Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/mAT1Z75laEY9JHmUk7J5I9L5OaY.roa
File: mAT1Z75laEY9JHmUk7J5I9L5OaY.roa (raw, json)
Hash identifier: 3iW+fTz+aNpddRSHJtqDqX/CdqwCyig8wr0peYC2gf0=
Subject key identifier: 98:04:F5:67:BE:65:68:46:3D:24:79:94:93:B2:79:23:D2:F9:39:A6
Certificate issuer: /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial: 018E132340BA90DC7CEDE8CAEA8E66CE75C6
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/mAT1Z75laEY9JHmUk7J5I9L5OaY.roa
Signing time: Wed 06 Mar 2024 09:41:01 +0000
ROA not before: Wed 06 Mar 2024 09:41:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 176.116.160.0/20 maxlen: 20
176.116.160.0/21 maxlen: 21
176.116.160.0/22 maxlen: 22
176.116.164.0/22 maxlen: 22
176.116.168.0/21 maxlen: 21
176.116.168.0/22 maxlen: 22
176.116.172.0/22 maxlen: 22
176.116.177.0/24 maxlen: 24
176.116.178.0/23 maxlen: 23
176.116.180.0/22 maxlen: 22
176.116.180.0/23 maxlen: 23
176.116.182.0/23 maxlen: 23
213.110.224.0/22 maxlen: 22
213.110.228.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 13 May 2024 08:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:23:40:ba:90:dc:7c:ed:e8:ca:ea:8e:66:ce:75:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
Validity
Not Before: Mar 6 09:41:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9804f567be6568463d24799493b27923d2f939a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:76:68:d7:95:02:ae:ad:8f:b1:99:5e:dc:e9:
6f:0f:61:5a:40:82:7b:fa:fd:a5:cc:06:2c:52:c6:
85:19:c0:02:a7:fd:01:84:09:9a:2c:61:dc:bd:02:
18:d0:ac:c3:44:85:0f:b8:83:3b:30:a7:e7:a8:36:
45:dc:75:76:a4:a1:4e:be:65:29:5d:9e:95:c5:e8:
ba:c1:a4:3f:44:22:79:c1:72:56:51:52:e4:03:9b:
f9:d0:ea:5d:28:e8:6f:f8:72:4e:9a:1a:ea:74:4a:
0c:68:47:11:72:4b:c5:ad:76:17:07:49:ff:fb:76:
7d:a7:f5:a0:79:e7:bd:48:7f:9f:16:cb:64:72:c4:
93:5c:97:b5:8c:23:4c:a5:c6:e6:40:11:4c:38:40:
61:3b:2e:ae:5c:94:88:e5:9b:24:ec:d9:ff:7d:6c:
5d:2d:b6:29:00:d1:40:e0:ea:bc:f4:20:3e:c1:10:
35:50:ce:d1:0e:c5:40:a0:41:f3:41:20:32:c1:14:
6d:e6:f6:54:c9:a1:04:82:83:72:3c:50:f9:93:e5:
da:05:3e:fc:95:0b:b2:ed:cc:1a:88:5f:b2:c7:67:
77:6e:8d:95:7c:5f:79:83:92:d8:e5:4e:1f:96:57:
91:70:7e:ec:d9:ea:35:26:26:82:44:e0:27:52:39:
c8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:04:F5:67:BE:65:68:46:3D:24:79:94:93:B2:79:23:D2:F9:39:A6
X509v3 Authority Key Identifier:
keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/mAT1Z75laEY9JHmUk7J5I9L5OaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.160.0/20
