Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MXXjDPp4XK1td7xd9KVnW-ivhkE.roa
File: MXXjDPp4XK1td7xd9KVnW-ivhkE.roa (raw, json)
Hash identifier: oUfDQcjYuANYXlE/UyCiSoqNpGIbhJbvKPptTqZt7QU=
Subject key identifier: 31:75:E3:0C:FA:78:5C:AD:6D:77:BC:5D:F4:A5:67:5B:E8:AF:86:41
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018E7C61554EB29C9B22F35C8B0907768F7B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MXXjDPp4XK1td7xd9KVnW-ivhkE.roa
Signing time: Tue 26 Mar 2024 20:08:57 +0000
ROA not before: Tue 26 Mar 2024 20:08:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.151.196.0/22 maxlen: 22
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 16 Apr 2024 14:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:61:55:4e:b2:9c:9b:22:f3:5c:8b:09:07:76:8f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 26 20:08:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3175e30cfa785cad6d77bc5df4a5675be8af8641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:cc:4f:e2:22:55:6b:5d:f9:0e:7c:77:aa:
c5:90:6c:08:54:27:9c:df:30:5e:70:ca:1c:45:5f:
e4:3c:7a:94:0f:0e:43:f2:d9:86:84:55:76:8d:d3:
1a:4e:ee:82:f7:0a:4a:17:a5:0b:23:9b:81:7e:61:
4a:40:33:e9:a4:e9:65:93:d6:3c:07:20:60:47:39:
8d:40:1c:56:13:64:da:6e:9f:0f:8f:3d:41:59:86:
ad:0e:e5:27:91:77:6c:43:6d:17:9a:ee:96:80:14:
33:72:0e:83:b1:93:d4:d8:b0:4d:c0:04:e8:2a:49:
a5:dd:52:4e:35:cd:20:e9:88:c4:65:dc:23:64:03:
2f:6c:a4:4d:b2:46:68:34:fe:2d:0a:3f:ec:fd:a9:
e9:3a:e5:63:dc:b7:6c:e2:e7:ea:65:89:07:7b:0e:
63:fb:8a:c5:7b:0e:6f:83:e5:1d:cf:1a:24:ae:54:
d0:8b:54:d8:9f:b4:29:a6:c1:f6:a4:fc:27:8a:87:
ac:c0:7d:1e:ed:6b:53:8c:9c:be:85:e9:aa:a8:58:
17:dd:72:a5:b1:ad:86:fb:08:97:93:41:7b:b3:97:
fc:9a:e0:f6:a0:5f:90:89:32:f7:d0:7c:64:51:26:
30:48:73:41:ae:99:13:9a:27:f6:03:28:c2:8e:c3:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:75:E3:0C:FA:78:5C:AD:6D:77:BC:5D:F4:A5:67:5B:E8:AF:86:41
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/MXXjDPp4XK1td7xd9KVnW-ivhkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
45.67.117.0/24
45.151.196.0/22
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
185.40.105.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
Signature Algorithm: sha256WithRSAEncryption
ab:d5:e9:8f:da:19:97:e6:eb:16:f1:4f:6e:d6:f8:59:02:c4:
90:10:d7:f6:87:1b:40:7a:8e:41:6f:61:0d:db:da:01:13:c4:
85:63:62:ba:ce:6b:6c:e6:48:1f:a0:83:59:d7:60:ff:14:2c:
72:a2:5a:6d:3b:44:40:d4:67:8d:2c:4a:50:c8:4a:3b:6a:0c:
4a:96:bf:69:03:15:b2:59:8d:b7:ac:9f:7a:85:ba:c8:c1:1b:
75:6a:21:54:02:78:be:7b:1a:74:50:d5:2b:8c:d3:16:30:c6:
f7:71:57:fd:d3:78:60:45:e8:ba:a3:4b:d8:50:c9:a9:d6:17:
bc:46:d3:8b:e0:2c:75:eb:b0:26:a6:4e:8a:75:46:2f:a1:02:
97:d3:22:83:2c:de:6a:e5:c2:26:aa:a9:56:d9:57:54:95:3e:
8a:55:ae:eb:9c:ca:ae:04:8b:13:2c:f5:7a:fb:be:68:a1:3a:
b1:4d:90:fe:db:f1:7f:9e:83:af:3a:bf:80:b6:20:7f:42:51:
31:a1:71:80:cd:a4:c3:0d:d2:ad:1c:08:8b:88:ee:8e:8a:18:
15:7b:4b:da:d6:16:d0:42:f6:53:ab:93:c0:4f:e2:ea:6b:6d:
e5:25:e6:f6:f4:82:49:07:ed:96:ed:b7:18:17:df:e4:7b:95:
e0:3a:1f:f9
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAY58YVVOspybIvNciwkHdo97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMzI2MjAwODU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc1ZTMwY2ZhNzg1Y2FkNmQ3N2JjNWRmNGE1Njc1YmU4YWY4NjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSXMT+IiVWtd+Q58d6rFkGwIVCec
3zBecMocRV/kPHqUDw5D8tmGhFV2jdMaTu6C9wpKF6ULI5uBfmFKQDPppOllk9Y8
ByBgRzmNQBxWE2Tabp8Pjz1BWYatDuUnkXdsQ20Xmu6WgBQzcg6DsZPU2LBNwATo
Kkml3VJONc0g6YjEZdwjZAMvbKRNskZoNP4tCj/s/anpOuVj3Lds4ufqZYkHew5j
+4rFew5vg+UdzxokrlTQi1TYn7QppsH2pPwnioeswH0e7WtTjJy+hemqqFgX3XKl
sa2G+wiXk0F7s5f8muD2oF+QiTL30HxkUSYwSHNBrpkTmif2AyjCjsM6nwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFDF14wz6eFytbXe8XfSlZ1vor4ZBMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTVhYakRQcDRYSzF0ZDd4ZDlLVm5XLWl2aGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIF
tAQDBAAtQ3UDBAItl8QDBABVn3UDBABZJ/IDBABZKKEDBABb8kYDBAJb8kgDBAFb
8l4DBABb8mcDBABb8mkwDAMEAFvyewMEB1vyAAMEAF7nxgMEALkoaQMEAcIyyAME
AcIyzjAMAwQAw4pnAwQAw4psMAwDBADDim8DBADDinADBADDinIDBADDinQDBADD
inYDBADDingwDAMEAcOKegMEB8OKADANBgkqhkiG9w0BAQsFAAOCAQEAq9Xpj9oZ
l+brFvFPbtb4WQLEkBDX9ocbQHqOQW9hDdvaARPEhWNius5rbOZIH6CDWddg/xQs
cqJabTtEQNRnjSxKUMhKO2oMSpa/aQMVslmNt6yfeoW6yMEbdWohVAJ4vnsadFDV
K4zTFjDG93FX/dN4YEXouqNL2FDJqdYXvEbTi+AsdeuwJqZOinVGL6ECl9Migyze
auXCJqqpVtlXVJU+ilWu65zKrgSLEyz1evu+aKE6sU2Q/tvxf56Drzq/gLYgf0JR
MaFxgM2kww3SrRwIi4jujooYFXtL2tYW0EL2U6uTwE/i6mtt5SXm9vSCSQftlu23
GBff5HuV4Dof+Q==
-----END CERTIFICATE-----
Generated at Tue Apr 16 17:52:08 2024 by rpki-client on console-fra.rpki-client.org