Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/d-mvZP8vi6SLOALqiEbcyUKtpS8.roa
File: d-mvZP8vi6SLOALqiEbcyUKtpS8.roa (raw, json)
Hash identifier: x3zWzpOrAoMncZg2O2hD6KXlk27MyLKF/V2TzTbh1pg=
Subject key identifier: 77:E9:AF:64:FF:2F:8B:A4:8B:38:02:EA:88:46:DC:C9:42:AD:A5:2F
Certificate issuer: /CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Certificate serial: 019194710D9B3CA5451E37C59BCE6E141F29
Authority key identifier: 4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/d-mvZP8vi6SLOALqiEbcyUKtpS8.roa
Signing time: Tue 27 Aug 2024 15:25:22 +0000
ROA not before: Tue 27 Aug 2024 15:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 43.226.0.0/23 maxlen: 23
46.17.217.0/24 maxlen: 24
63.251.117.0/24 maxlen: 24
64.95.150.0/23 maxlen: 23
64.225.244.0/23 maxlen: 23
91.198.19.0/24 maxlen: 24
91.246.38.0/24 maxlen: 24
104.225.253.0/24 maxlen: 24
117.18.104.0/24 maxlen: 24
123.100.227.0/24 maxlen: 24
148.222.40.0/22 maxlen: 22
167.234.38.0/24 maxlen: 24
198.49.103.0/24 maxlen: 24
202.2.60.0/22 maxlen: 22
216.183.120.0/24 maxlen: 24
216.203.15.0/24 maxlen: 24
217.11.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Sep 2024 05:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:71:0d:9b:3c:a5:45:1e:37:c5:9b:ce:6e:14:1f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9131775b3260b11a16240d1d8e76891d7f3732
Validity
Not Before: Aug 27 15:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77e9af64ff2f8ba48b3802ea8846dcc942ada52f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:40:1b:6f:99:b1:c2:2c:db:26:05:66:1c:79:
06:b7:f3:d7:b4:ca:02:e0:58:1b:a0:e0:55:aa:74:
86:d1:65:54:fc:09:a0:d0:1e:a4:c6:02:ea:8f:7c:
08:df:99:2b:cf:9e:af:7a:2e:d8:e3:a9:41:12:60:
71:d9:b9:03:3a:b1:8b:09:e2:72:5d:75:26:2d:40:
a6:5b:49:bc:72:cc:89:ed:49:38:06:39:3d:32:82:
30:65:e2:4c:7b:5b:2c:de:30:be:ab:b4:19:7c:fa:
7d:01:28:92:bc:29:d1:d3:58:d9:83:47:64:22:78:
5c:c9:7e:5a:62:d9:01:bb:27:77:fe:6c:ba:83:c7:
3a:98:ae:eb:be:95:7c:d5:11:db:5e:85:bb:a3:92:
7a:4a:46:8a:65:4a:be:d4:d1:65:53:fa:0d:cb:f7:
59:c9:58:90:35:a4:ea:43:d3:17:c4:a5:f2:a5:d2:
b6:4c:86:da:fa:c8:f9:7b:ce:20:98:0d:cc:78:48:
0e:ba:4d:f1:1a:d8:89:31:28:d4:6e:39:bc:0d:e4:
8e:a9:73:9c:9b:2a:01:c3:af:d7:a1:93:9c:e6:ab:
3e:be:ae:f2:37:f9:9e:0f:c9:68:28:10:70:e7:e5:
31:4b:c2:92:0c:5a:dd:3d:17:37:dc:b9:65:fc:ca:
94:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E9:AF:64:FF:2F:8B:A4:8B:38:02:EA:88:46:DC:C9:42:AD:A5:2F
X509v3 Authority Key Identifier:
keyid:4F:91:31:77:5B:32:60:B1:1A:16:24:0D:1D:8E:76:89:1D:7F:37:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5Exd1syYLEaFiQNHY52iR1_NzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/d-mvZP8vi6SLOALqiEbcyUKtpS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/89962e-b11c-4e69-b413-ab63d45f4b6a/1/T5Exd1syYLEaFiQNHY52iR1_NzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.0.0/23
