Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/MFjmTPfNSAL2IKWNPU9ebgGpDR0.roa
File: MFjmTPfNSAL2IKWNPU9ebgGpDR0.roa (raw, json)
Hash identifier: 4MYbfqSaOdz8Q/ze3fq1/sXX0iL5wIZ+h4uizwtdsfg=
Subject key identifier: 30:58:E6:4C:F7:CD:48:02:F6:20:A5:8D:3D:4F:5E:6E:01:A9:0D:1D
Certificate issuer: /CN=12a657f3424c8dd55215af853b93307c366c538a
Certificate serial: 018CC6B82C457ABE2B2B281FAECE3B6A4F07
Authority key identifier: 12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/MFjmTPfNSAL2IKWNPU9ebgGpDR0.roa
Signing time: Mon 01 Jan 2024 20:30:07 +0000
ROA not before: Mon 01 Jan 2024 20:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211995
IP address blocks: 46.28.237.0/24 maxlen: 24
185.233.35.0/24 maxlen: 24
213.142.158.0/24 maxlen: 24
185.77.3.0/24 maxlen: 24
93.114.130.0/24 maxlen: 24
185.136.207.0/24 maxlen: 24
2a10:d880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Feb 2024 04:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:2c:45:7a:be:2b:2b:28:1f:ae:ce:3b:6a:4f:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12a657f3424c8dd55215af853b93307c366c538a
Validity
Not Before: Jan 1 20:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3058e64cf7cd4802f620a58d3d4f5e6e01a90d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:99:2c:b9:dd:72:33:f9:96:93:d1:05:04:1d:
21:2b:40:5d:74:e1:4c:8c:2b:a4:42:b3:50:3b:cc:
02:2c:44:a1:ab:2b:85:8a:70:4d:7b:5e:84:dc:8f:
73:65:82:7c:29:99:b8:5b:f3:a0:b9:0b:b4:7b:b6:
57:04:52:81:32:02:9e:91:61:fd:af:77:d9:e3:66:
13:6d:12:fa:64:4a:17:16:fa:c1:14:b8:2e:4b:75:
a0:49:a3:b7:8c:9f:82:35:b1:63:df:42:20:a4:ea:
c7:49:3d:65:c2:11:8d:b1:be:46:e1:dc:cc:a0:4c:
c6:67:4a:05:70:93:13:79:9f:cd:4b:16:11:cb:7a:
5f:68:cb:24:67:79:4f:de:72:bf:81:8f:a4:69:83:
e7:76:f4:15:35:90:0b:f8:bd:4f:dc:c8:86:8a:8a:
fa:33:00:19:4c:0f:f0:9c:8c:a6:9f:80:b7:d8:a5:
01:a3:2b:ca:5b:4f:26:f8:7b:9c:08:d4:3c:c9:2f:
de:dd:4f:06:b2:00:f3:8f:98:34:93:c0:77:16:a1:
6c:c4:04:91:6d:29:ea:68:9e:be:de:cf:dc:32:6c:
a1:c2:66:2a:64:eb:d4:0e:a2:c0:f9:ea:91:52:62:
7f:ec:92:4e:51:14:c5:d6:d5:8c:63:bb:0e:5a:59:
05:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:58:E6:4C:F7:CD:48:02:F6:20:A5:8D:3D:4F:5E:6E:01:A9:0D:1D
X509v3 Authority Key Identifier:
keyid:12:A6:57:F3:42:4C:8D:D5:52:15:AF:85:3B:93:30:7C:36:6C:53:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EqZX80JMjdVSFa-FO5MwfDZsU4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/MFjmTPfNSAL2IKWNPU9ebgGpDR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/465aae-2a2c-4200-8e5c-05f093385ac8/1/EqZX80JMjdVSFa-FO5MwfDZsU4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.237.0/24
