Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-rmgxSZOYBan7SVsbTHX0TeJTN8.roa
File: 1-rmgxSZOYBan7SVsbTHX0TeJTN8.roa (raw, json)
Hash identifier: TsMGr45VNGq4CosXDKwk/D1d11ltmzaYtOxA0FogW6Y=
Subject key identifier: FA:B9:A0:C5:26:4E:60:16:A7:ED:25:6C:6D:31:D7:D1:37:89:4C:DF
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871F7BE8E8574523218B7F67885CCCC07E
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-rmgxSZOYBan7SVsbTHX0TeJTN8.roa
Signing time: Sun 26 Mar 2023 19:53:46 +0000
ROA not before: Sun 26 Mar 2023 19:53:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 88.218.80.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
45.140.7.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
193.228.48.0/22 maxlen: 24
95.214.83.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1f:7b:e8:e8:57:45:23:21:8b:7f:67:88:5c:cc:c0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 26 19:53:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fab9a0c5264e6016a7ed256c6d31d7d137894cdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:f5:de:77:cf:83:83:f1:04:04:70:a8:16:
3c:62:17:49:e1:f0:cc:36:82:2b:91:2a:cd:be:c8:
86:80:06:fc:97:dc:00:69:13:71:4e:37:ed:1a:44:
d3:df:0d:d9:31:c6:53:a0:2f:d5:c7:2b:f0:88:e0:
87:79:ce:32:92:0b:c8:c1:b7:e3:3b:e8:e8:63:84:
0e:07:37:0d:24:1c:81:ea:d9:48:8e:69:41:96:0b:
26:ea:0b:37:e8:61:7f:7f:6a:b2:e6:f6:ca:53:ed:
81:79:37:a1:ae:e0:e5:73:47:33:25:63:53:a5:f6:
d3:58:d2:ea:17:bd:85:c8:12:94:ae:4f:01:b5:0e:
46:c2:04:9f:22:d8:01:e3:4f:23:b8:59:d2:2b:5f:
ff:0d:14:1e:56:09:18:c5:70:14:41:92:94:1c:b0:
1b:84:54:89:a1:eb:17:cb:fe:9d:7c:2a:1a:98:a7:
7e:44:5f:66:94:56:ba:4e:2b:99:58:ea:b5:69:e2:
dc:95:2d:15:21:41:da:fd:f1:73:cf:4a:7b:1b:9d:
58:43:54:ac:57:83:48:1e:c0:2f:7e:10:47:6d:85:
69:22:18:7a:d0:c7:34:a9:36:8c:d1:ad:ca:66:d2:
b1:86:02:59:ea:21:bf:3e:dc:55:4c:d5:2c:8b:f5:
90:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:B9:A0:C5:26:4E:60:16:A7:ED:25:6C:6D:31:D7:D1:37:89:4C:DF
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-rmgxSZOYBan7SVsbTHX0TeJTN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
45.130.184.0-45.130.186.255
45.140.7.0/24
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.228.48.0/22
194.28.157.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b4:f9:a5:7d:d6:a4:b3:58:18:1b:aa:4b:98:61:ef:c2:5b:
48:b8:c3:a0:1c:63:44:ba:46:68:16:33:b3:5b:78:60:38:74:
8d:6b:6b:59:76:11:62:28:d9:3e:66:3a:75:13:3b:26:62:f7:
48:bd:40:1b:e3:b9:65:47:13:69:b9:32:0a:eb:64:48:37:03:
e0:2d:ce:34:e6:bb:ac:0d:52:79:8c:09:27:a2:d2:50:f3:d7:
f9:84:0f:11:db:80:8c:b0:26:ba:d5:bd:fc:90:38:5d:be:e9:
c9:b3:52:73:f7:fd:34:7e:80:15:67:12:8a:02:77:83:51:f0:
8e:12:96:38:e1:1c:4a:78:37:92:72:6f:73:de:d4:7b:5e:22:
f8:db:31:0a:f9:99:7e:72:a7:a5:58:d6:08:21:3a:e0:ca:39:
f4:fd:3c:c3:09:92:50:25:f4:0d:92:e4:9c:65:b5:33:87:0f:
71:d5:a4:8a:0c:a8:0b:13:4f:79:0f:00:6f:2d:b0:28:44:bb:
5e:80:43:5b:23:df:83:63:04:d1:db:c7:3e:19:62:02:96:07:
62:a9:51:65:6e:4a:1a:17:98:46:1b:cd:7b:de:fd:26:3c:84:
02:ce:84:85:7d:06:24:15:99:c3:60:22:f1:aa:9c:25:8b:77:
c4:47:0f:74
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYcfe+joV0UjIYt/Z4hczMB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI2MTk1MzQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWI5YTBjNTI2NGU2MDE2YTdlZDI1NmM2ZDMxZDdkMTM3ODk0Y2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVD13nfPg4PxBARwqBY8YhdJ4fDM
NoIrkSrNvsiGgAb8l9wAaRNxTjftGkTT3w3ZMcZToC/VxyvwiOCHec4ykgvIwbfj
O+joY4QOBzcNJByB6tlIjmlBlgsm6gs36GF/f2qy5vbKU+2BeTehruDlc0czJWNT
pfbTWNLqF72FyBKUrk8BtQ5GwgSfItgB408juFnSK1//DRQeVgkYxXAUQZKUHLAb
hFSJoesXy/6dfCoamKd+RF9mlFa6TiuZWOq1aeLclS0VIUHa/fFzz0p7G51YQ1Ss
V4NIHsAvfhBHbYVpIhh60Mc0qTaM0a3KZtKxhgJZ6iG/PtxVTNUsi/WQ5wIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFPq5oMUmTmAWp+0lbG0x19E3iUzfMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMS1ybWd4U1pPWUJhbjdTVnNiVEhYMFRlSlROOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvM2YyNDliLWU4MzYtNDFiNC05YTNhLTk5NDgwNmYwODFm
MC8xLzRzSzROUHZKR3ZEc2F4MDBfV1FGVFNKcG9mMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAAwQA
BWhIAwQBBWhKMAwDBAMtgrgDBAAtgroDBAAtjAcDBAJNUxQDBAJU/EADBABY2lAD
BABY2u8DBABb9e8DBABf1lMDBAFf1lwDBABf1l8DBAGwdrwDBACwdr8DBAG5sUwD
BADBoEQDBADBoEgDBALB5DADBADCHJ0DBADURYcwDQYJKoZIhvcNAQELBQADggEB
AAC0+aV91qSzWBgbqkuYYe/CW0i4w6AcY0S6RmgWM7NbeGA4dI1ra1l2EWIo2T5m
OnUTOyZi90i9QBvjuWVHE2m5MgrrZEg3A+AtzjTmu6wNUnmMCSei0lDz1/mEDxHb
gIywJrrVvfyQOF2+6cmzUnP3/TR+gBVnEooCd4NR8I4SljjhHEp4N5Jyb3Pe1Hte
IvjbMQr5mX5yp6VY1gghOuDKOfT9PMMJklAl9A2S5JxltTOHD3HVpIoMqAsTT3kP
AG8tsChEu16AQ1sj34NjBNHbxz4ZYgKWB2KpUWVuShoXmEYbzXve/SY8hALOhIV9
BiQVmcNgIvGqnCWLd8RHD3Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org