Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/MU041sjvgMGwOrYhaZ_SjJNhyQE.roa
File: MU041sjvgMGwOrYhaZ_SjJNhyQE.roa (raw, json)
Hash identifier: 7YX1vLVOyPMVtbgG7vewhf47HNAt5iMFnzSWy5OcvzE=
Subject key identifier: 31:4D:38:D6:C8:EF:80:C1:B0:3A:B6:21:69:9F:D2:8C:93:61:C9:01
Certificate issuer: /CN=cbf74cd846493138f522c57c0065b5c60512dd09
Certificate serial: 018570B98833E11C182B2C2E025D1868FA76
Authority key identifier: CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/MU041sjvgMGwOrYhaZ_SjJNhyQE.roa
Signing time: Mon 02 Jan 2023 04:24:45 +0000
ROA not before: Mon 02 Jan 2023 04:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206614
IP address blocks: 141.226.125.0/24 maxlen: 24
141.226.129.0/24 maxlen: 24
141.226.128.0/24 maxlen: 24
141.226.130.0/24 maxlen: 24
141.226.131.0/24 maxlen: 24
141.226.127.0/24 maxlen: 24
141.226.126.0/24 maxlen: 24
2a06:3b80:26::/48 maxlen: 48
2a06:3b80:21::/48 maxlen: 48
2a06:3b80:154::/48 maxlen: 48
2a06:3b80:25::/48 maxlen: 48
2a06:3b80:23::/48 maxlen: 48
2a06:3b80:22::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Apr 2023 06:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:88:33:e1:1c:18:2b:2c:2e:02:5d:18:68:fa:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf74cd846493138f522c57c0065b5c60512dd09
Validity
Not Before: Jan 2 04:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=314d38d6c8ef80c1b03ab621699fd28c9361c901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6b:ba:21:92:cc:8c:f5:26:c9:d3:ee:fe:27:
dd:24:27:10:05:36:9e:85:0a:56:c8:c0:b9:19:56:
5f:b9:81:df:07:1d:c3:3d:b6:dc:46:29:75:c4:77:
34:74:5a:29:3e:96:70:1f:cc:19:fd:29:8f:70:64:
bd:2b:66:7e:a4:97:a2:52:05:1f:07:d7:c4:fe:86:
2d:14:22:c5:38:88:0b:d6:83:a5:87:46:da:12:44:
94:38:2b:b3:ff:57:de:49:72:6d:4e:09:2e:91:ce:
13:56:3a:7b:20:47:e5:3d:64:ab:e9:c6:5e:20:88:
6f:3e:c0:2a:f6:c7:f8:11:4f:e1:cb:33:11:88:43:
c3:b7:7f:65:82:e6:14:ff:bd:5b:d5:09:43:6e:91:
74:5c:1e:85:3f:49:86:f6:f9:c3:1e:48:b9:4c:eb:
29:7c:7c:91:7d:ec:57:6e:52:b5:a6:54:b2:44:12:
77:8a:59:88:7c:e9:2c:4b:97:fd:3f:ba:8d:22:cd:
e6:c0:38:60:58:3b:e8:ec:4a:cc:75:0f:09:81:e4:
c0:04:bf:3a:67:ae:d4:a6:b0:53:22:28:a1:c0:4b:
93:79:57:18:d5:59:7b:43:cf:41:53:c5:f2:c8:96:
56:61:c5:02:12:c9:7a:49:7c:c4:99:79:ac:1e:75:
44:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4D:38:D6:C8:EF:80:C1:B0:3A:B6:21:69:9F:D2:8C:93:61:C9:01
X509v3 Authority Key Identifier:
keyid:CB:F7:4C:D8:46:49:31:38:F5:22:C5:7C:00:65:B5:C6:05:12:DD:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/MU041sjvgMGwOrYhaZ_SjJNhyQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/348789-3208-4847-9c3f-982d1f21a32b/1/y_dM2EZJMTj1IsV8AGW1xgUS3Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.125.0-141.226.131.255
