Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/mSrIqDB2SSoIQMK1HHi3lChTzCM.roa
File: mSrIqDB2SSoIQMK1HHi3lChTzCM.roa (raw, json)
Hash identifier: EaU6Jgs9KSPHasRzdjgSDyx6Wyp0AQCaxuhGH023Jn0=
Subject key identifier: 99:2A:C8:A8:30:76:49:2A:08:40:C2:B5:1C:78:B7:94:28:53:CC:23
Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial: 0193AD1E94B4505CE280AB4AC13DDDD18CCF
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/mSrIqDB2SSoIQMK1HHi3lChTzCM.roa
Signing time: Mon 09 Dec 2024 20:31:22 +0000
ROA not before: Mon 09 Dec 2024 20:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8943
IP address blocks: 185.73.44.0/22 maxlen: 22
194.33.11.0/24 maxlen: 24
194.153.169.0/24 maxlen: 24
212.13.192.0/19 maxlen: 19
2001:ba8::/32 maxlen: 32
2001:baa::/32 maxlen: 32
2001:baf::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ad:1e:94:b4:50:5c:e2:80:ab:4a:c1:3d:dd:d1:8c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Validity
Not Before: Dec 9 20:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=992ac8a83076492a0840c2b51c78b7942853cc23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:7e:12:9c:5e:1b:cf:6b:35:e7:67:97:75:f0:
48:04:22:c0:d7:4e:ac:8a:fb:3c:1c:c3:6a:4f:57:
79:3b:3f:8a:7b:98:35:83:23:a8:ea:68:da:08:f3:
f2:1b:b3:ac:ae:8e:35:3e:a8:f0:8d:3b:72:9f:f3:
8c:7d:45:82:44:91:37:72:1e:11:de:5b:19:a1:d8:
44:ec:f2:52:59:08:90:63:28:82:b2:60:96:bf:3b:
53:70:6a:bc:cc:cc:e6:d6:46:5c:34:0b:13:93:61:
a9:c0:84:ce:74:b1:79:1c:e4:05:d8:44:63:92:7c:
31:52:dd:4f:b8:37:1c:00:8b:4b:bc:d0:a8:a8:6d:
05:1b:ca:3e:36:78:ad:43:6d:a5:61:e1:35:f8:d2:
f4:d8:98:48:e5:89:53:65:62:cc:2a:04:fe:65:c8:
0c:b1:41:bd:cd:64:fa:7a:1a:15:30:43:d3:7b:92:
1d:19:c4:3f:3c:f1:30:5c:2d:aa:43:58:b9:df:64:
10:1d:00:cf:be:30:c2:ba:36:76:b4:e2:21:e6:cf:
0d:db:68:99:14:85:f2:85:b6:22:87:18:da:6d:1b:
d7:cc:c8:c3:e1:01:81:f2:57:24:12:ac:49:34:e7:
46:10:7f:a3:27:c1:9a:80:5e:39:f8:d9:be:a6:2c:
1f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2A:C8:A8:30:76:49:2A:08:40:C2:B5:1C:78:B7:94:28:53:CC:23
X509v3 Authority Key Identifier:
keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/mSrIqDB2SSoIQMK1HHi3lChTzCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.44.0/22
194.33.11.0/24
194.153.169.0/24
212.13.192.0/19
IPv6:
2001:ba8::/32
2001:baa::/32
2001:baf::/32
Signature Algorithm: sha256WithRSAEncryption
ba:c4:c3:de:0c:90:2d:a7:f2:16:71:8a:de:0d:81:35:14:ad:
35:c1:34:ac:8c:53:6d:e7:b1:10:7c:f3:69:97:82:9a:19:f3:
21:c2:d4:50:25:b8:f4:41:06:11:d1:de:c7:9a:74:55:32:4a:
43:b1:67:b4:58:d5:57:ec:40:3d:ea:cd:3b:ae:e8:5c:c3:07:
27:ff:fa:e6:0d:26:25:d3:94:73:91:9f:40:e7:d3:e4:52:8a:
a1:da:46:33:ee:8d:06:0f:bb:70:78:f6:06:81:f8:6d:38:31:
3c:dc:89:6c:71:84:57:32:3a:5d:42:03:e9:21:d1:ad:5e:15:
d3:ce:7e:39:9b:d1:69:da:d6:dd:af:17:50:8e:7a:3f:84:21:
de:06:e4:92:30:b4:4b:f7:19:24:21:6f:c8:09:77:3b:bd:93:
81:8b:54:0e:fc:9a:0b:44:12:b6:7d:c3:1c:b8:a7:26:d4:48:
56:9b:43:76:f9:06:3d:60:91:a3:bf:c6:ad:0d:6e:69:9f:bd:
23:4c:7c:f1:e9:46:44:8b:0f:47:dd:e1:f5:ad:9a:7b:0d:5d:
7e:b4:30:93:b9:e2:19:20:64:d7:f6:45:02:a2:84:91:82:e6:
db:23:3e:20:54:85:24:d5:66:4e:bb:94:4d:27:d3:a2:e0:1b:
91:85:9d:28
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZOtHpS0UFzigKtKwT3d0YzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjQxMjA5MjAzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJhYzhhODMwNzY0OTJhMDg0MGMyYjUxYzc4Yjc5NDI4NTNjYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxH4SnF4bz2s152eXdfBIBCLA106s
ivs8HMNqT1d5Oz+Ke5g1gyOo6mjaCPPyG7Osro41PqjwjTtyn/OMfUWCRJE3ch4R
3lsZodhE7PJSWQiQYyiCsmCWvztTcGq8zMzm1kZcNAsTk2GpwITOdLF5HOQF2ERj
knwxUt1PuDccAItLvNCoqG0FG8o+NnitQ22lYeE1+NL02JhI5YlTZWLMKgT+ZcgM
sUG9zWT6ehoVMEPTe5IdGcQ/PPEwXC2qQ1i532QQHQDPvjDCujZ2tOIh5s8N22iZ
FIXyhbYihxjabRvXzMjD4QGB8lckEqxJNOdGEH+jJ8GagF45+Nm+piwfjwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJkqyKgwdkkqCEDCtRx4t5QoU8wjMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvbVNySXFEQjJTU29JUU1LMUhIaTNsQ2hUekNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCuUksAwQA
wiELAwQAwpmpAwQF1A3AMBsEAgACMBUDBQAgAQuoAwUAIAELqgMFACABC68wDQYJ
KoZIhvcNAQELBQADggEBALrEw94MkC2n8hZxit4NgTUUrTXBNKyMU23nsRB882mX
gpoZ8yHC1FAluPRBBhHR3seadFUySkOxZ7RY1VfsQD3qzTuu6FzDByf/+uYNJiXT
lHORn0Dn0+RSiqHaRjPujQYPu3B49gaB+G04MTzciWxxhFcyOl1CA+kh0a1eFdPO
fjmb0Wna1t2vF1COej+EId4G5JIwtEv3GSQhb8gJdzu9k4GLVA78mgtEErZ9wxy4
pybUSFabQ3b5Bj1gkaO/xq0NbmmfvSNMfPHpRkSLD0fd4fWtmnsNXX60MJO54hkg
ZNf2RQKihJGC5tsjPiBUhSTVZk67lE0n06LgG5GFnSg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:29:32 2025 by rpki-client