Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mhFKLK3hyDcNbSR4AmTVDupDuG4.roa
File: mhFKLK3hyDcNbSR4AmTVDupDuG4.roa (raw, json)
Hash identifier: N/YEz5WH02DMQCDe1JwQG+GLmD35+RFKye26FaWfebs=
Subject key identifier: 9A:11:4A:2C:AD:E1:C8:37:0D:6D:24:78:02:64:D5:0E:EA:43:B8:6E
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 018E424C10FD74C3E223A64BFE929123ABB9
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mhFKLK3hyDcNbSR4AmTVDupDuG4.roa
Signing time: Fri 15 Mar 2024 13:27:45 +0000
ROA not before: Fri 15 Mar 2024 13:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44056
IP address blocks: 31.135.224.0/20 maxlen: 20
31.135.226.0/23 maxlen: 23
31.135.228.0/22 maxlen: 22
31.135.232.0/22 maxlen: 22
31.135.236.0/23 maxlen: 23
46.148.128.0/20 maxlen: 20
46.148.128.0/22 maxlen: 22
46.148.143.0/24 maxlen: 24
83.97.104.0/21 maxlen: 21
91.195.130.0/23 maxlen: 23
91.230.146.0/24 maxlen: 24
91.237.186.0/23 maxlen: 23
109.196.64.0/20 maxlen: 24
109.196.64.0/22 maxlen: 22
109.196.68.0/22 maxlen: 22
176.125.192.0/19 maxlen: 19
195.2.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 14 May 2024 08:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:4c:10:fd:74:c3:e2:23:a6:4b:fe:92:91:23:ab:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: Mar 15 13:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a114a2cade1c8370d6d24780264d50eea43b86e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:32:f9:26:ba:9f:04:79:2e:88:ad:97:0e:be:
94:84:30:1b:76:22:11:05:1b:4c:b4:9a:1d:8c:86:
72:30:ba:be:b3:64:eb:d5:e4:fb:59:cb:1a:83:69:
2f:30:ec:5a:e8:15:7c:a4:60:f2:5c:5d:f2:e8:11:
2b:9c:03:95:6d:f9:fd:f3:46:43:d8:8b:48:ef:5a:
19:23:ec:f7:a6:11:6d:14:e1:2a:8b:00:2c:04:f3:
01:93:e5:fa:8c:86:01:61:b9:63:a5:a5:6c:b8:00:
28:b7:10:e4:35:e1:a0:ea:2d:f4:58:21:e6:29:e8:
bc:09:81:76:d2:0a:4d:ec:8e:74:12:dc:cc:ff:c9:
6b:ff:3f:1e:7e:72:06:1a:1d:4a:dc:d6:58:1f:09:
a6:92:8f:3a:f4:ef:a8:dd:c4:ad:e4:85:b4:51:91:
af:09:c5:c3:ac:89:09:08:67:27:8d:b5:af:54:86:
1d:10:f6:d4:57:62:96:e8:8a:ac:01:c0:5a:67:fc:
0b:34:54:8a:86:1e:3b:dd:48:43:59:a3:d5:62:1f:
4c:d5:f7:25:70:82:5b:3e:b8:0b:5c:da:66:2c:5d:
78:b3:a1:c9:fc:aa:1a:d7:91:9c:e7:43:3e:c5:74:
db:72:87:ee:fe:ef:38:4b:b4:e0:31:ea:50:63:86:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:11:4A:2C:AD:E1:C8:37:0D:6D:24:78:02:64:D5:0E:EA:43:B8:6E
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/mhFKLK3hyDcNbSR4AmTVDupDuG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
91.237.186.0/23
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
82:8b:1f:49:8c:17:ab:81:07:66:b7:4b:5f:8e:41:bb:40:62:
6e:a4:d1:73:a0:f4:ac:b8:ab:99:1e:2e:7f:c9:8e:1a:4e:2c:
42:95:22:69:21:8d:21:32:42:5f:d5:9a:04:c7:cd:bf:d3:9d:
04:ad:d6:db:b9:b5:70:e7:a2:5a:6d:8b:91:de:21:be:ed:fa:
76:79:f5:65:08:38:85:d6:72:6f:22:17:41:95:5b:b0:b4:04:
1f:0b:ad:47:27:f9:ed:b7:2c:27:a4:1a:21:d5:ed:39:5f:5c:
fb:2c:ac:c6:8c:65:91:13:ef:9f:3c:33:0d:41:39:22:b7:8e:
3a:41:cc:09:de:9c:04:0f:80:99:82:ed:a5:a3:1e:a2:0b:2f:
b6:d0:22:d8:cc:dd:d9:56:3e:09:2c:2e:ae:d4:27:a0:7c:a8:
69:cf:b2:62:81:76:71:ce:14:af:62:71:d5:7e:da:18:fb:d2:
ec:13:66:db:3b:4b:d7:51:0b:94:32:82:1c:54:bd:fe:3b:a5:
e1:07:f8:97:cc:23:3d:0c:64:40:3c:fa:c3:b0:0e:1c:9a:a1:
50:0a:d2:b9:a9:7b:7a:92:52:7f:30:5c:0d:6c:79:ff:09:9f:
4e:d6:58:54:b5:c4:b2:35:62:97:32:f6:c4:31:f4:74:f7:55:
09:be:e2:50
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY5CTBD9dMPiI6ZL/pKRI6u5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjQwMzE1MTMyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTExNGEyY2FkZTFjODM3MGQ2ZDI0NzgwMjY0ZDUwZWVhNDNiODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzL5JrqfBHkuiK2XDr6UhDAbdiIR
BRtMtJodjIZyMLq+s2Tr1eT7Wcsag2kvMOxa6BV8pGDyXF3y6BErnAOVbfn980ZD
2ItI71oZI+z3phFtFOEqiwAsBPMBk+X6jIYBYbljpaVsuAAotxDkNeGg6i30WCHm
Kei8CYF20gpN7I50EtzM/8lr/z8efnIGGh1K3NZYHwmmko869O+o3cSt5IW0UZGv
CcXDrIkJCGcnjbWvVIYdEPbUV2KW6IqsAcBaZ/wLNFSKhh473UhDWaPVYh9M1fcl
cIJbPrgLXNpmLF14s6HJ/Koa15Gc50M+xXTbcofu/u84S7TgMepQY4bIoQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJoRSiyt4cg3DW0keAJk1Q7qQ7huMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEvbWhGS0xLM2h5RGNOYlNSNEFtVFZEdXBEdUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQBW+26AwQEbcRAAwQFsH3AAwQBwwLuMA0G
CSqGSIb3DQEBCwUAA4IBAQCCix9JjBergQdmt0tfjkG7QGJupNFzoPSsuKuZHi5/
yY4aTixClSJpIY0hMkJf1ZoEx82/050ErdbbubVw56JabYuR3iG+7fp2efVlCDiF
1nJvIhdBlVuwtAQfC61HJ/nttywnpBoh1e05X1z7LKzGjGWRE++fPDMNQTkit446
QcwJ3pwED4CZgu2lox6iCy+20CLYzN3ZVj4JLC6u1CegfKhpz7JigXZxzhSvYnHV
ftoY+9LsE2bbO0vXUQuUMoIcVL3+O6XhB/iXzCM9DGRAPPrDsA4cmqFQCtK5qXt6
klJ/MFwNbHn/CZ9O1lhUtcSyNWKXMvbEMfR091UJvuJQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:07 2025 by rpki-client