176.116.177.0-176.116.183.255
213.110.224.0-213.110.229.255
Signature Algorithm: sha256WithRSAEncryption
64:7e:43:48:e7:6f:da:04:3b:4e:e8:4f:98:97:63:a1:66:3a:
42:df:29:8a:95:90:d6:d6:f5:ef:9c:cf:e1:ab:3b:d1:f1:60:
6f:82:d9:91:14:11:ef:cd:8e:81:93:79:59:c5:ec:de:18:fe:
f8:18:fa:b9:1b:04:1d:18:61:17:59:b1:40:bf:0e:8d:90:34:
f2:21:84:1e:64:16:4c:b1:8f:af:6b:3a:21:ac:c3:cc:2a:84:
2b:f6:58:eb:03:81:7b:4b:ef:c1:90:3c:5c:24:d6:01:05:01:
bd:82:ba:c6:9b:a2:74:58:c6:85:fa:4e:b3:e4:ae:63:93:34:
c3:70:9e:84:11:c4:64:73:10:86:f5:24:42:95:e7:f2:1a:7d:
bc:c3:08:91:a9:13:46:37:b7:0e:99:fd:d1:ac:38:5c:f4:23:
ba:b9:05:3b:e2:14:97:cd:cc:87:c4:de:34:4e:cb:20:eb:75:
eb:4f:12:eb:71:60:b4:eb:f5:1a:8d:61:b6:ba:f2:87:1f:29:
79:68:69:5c:8e:2d:1c:15:a3:9e:5f:e7:08:eb:4d:74:d4:48:
69:6e:42:ec:cd:ad:43:60:36:13:14:e5:21:da:ce:3b:6f:8f:
9c:b3:78:2f:7c:92:bc:7f:39:70:ea:ad:24:45:f6:e8:20:30:
24:61:f7:42
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY4TI0C6kNx87ejK6o5mznXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNjE4ZGYwMDZkNTQ4ZDFkODdlZDY0MTk1NTA2NjJkYjZm
YzA2MDYwHhcNMjQwMzA2MDk0MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODA0ZjU2N2JlNjU2ODQ2M2QyNDc5OTQ5M2IyNzkyM2QyZjkzOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXZo15UCrq2PsZle3OlvD2FaQIJ7
+v2lzAYsUsaFGcACp/0BhAmaLGHcvQIY0KzDRIUPuIM7MKfnqDZF3HV2pKFOvmUp
XZ6Vxei6waQ/RCJ5wXJWUVLkA5v50OpdKOhv+HJOmhrqdEoMaEcRckvFrXYXB0n/
+3Z9p/Wgeee9SH+fFstkcsSTXJe1jCNMpcbmQBFMOEBhOy6uXJSI5Zsk7Nn/fWxd
LbYpANFA4Oq89CA+wRA1UM7RDsVAoEHzQSAywRRt5vZUyaEEgoNyPFD5k+XaBT78
lQuy7cwaiF+yx2d3bo2VfF95g5LY5U4flleRcH7s2eo1JiaCROAnUjnIgQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJgE9We+ZWhGPSR5lJOyeSPS+TmmMB8GA1UdIwQY
MBaAFFFhjfAG1UjR2H7WQZVQZi22/AYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEt
MzE3YzJmYjBhMzViLzEvbUFUMVo3NWxhRVk5SkhtVWs3SjVJOUw1T2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEtMzE3YzJmYjBhMzVi
LzEvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQEsHSgMAwD
BACwdLEDBAOwdLAwDAMEBdVu4AMEAdVu5DANBgkqhkiG9w0BAQsFAAOCAQEAZH5D
SOdv2gQ7TuhPmJdjoWY6Qt8pipWQ1tb175zP4as70fFgb4LZkRQR782OgZN5WcXs
3hj++Bj6uRsEHRhhF1mxQL8OjZA08iGEHmQWTLGPr2s6IazDzCqEK/ZY6wOBe0vv
wZA8XCTWAQUBvYK6xpuidFjGhfpOs+SuY5M0w3CehBHEZHMQhvUkQpXn8hp9vMMI
kakTRje3Dpn90aw4XPQjurkFO+IUl83Mh8TeNE7LIOt1608S63FgtOv1Go1htrry
hx8peWhpXI4tHBWjnl/nCOtNdNRIaW5C7M2tQ2A2ExTlIdrOO2+PnLN4L3ySvH85
cOqtJEX26CAwJGH3Qg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:19 2024 by rpki-client on console-ams.rpki-client.org