46.17.217.0/24
63.251.117.0/24
64.95.150.0/23
64.225.244.0/23
91.198.19.0/24
91.246.38.0/24
104.225.253.0/24
117.18.104.0/24
123.100.227.0/24
148.222.40.0/22
167.234.38.0/24
198.49.103.0/24
202.2.60.0/22
216.183.120.0/24
216.203.15.0/24
217.11.174.0/24
Signature Algorithm: sha256WithRSAEncryption
49:72:17:91:a1:70:7a:ef:51:6e:fe:be:7d:f6:5b:22:ab:86:
68:97:93:35:71:d8:51:ae:5b:d4:e2:4f:63:3f:0d:6a:fa:71:
ae:e5:ac:31:81:12:ff:8e:20:ae:39:b4:45:a3:11:72:33:e4:
41:80:91:c3:db:19:76:79:cc:2d:54:66:bf:1a:41:06:56:99:
71:4d:fe:72:ac:91:e5:63:29:da:01:d1:dc:63:bf:27:54:9f:
a2:b7:b2:7b:6d:9c:71:dd:39:60:09:ef:69:31:4e:0e:e4:10:
32:cd:85:0a:50:05:d8:e0:c1:61:5f:0e:e1:a4:3a:1d:4d:18:
21:77:e8:4b:3f:9b:b6:11:24:b0:5f:af:b6:a0:99:a2:61:a1:
a0:1c:45:c1:29:c3:f0:d4:10:94:ac:82:0c:fd:5f:cc:8e:e2:
6b:98:df:bb:b8:b7:f4:8f:bb:68:b8:22:a7:e5:fc:c8:af:c3:
bf:89:9c:ec:4a:4d:ed:47:14:80:c9:84:f3:65:ff:e2:c0:74:
bb:c8:29:bc:1d:4a:91:94:30:bb:17:48:7d:91:57:cd:3d:d3:
a4:29:3c:72:da:b6:dc:f8:b7:df:87:13:da:09:b6:95:f1:ed:
c8:84:ab:de:e0:2b:d8:ae:06:43:fe:04:84:4a:6e:93:90:d3:
b0:c4:25:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZGUcQ2bPKVFHjfFm85uFB8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTEzMTc3NWIzMjYwYjExYTE2MjQwZDFkOGU3Njg5MWQ3
ZjM3MzIwHhcNMjQwODI3MTUyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U5YWY2NGZmMmY4YmE0OGIzODAyZWE4ODQ2ZGNjOTQyYWRhNTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEAbb5mxwizbJgVmHHkGt/PXtMoC
4FgboOBVqnSG0WVU/Amg0B6kxgLqj3wI35krz56vei7Y46lBEmBx2bkDOrGLCeJy
XXUmLUCmW0m8csyJ7Uk4Bjk9MoIwZeJMe1ss3jC+q7QZfPp9ASiSvCnR01jZg0dk
InhcyX5aYtkBuyd3/my6g8c6mK7rvpV81RHbXoW7o5J6SkaKZUq+1NFlU/oNy/dZ
yViQNaTqQ9MXxKXypdK2TIba+sj5e84gmA3MeEgOuk3xGtiJMSjUbjm8DeSOqXOc
myoBw6/XoZOc5qs+vq7yN/meD8loKBBw5+UxS8KSDFrdPRc33Lll/MqUOQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFHfpr2T/L4ukizgC6ohG3MlCraUvMB8GA1UdIwQY
MBaAFE+RMXdbMmCxGhYkDR2OdokdfzcyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMt
YWI2M2Q0NWY0YjZhLzEvZC1tdlpQOHZpNlNMT0FMcWlFYmN5VUt0cFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84OTk2MmUtYjExYy00ZTY5LWI0MTMtYWI2M2Q0NWY0YjZh
LzEvVDVFeGQxc3lZTEVhRmlRTkhZNTJpUjFfTnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBK+IAAwQA
LhHZAwQAP/t1AwQBQF+WAwQBQOH0AwQAW8YTAwQAW/YmAwQAaOH9AwQAdRJoAwQA
e2TjAwQClN4oAwQAp+omAwQAxjFnAwQCygI8AwQA2Ld4AwQA2MsPAwQA2QuuMA0G
CSqGSIb3DQEBCwUAA4IBAQBJcheRoXB671Fu/r599lsiq4Zol5M1cdhRrlvU4k9j
Pw1q+nGu5awxgRL/jiCuObRFoxFyM+RBgJHD2xl2ecwtVGa/GkEGVplxTf5yrJHl
YynaAdHcY78nVJ+it7J7bZxx3TlgCe9pMU4O5BAyzYUKUAXY4MFhXw7hpDodTRgh
d+hLP5u2ESSwX6+2oJmiYaGgHEXBKcPw1BCUrIIM/V/MjuJrmN+7uLf0j7touCKn
5fzIr8O/iZzsSk3tRxSAyYTzZf/iwHS7yCm8HUqRlDC7F0h9kVfNPdOkKTxy2rbc
+LffhxPaCbaV8e3IhKve4CvYrgZD/gSESm6TkNOwxCUb
-----END CERTIFICATE-----
Generated at Thu Sep 26 06:01:41 2024 by rpki-client on console-fra.rpki-client.org