:72:e5:af:3b:3d:ca:a1:13:f9:
6f:61:23:9a:86:fc:d6:64:e9:53:45:a5:29:be:0f:c3:42:3a:
54:7a:85:72:20:e3:7c:3d:3e:07:bc:83:f0:43:3b:34:a9:07:
d6:13:a1:64:01:49:e0:67:e5:fa:3e:a4:7a:fb:6f:6d:31:42:
c6:9f:52:c5:ee:1f:1a:be:ed:22:48:8a:bf:f3:4c:85:bc:03:
d4:72:aa:83:a8:d4:18:b6:04:a6:b6:a9:bb:9d:be:c7:23:a2:
6b:9c:22:c1:56:d6:ad:de:3f:cf:1a:52:02:df:05:19:87:fb:
d0:ed:72:21:43:dc:fd:2a:56:aa:a7:ab:3b:e1:16:18:52:19:
f2:09:f8:36:8c:e1:03:e3:34:09:78:64:ee:0a:cf:8c:5a:fb:
26:3a:57:6f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZHdECYE5C/6njoXooapzYmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwOTEwMTc1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjU0OGI3N2U2ZjEwNzJlNmY4OGE3MzI4NDhmYjY0OTk2YjAwYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk80ujA26kQ15VZttedN2WzthB+5U
XAxM6xlFSj22VQ/Ckw5j/YJQlwJQczZHpxZxDig6xDNfBICMvBqX/V+4Ovk8oXDW
Wa9M//jt82wV0ANJiOPUiub92h7RyKy/HVlgFn3dlAevSmEANvc4QAynv+GrraYP
6BPfUJCx5TlSO4FHFPjhsFEetE63YlLOfJcyLvZbKwYDFhmdmUZz1CXe4HmTnTG0
oJwJGkDgVJv1Jmy3DQnf79e617ZB1N9giT/UXF5htjuvJEwqh/sRhcQtXKE0vJAi
+c4kpnUfd6G3slzWuZn9xn5OmimhxVGL89bEYBD/I0dsOkmJyUT/9RrJlwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDJUi3fm8Qcub4inMoSPtkmWsAsIMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvTWxTTGQtYnhCeTV2aUtjeWhJLTJTWmF3Q3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAtYjI5ZjEwY2MwMzI4
LzEvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQDJWLoAwQH
iPKAAwQHigyAAwMAlIsDBAedBYADBAedRgADBAejeIADBAelqwAwDQQCAAIwBwMF
AyoEN8AwDQYJKoZIhvcNAQELBQADggEBAKUWoM34rIrG1yugm2jKaab5MhX9K3hX
mkHw9BncBYL3fbeEWrkTqGg2cAHrY3zcwGuO92eAzoYd3Qe4X2ibEi98FFbofh6o
5uAHWJV+6ZAqtBO5C+qdK1lSym61mXpRXyF+oXLlrzs9yqET+W9hI5qG/NZk6VNF
pSm+D8NCOlR6hXIg43w9Pge8g/BDOzSpB9YToWQBSeBn5fo+pHr7b20xQsafUsXu
Hxq+7SJIir/zTIW8A9RyqoOo1Bi2BKa2qbudvscjomucIsFW1q3eP88aUgLfBRmH
+9DtciFD3P0qVqqnqzvhFhhSGfIJ+DaM4QPjNAl4ZO4Kz4xa+yY6V28=
-----END CERTIFICATE-----
Generated at Wed Sep 11 17:40:32 2024 by rpki-client on console-fra.rpki-client.org