Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/A-MWCZh5lVAvRMjL2Q98OfqRYIg.roa
File: A-MWCZh5lVAvRMjL2Q98OfqRYIg.roa (raw, json)
Hash identifier: jOYqllHPIbg2YcfETot21w7aB0BlXBFxlff8NEPUzA4=
Subject key identifier: 03:E3:16:09:98:79:95:50:2F:44:C8:CB:D9:0F:7C:39:FA:91:60:88
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 018B8192621DFAB63D1C3D80E49D907984B5
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/A-MWCZh5lVAvRMjL2Q98OfqRYIg.roa
Signing time: Mon 30 Oct 2023 17:12:16 +0000
ROA not before: Mon 30 Oct 2023 17:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16276
IP address blocks: 123.100.227.0/24 maxlen: 24
64.225.244.0/23 maxlen: 23
148.222.40.0/22 maxlen: 22
104.225.253.0/24 maxlen: 24
216.183.120.0/24 maxlen: 24
167.234.38.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
46.17.217.0/24 maxlen: 24
91.198.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Nov 2023 14:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:92:62:1d:fa:b6:3d:1c:3d:80:e4:9d:90:79:84:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Oct 30 17:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03e31609987995502f44c8cbd90f7c39fa916088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8f:71:73:07:33:e7:92:d2:6b:31:7b:d4:1f:
db:8a:19:1d:1e:ba:4a:6b:c4:a9:5d:02:41:6e:cc:
97:21:77:ad:db:d1:20:a4:ae:6b:ac:3a:1c:8c:3a:
a5:b1:93:32:48:01:ff:20:5e:c4:b3:8c:27:e0:bf:
d7:03:32:ab:4d:74:a7:32:27:e2:de:50:e4:f6:bf:
12:f4:8c:9c:51:a9:c4:cd:b2:1b:53:59:a4:43:9a:
4e:28:95:17:ad:58:ca:40:a1:b2:7a:16:af:b2:0c:
7b:e6:7a:c7:a9:3d:a0:cb:d7:aa:b4:00:72:5b:af:
08:78:77:94:40:8e:13:ed:02:ad:5f:b5:11:0b:90:
08:fe:d3:5f:4c:68:81:db:09:f5:c9:54:99:6b:19:
fa:16:fc:e2:87:cb:e6:b2:7c:2a:1d:2e:6b:81:6e:
c9:c2:0c:c6:86:aa:5d:96:92:a3:68:e9:2b:0f:fa:
ec:00:11:e2:ed:06:7c:82:2b:99:a0:4e:77:05:ac:
56:5e:bc:f3:6c:2a:8b:6b:2d:7d:ad:7f:e0:17:eb:
cb:1b:1c:cb:00:14:39:3f:dd:7b:aa:75:ab:b6:d5:
d2:7d:65:3e:dd:43:88:3f:b3:37:07:91:79:bc:6c:
5e:b1:59:07:f8:29:ad:bf:d8:b0:34:d8:aa:7a:0f:
d1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E3:16:09:98:79:95:50:2F:44:C8:CB:D9:0F:7C:39:FA:91:60:88
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/A-MWCZh5lVAvRMjL2Q98OfqRYIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.217.0/24
63.251.117.0/24
64.225.244.0/23
91.198.19.0/24
104.225.253.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
216.183.120.0/24
216.203.15.0/24
Signature Algorithm: sha256WithRSAEncryption
df:d8:a5:46:c9:dc:83:b0:06:76:34:aa:9f:93:20:6d:3a:c7:
1d:7f:1f:e4:9c:ee:86:74:86:93:c5:5a:0a:e9:9c:ac:63:6f:
9b:f4:cf:58:11:19:6e:36:db:30:bc:f8:15:6d:45:eb:dc:7b:
2c:1c:9e:2f:8a:58:83:3a:56:39:34:98:44:46:27:c4:97:57:
dc:24:e2:c1:38:ad:c7:dd:dd:2d:94:3d:dc:ed:8e:b6:56:65:
9f:e0:37:44:f6:63:d2:b6:1e:c1:fa:c2:5c:77:90:fa:3b:12:
2f:14:a0:e5:18:94:75:f3:8b:8c:4e:88:cd:6b:7c:d0:be:c5:
c7:ce:96:ab:2a:22:86:e0:6e:9d:28:03:4b:33:37:e7:c1:e3:
59:10:05:e9:41:a8:8b:6f:e2:74:10:ad:2a:2d:57:e3:d7:69:
9f:88:dd:03:1c:23:a1:59:e8:c0:c0:ab:d4:fc:b5:b0:6a:4a:
bd:43:ea:5b:b3:60:ef:18:da:4c:f5:a9:03:21:82:49:c4:69:
94:13:28:53:1f:b2:cd:94:c2:4a:29:73:45:8d:a6:89:68:b4:
0b:92:47:67:0f:e9:2a:0b:ce:44:dd:7c:7a:fb:63:c9:b2:c1:
05:f1:06:35:52:fc:5b:a9:0f:ba:ad:4c:8b:7c:4c:2e:04:c0:
0d:60:7d:3f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYuBkmId+rY9HD2A5J2QeYS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjMxMDMwMTcxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2UzMTYwOTk4Nzk5NTUwMmY0NGM4Y2JkOTBmN2MzOWZhOTE2MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI9xcwcz55LSazF71B/bihkdHrpK
a8SpXQJBbsyXIXet29EgpK5rrDocjDqlsZMySAH/IF7Es4wn4L/XAzKrTXSnMifi
3lDk9r8S9IycUanEzbIbU1mkQ5pOKJUXrVjKQKGyehavsgx75nrHqT2gy9eqtABy
W68IeHeUQI4T7QKtX7URC5AI/tNfTGiB2wn1yVSZaxn6Fvzih8vmsnwqHS5rgW7J
wgzGhqpdlpKjaOkrD/rsABHi7QZ8giuZoE53BaxWXrzzbCqLay19rX/gF+vLGxzL
ABQ5P917qnWrttXSfWU+3UOIP7M3B5F5vGxesVkH+Cmtv9iwNNiqeg/RjQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAPjFgmYeZVQL0TIy9kPfDn6kWCIMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvQS1NV0NaaDVsVkF2Uk1qTDJROThPZnFSWUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALhHZAwQA
P/t1AwQBQOH0AwQAW8YTAwQAaOH9AwQAe2TjAwQClN4oAwQAp+omAwQAxjFnAwQA
2Ld4AwQA2MsPMA0GCSqGSIb3DQEBCwUAA4IBAQDf2KVGydyDsAZ2NKqfkyBtOscd
fx/knO6GdIaTxVoK6ZysY2+b9M9YERluNtswvPgVbUXr3HssHJ4viliDOlY5NJhE
RifEl1fcJOLBOK3H3d0tlD3c7Y62VmWf4DdE9mPSth7B+sJcd5D6OxIvFKDlGJR1
84uMTojNa3zQvsXHzparKiKG4G6dKANLMzfnweNZEAXpQaiLb+J0EK0qLVfj12mf
iN0DHCOhWejAwKvU/LWwakq9Q+pbs2DvGNpM9akDIYJJxGmUEyhTH7LNlMJKKXNF
jaaJaLQLkkdnD+kqC85E3Xx6+2PJssEF8QY1UvxbqQ+6rUyLfEwuBMANYH0/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:08 2024 by rpki-client on console-ams.rpki-client.org