Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/M17yn8irN8kkWcVzYWnduD62cEc.roa
File: M17yn8irN8kkWcVzYWnduD62cEc.roa (raw, json)
Hash identifier: abnYnrH8e/jAjgBG501jLZmBwS0BnCXT5Z6SrD6+HTE=
Subject key identifier: 33:5E:F2:9F:C8:AB:37:C9:24:59:C5:73:61:69:DD:B8:3E:B6:70:47
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB235F0D48BB5D69DCC3F99810167C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/M17yn8irN8kkWcVzYWnduD62cEc.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 89.40.161.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.105.0/24 maxlen: 24
85.159.117.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 16:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:23:5f:0d:48:bb:5d:69:dc:c3:f9:98:10:16:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=335ef29fc8ab37c92459c5736169ddb83eb67047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ef:a4:b8:a2:39:42:d7:09:ff:69:04:c4:81:
98:dd:dd:c1:3d:b2:ac:98:45:7d:5a:a4:22:ca:4d:
2f:cd:dc:7e:ef:52:da:1b:be:b4:ac:6f:c3:9b:7f:
80:8d:b8:e9:16:86:36:24:07:42:a5:b7:f6:87:87:
28:43:b7:5e:ed:ef:89:ea:28:ee:26:42:8f:12:f9:
28:ac:b4:c9:78:3b:f9:64:5e:c0:43:12:c6:0e:cc:
f9:01:23:8c:d1:91:bc:32:65:68:1f:a4:58:21:30:
f4:99:ce:10:e9:92:cd:fb:5d:2b:fb:bf:2c:13:33:
15:82:ea:9d:aa:06:7f:c3:31:d5:22:06:c6:96:8d:
c6:78:27:34:fc:7d:47:9c:a5:26:d7:2e:71:8f:fb:
30:cd:c7:7d:d1:ed:f9:15:c5:0f:2b:d2:9e:c5:0b:
48:5d:fe:6f:a9:19:9e:c8:31:61:8b:60:d5:9a:a0:
10:42:49:ee:44:1b:aa:09:34:54:55:2a:1f:72:a7:
a1:f3:20:c0:d2:8f:2e:69:c3:70:a6:4f:5c:e1:c3:
b3:bd:91:cd:ed:eb:ed:68:92:3b:9c:02:03:20:c4:
4b:98:4e:70:b8:1d:8c:30:ab:d7:ac:fd:10:13:ce:
b4:05:28:45:02:85:ca:f2:aa:3a:6d:67:7a:29:7b:
db:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:5E:F2:9F:C8:AB:37:C9:24:59:C5:73:61:69:DD:B8:3E:B6:70:47
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/M17yn8irN8kkWcVzYWnduD62cEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.117.0/24
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0/24
91.242.72.0/22
91.242.103.0/24
94.231.198.0/24
185.40.105.0/24
194.50.200.0/23
194.50.206.0/23
195.138.105.0-195.138.106.255
195.138.108.0/24
195.138.116.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
4f:89:68:64:92:69:c5:23:0a:20:7a:30:75:c4:98:e3:17:46:
eb:cd:12:62:cd:16:a2:b8:f3:89:56:9e:b8:d5:37:85:63:6f:
33:99:0c:a7:19:fe:2b:97:8d:4e:0c:aa:e0:ac:ae:e7:05:66:
88:cd:28:2a:b4:b2:a2:33:b7:a0:fe:9e:bb:43:62:e4:b7:ce:
64:79:03:4d:99:b3:23:18:39:2a:9b:1e:06:83:ac:e8:57:27:
97:29:a5:f5:ba:a6:e0:ee:f0:8f:0b:b3:51:5d:df:37:97:d9:
37:cd:08:65:4c:2c:93:65:3b:91:71:06:9a:22:13:08:5c:f6:
3e:64:e7:9d:7c:b6:9f:de:62:61:cf:50:50:25:36:bf:66:9e:
58:75:c1:b1:27:a7:b3:09:ae:b0:19:b7:34:af:8e:e4:2c:af:
d5:8e:90:27:56:28:00:12:12:2b:69:b6:74:0f:f9:1a:86:a3:
27:5f:3e:fb:19:77:ba:64:81:db:8b:f0:55:a9:92:35:6e:26:
3b:10:e5:5d:a4:04:c7:e7:e5:65:a3:63:7a:ce:65:f1:02:97:
25:64:a8:52:ad:51:f2:ce:48:09:65:7f:61:4a:36:23:27:2d:
ef:a5:0f:06:d7:91:aa:ec:41:1f:06:c9:c0:a8:65:17:33:b7:
40:02:fc:5c
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzC2yNfDUi7XWncw/mYEBZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzVlZjI5ZmM4YWIzN2M5MjQ1OWM1NzM2MTY5ZGRiODNlYjY3MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u+kuKI5QtcJ/2kExIGY3d3BPbKs
mEV9WqQiyk0vzdx+71LaG760rG/Dm3+AjbjpFoY2JAdCpbf2h4coQ7de7e+J6iju
JkKPEvkorLTJeDv5ZF7AQxLGDsz5ASOM0ZG8MmVoH6RYITD0mc4Q6ZLN+10r+78s
EzMVguqdqgZ/wzHVIgbGlo3GeCc0/H1HnKUm1y5xj/swzcd90e35FcUPK9KexQtI
Xf5vqRmeyDFhi2DVmqAQQknuRBuqCTRUVSofcqeh8yDA0o8uacNwpk9c4cOzvZHN
7evtaJI7nAIDIMRLmE5wuB2MMKvXrP0QE860BShFAoXK8qo6bWd6KXvb5QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFDNe8p/IqzfJJFnFc2Fp3bg+tnBHMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTTE3eW44aXJOOGtrV2NWellXbmR1RDYyY0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAC1DdQME
AFWfdQMEAFkn8gMEAFkooQMEAFvyRgMEAlvySAMEAFvyZwMEAF7nxgMEALkoaQME
AcIyyAMEAcIyzjAMAwQAw4ppAwQAw4pqAwQAw4psAwQAw4p0MAwDBAHDinoDBAfD
igAwDQYJKoZIhvcNAQELBQADggEBAE+JaGSSacUjCiB6MHXEmOMXRuvNEmLNFqK4
84lWnrjVN4VjbzOZDKcZ/iuXjU4MquCsrucFZojNKCq0sqIzt6D+nrtDYuS3zmR5
A02ZsyMYOSqbHgaDrOhXJ5cppfW6puDu8I8Ls1Fd3zeX2TfNCGVMLJNlO5FxBpoi
Ewhc9j5k5518tp/eYmHPUFAlNr9mnlh1wbEnp7MJrrAZtzSvjuQsr9WOkCdWKAAS
EitptnQP+RqGoydfPvsZd7pkgduL8FWpkjVuJjsQ5V2kBMfn5WWjY3rOZfEClyVk
qFKtUfLOSAllf2FKNiMnLe+lDwbXkarsQR8GycCoZRczt0AC/Fw=
-----END CERTIFICATE-----
Generated at Sat Feb 24 19:49:49 2024 by rpki-client on console-ams.rpki-client.org