93.114.130.0/24
185.77.3.0/24
185.136.207.0/24
185.233.35.0/24
213.142.158.0/24
IPv6:
2a10:d880::/29
Signature Algorithm: sha256WithRSAEncryption
66:a4:00:44:19:18:e0:a8:cd:d2:be:95:b6:18:a4:67:73:5d:
a6:70:99:36:86:81:7d:e8:a4:91:a1:0f:d0:f1:2f:3c:45:58:
82:52:c2:8b:d2:02:69:bd:18:62:8a:59:d5:1b:c1:5e:ca:c9:
f6:a8:58:38:36:31:8e:5d:9f:03:6e:75:97:db:7f:22:f2:d7:
cc:e2:be:18:c5:8f:ae:64:c7:ef:41:30:73:f6:0d:57:d3:a1:
a7:be:d6:e7:6b:69:62:42:ac:d7:f0:b0:f7:c2:29:92:f4:53:
2e:92:c7:30:cb:d6:2a:b3:50:b4:8a:62:1a:7e:90:33:a9:34:
bd:0b:fc:99:1d:e7:a6:2a:c3:24:c7:46:91:0b:ae:9a:36:e0:
7e:8b:4f:03:70:85:9d:63:fa:bb:7d:7f:b9:dc:3e:7c:f6:dd:
d0:2f:fe:7f:4f:81:6a:84:a7:ec:35:95:eb:51:c1:ef:ba:0b:
1c:6c:59:1c:2b:aa:b9:ac:ed:ad:50:8c:bf:07:80:63:20:a7:
4c:60:87:d0:37:ab:e6:65:55:a5:23:c5:5d:ab:89:bd:9b:3c:
4b:dd:d4:78:49:92:dc:6d:dc:30:a9:5b:fa:43:61:65:b5:08:
9c:a5:29:c2:ac:e9:ca:59:3f:ab:04:d4:f7:07:f6:fe:51:bc:
86:a2:f9:d0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGuCxFer4rKygfrs47ak8HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYTY1N2YzNDI0YzhkZDU1MjE1YWY4NTNiOTMzMDdjMzY2
YzUzOGEwHhcNMjQwMTAxMjAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU4ZTY0Y2Y3Y2Q0ODAyZjYyMGE1OGQzZDRmNWU2ZTAxYTkwZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5ksud1yM/mWk9EFBB0hK0BddOFM
jCukQrNQO8wCLEShqyuFinBNe16E3I9zZYJ8KZm4W/OguQu0e7ZXBFKBMgKekWH9
r3fZ42YTbRL6ZEoXFvrBFLguS3WgSaO3jJ+CNbFj30IgpOrHST1lwhGNsb5G4dzM
oEzGZ0oFcJMTeZ/NSxYRy3pfaMskZ3lP3nK/gY+kaYPndvQVNZAL+L1P3MiGior6
MwAZTA/wnIymn4C32KUBoyvKW08m+HucCNQ8yS/e3U8GsgDzj5g0k8B3FqFsxASR
bSnqaJ6+3s/cMmyhwmYqZOvUDqLA+eqRUmJ/7JJOURTF1tWMY7sOWlkFxQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDBY5kz3zUgC9iCljT1PXm4BqQ0dMB8GA1UdIwQY
MBaAFBKmV/NCTI3VUhWvhTuTMHw2bFOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMt
MDVmMDkzMzg1YWM4LzEvTUZqbVRQZk5TQUwySUtXTlBVOWViZ0dwRFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80NjVhYWUtMmEyYy00MjAwLThlNWMtMDVmMDkzMzg1YWM4
LzEvRXFaWDgwSk1qZFZTRmEtRk81TXdmRFpzVTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALhztAwQA
XXKCAwQAuU0DAwQAuYjPAwQAuekjAwQA1Y6eMA0EAgACMAcDBQMqENiAMA0GCSqG
SIb3DQEBCwUAA4IBAQBmpABEGRjgqM3SvpW2GKRnc12mcJk2hoF96KSRoQ/Q8S88
RViCUsKL0gJpvRhiilnVG8Feysn2qFg4NjGOXZ8DbnWX238i8tfM4r4YxY+uZMfv
QTBz9g1X06Gnvtbna2liQqzX8LD3wimS9FMukscwy9Yqs1C0imIafpAzqTS9C/yZ
HeemKsMkx0aRC66aNuB+i08DcIWdY/q7fX+53D589t3QL/5/T4FqhKfsNZXrUcHv
ugscbFkcK6q5rO2tUIy/B4BjIKdMYIfQN6vmZVWlI8Vdq4m9mzxL3dR4SZLcbdww
qVv6Q2FltQicpSnCrOnKWT+rBNT3B/b+UbyGovnQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:11 2025 by rpki-client