Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/MvlBeV6WGZmj5H4VkqUX-_uj9JY.roa
File: MvlBeV6WGZmj5H4VkqUX-_uj9JY.roa (raw, json)
Hash identifier: OzZza2ehbM0fH1ToHmrIFN6QnEH5Zy24J9T1wUgAkfY=
Subject key identifier: 32:F9:41:79:5E:96:19:99:A3:E4:7E:15:92:A5:17:FB:FB:A3:F4:96
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 0186F4E66D2BA3C60A9049DE5B109DBB7B24
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/MvlBeV6WGZmj5H4VkqUX-_uj9JY.roa
Signing time: Sat 18 Mar 2023 13:26:27 +0000
ROA not before: Sat 18 Mar 2023 13:26:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 24
185.103.16.0/22 maxlen: 24
185.94.168.0/24 maxlen: 24
194.50.163.0/24 maxlen: 24
46.182.216.0/21 maxlen: 24
91.192.36.0/22 maxlen: 24
213.132.197.0/24 maxlen: 24
94.124.88.0/21 maxlen: 24
213.132.196.0/24 maxlen: 24
213.132.195.0/24 maxlen: 24
2a00:1bd0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 Mar 2023 11:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:e6:6d:2b:a3:c6:0a:90:49:de:5b:10:9d:bb:7b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Mar 18 13:26:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32f941795e961999a3e47e1592a517fbfba3f496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:0f:ba:35:a5:7f:fe:0e:ec:92:7a:4e:ce:
52:da:89:e9:3d:57:a5:41:fb:3a:34:df:00:13:58:
e9:1c:8f:e4:d3:33:28:87:d6:7e:1c:74:6e:a9:80:
b9:8c:aa:2e:e7:88:3d:43:78:0d:f3:67:fc:4c:e1:
b8:64:be:3c:b0:91:c6:74:f1:f3:fe:20:e2:39:3b:
ac:46:6a:fa:d1:f9:1c:65:e1:6d:85:34:3b:c2:e2:
2f:7c:ab:2e:f0:9a:97:ca:4f:86:25:a4:c3:c8:d4:
cc:75:be:09:33:90:a6:78:f5:ea:39:05:da:d9:38:
d5:73:96:0e:63:94:0c:42:1c:7c:d4:9f:9a:9f:31:
2d:00:41:81:b5:a0:64:c3:bd:89:cf:f5:71:94:ac:
fe:5f:91:a7:54:00:c5:c5:74:05:e1:a7:ec:05:2c:
c1:97:c1:f1:ab:18:7f:0c:90:0d:23:c1:7c:8f:b8:
03:72:26:46:96:cd:da:15:35:79:61:5b:e0:a8:0b:
b4:f2:91:38:d3:52:46:dc:fd:a1:c0:8a:2d:ff:99:
13:2f:d3:c6:c3:41:26:cf:a8:e4:83:55:44:27:72:
b7:9d:4b:dc:7d:b0:d5:0b:41:38:2c:dd:2a:f8:c9:
84:7b:0b:a9:7d:9d:af:27:87:1e:16:ec:f0:45:7e:
6c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F9:41:79:5E:96:19:99:A3:E4:7E:15:92:A5:17:FB:FB:A3:F4:96
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/MvlBeV6WGZmj5H4VkqUX-_uj9JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
213.132.195.0-213.132.197.255
IPv6:
2a00:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
9c:67:60:25:03:f5:41:43:49:e0:e0:af:2e:f1:c1:71:23:93:
1d:c9:e3:12:3e:22:7a:3d:e0:5b:8a:ad:a0:2b:8e:38:93:37:
a7:72:3e:c1:ea:56:b0:c5:ee:3c:4d:81:de:c4:03:c9:8b:cc:
71:60:64:d5:45:fa:e1:e6:59:20:1a:09:05:63:88:d7:9e:0e:
81:64:2b:bd:03:59:d7:31:8a:ea:5f:74:21:81:53:70:18:8f:
9a:44:e5:88:02:7b:ae:bd:2d:dd:df:bc:7b:2f:87:34:72:28:
de:ad:af:c8:94:fd:a3:58:31:c4:0d:88:2d:27:1a:ce:04:c5:
a0:8b:7d:51:7e:45:93:1f:96:0f:03:10:16:28:81:22:63:57:
fb:b1:2b:29:22:d9:79:a4:d6:ee:36:dd:9b:f4:67:a4:37:90:
d7:46:1d:74:9e:1d:63:bf:9a:65:0b:17:0e:5a:f0:64:e0:05:
bb:7f:a2:d0:cb:7f:fc:f9:8d:cd:7b:0f:f7:a5:38:8b:67:2a:
e9:7f:36:b8:92:a0:61:35:94:0e:de:47:c3:74:24:ed:3a:5f:
82:0d:60:a0:3f:a6:8c:9c:3e:b5:69:a7:02:ac:ee:b9:e5:42:
19:ff:aa:27:7a:76:11:6e:38:ed:1c:2b:f7:57:08:77:d0:4e:
51:69:7f:f5
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYb05m0ro8YKkEneWxCdu3skMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjMwMzE4MTMyNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY5NDE3OTVlOTYxOTk5YTNlNDdlMTU5MmE1MTdmYmZiYTNmNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF8PujWlf/4O7JJ6Ts5S2onpPVel
Qfs6NN8AE1jpHI/k0zMoh9Z+HHRuqYC5jKou54g9Q3gN82f8TOG4ZL48sJHGdPHz
/iDiOTusRmr60fkcZeFthTQ7wuIvfKsu8JqXyk+GJaTDyNTMdb4JM5CmePXqOQXa
2TjVc5YOY5QMQhx81J+anzEtAEGBtaBkw72Jz/VxlKz+X5GnVADFxXQF4afsBSzB
l8Hxqxh/DJANI8F8j7gDciZGls3aFTV5YVvgqAu08pE401JG3P2hwIot/5kTL9PG
w0Emz6jkg1VEJ3K3nUvcfbDVC0E4LN0q+MmEewupfZ2vJ4ceFuzwRX5sRwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDL5QXlelhmZo+R+FZKlF/v7o/SWMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvTXZsQmVWNldHWm1qNUg0VmtxVVgtX3VqOUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjMAwDBADVhMMDBAHVhMQw
DQQCAAIwBwMFACoAG9AwDQYJKoZIhvcNAQELBQADggEBAJxnYCUD9UFDSeDgry7x
wXEjkx3J4xI+Ino94FuKraArjjiTN6dyPsHqVrDF7jxNgd7EA8mLzHFgZNVF+uHm
WSAaCQVjiNeeDoFkK70DWdcxiupfdCGBU3AYj5pE5YgCe669Ld3fvHsvhzRyKN6t
r8iU/aNYMcQNiC0nGs4ExaCLfVF+RZMflg8DEBYogSJjV/uxKyki2Xmk1u423Zv0
Z6Q3kNdGHXSeHWO/mmULFw5a8GTgBbt/otDLf/z5jc17D/elOItnKul/NriSoGE1
lA7eR8N0JO06X4INYKA/poycPrVppwKs7rnlQhn/qid6dhFuOO0cK/dXCHfQTlFp
f/U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:20 2024 by rpki-client on console-fra.rpki-client.org