IPv6:
2a06:3b80:21::-2a06:3b80:23:ffff:ffff:ffff:ffff:ffff
2a06:3b80:25::-2a06:3b80:26:ffff:ffff:ffff:ffff:ffff
2a06:3b80:154::/48
Signature Algorithm: sha256WithRSAEncryption
0e:5b:a1:e3:6b:34:d2:f5:46:5e:62:c4:9b:d8:72:7c:b5:01:
21:41:10:38:53:50:fb:8f:a0:52:a2:72:f3:e3:7b:49:bb:e6:
0d:47:bc:84:6e:da:54:87:3f:2d:2d:ac:32:00:cb:be:45:92:
1f:67:9f:21:e5:68:23:4e:34:cc:e6:98:1e:d4:fd:f4:f7:25:
81:d5:aa:c3:07:f0:fb:f1:bd:3a:cb:1e:92:3a:94:0b:e5:73:
85:f4:ed:ae:ae:51:d4:e2:02:f5:61:3e:39:89:7d:f2:0f:46:
61:67:8e:6e:7b:fc:71:40:58:e7:d6:3d:e2:4b:4b:bf:0b:fe:
a4:99:46:31:23:40:51:75:01:9b:e0:4c:ec:06:c4:d0:26:9c:
b1:7b:bf:d9:ce:d6:48:8f:e9:f7:3a:4f:6b:05:58:2f:2a:b3:
6f:78:a4:a8:71:17:b6:f5:17:7a:05:fa:21:7d:1f:a9:21:39:
2f:41:b4:b5:8d:bd:77:44:9f:e9:6e:ee:0f:a3:f2:37:5a:f1:
b7:96:ab:97:c4:fe:f0:41:1c:04:09:33:b3:22:0f:22:0d:d7:
9f:16:90:b3:e6:66:56:81:ae:7b:b2:0c:8f:8d:70:08:58:4e:
a9:02:c9:fb:4f:2f:df:ad:4e:b7:48:df:31:f0:30:07:d5:58:
c7:f2:46:b5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYVwuYgz4RwYKywuAl0YaPp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjc0Y2Q4NDY0OTMxMzhmNTIyYzU3YzAwNjViNWM2MDUx
MmRkMDkwHhcNMjMwMTAyMDQyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTRkMzhkNmM4ZWY4MGMxYjAzYWI2MjE2OTlmZDI4YzkzNjFjOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2u6IZLMjPUmydPu/ifdJCcQBTae
hQpWyMC5GVZfuYHfBx3DPbbcRil1xHc0dFopPpZwH8wZ/SmPcGS9K2Z+pJeiUgUf
B9fE/oYtFCLFOIgL1oOlh0baEkSUOCuz/1feSXJtTgkukc4TVjp7IEflPWSr6cZe
IIhvPsAq9sf4EU/hyzMRiEPDt39lguYU/71b1QlDbpF0XB6FP0mG9vnDHki5TOsp
fHyRfexXblK1plSyRBJ3ilmIfOksS5f9P7qNIs3mwDhgWDvo7ErMdQ8JgeTABL86
Z67UprBTIiihwEuTeVcY1Vl7Q89BU8XyyJZWYcUCEsl6SXzEmXmsHnVEuwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDFNONbI74DBsDq2IWmf0oyTYckBMB8GA1UdIwQY
MBaAFMv3TNhGSTE49SLFfABltcYFEt0JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2Yt
OTgyZDFmMjFhMzJiLzEvTVUwNDFzanZnTUd3T3JZaGFaX1NqSk5oeVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zNDg3ODktMzIwOC00ODQ3LTljM2YtOTgyZDFmMjFhMzJi
LzEveV9kTTJFWkpNVGoxSXNWOEFHVzF4Z1VTM1FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAUBAIAATAOMAwDBACN4n0D
BAKN4oAwNwQCAAIwMTASAwcAKgY7gAAhAwcCKgY7gAAgMBIDBwAqBjuAACUDBwAq
BjuAACYDBwAqBjuAAVQwDQYJKoZIhvcNAQELBQADggEBAA5boeNrNNL1Rl5ixJvY
cny1ASFBEDhTUPuPoFKicvPje0m75g1HvIRu2lSHPy0trDIAy75Fkh9nnyHlaCNO
NMzmmB7U/fT3JYHVqsMH8PvxvTrLHpI6lAvlc4X07a6uUdTiAvVhPjmJffIPRmFn
jm57/HFAWOfWPeJLS78L/qSZRjEjQFF1AZvgTOwGxNAmnLF7v9nO1kiP6fc6T2sF
WC8qs294pKhxF7b1F3oF+iF9H6khOS9BtLWNvXdEn+lu7g+j8jda8beWq5fE/vBB
HAQJM7MiDyIN158WkLPmZlaBrnuyDI+NcAhYTqkCyftPL9+tTrdI3zHwMAfVWMfy
RrU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org