Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/MpIOcGBNnRw6aF_abxxNIpasTKI.roa
File: MpIOcGBNnRw6aF_abxxNIpasTKI.roa (raw, json)
Hash identifier: PsTBnW0/8TmibDpJlr3uygA+2QSZkkROTw/fGNNfXPI=
Subject key identifier: 32:92:0E:70:60:4D:9D:1C:3A:68:5F:DA:6F:1C:4D:22:96:AC:4C:A2
Certificate issuer: /CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Certificate serial: 01856D0166085C4CA441B95138C61CEACBCB
Authority key identifier: 4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/MpIOcGBNnRw6aF_abxxNIpasTKI.roa
Signing time: Sun 01 Jan 2023 11:04:46 +0000
ROA not before: Sun 01 Jan 2023 11:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29263
IP address blocks: 217.68.49.65/32 maxlen: 32
217.68.48.0/28 maxlen: 28
217.68.58.0/24 maxlen: 24
217.68.56.0/21 maxlen: 21
217.68.61.0/24 maxlen: 24
217.68.60.0/24 maxlen: 24
217.68.48.124/30 maxlen: 30
217.68.49.75/32 maxlen: 32
217.68.48.144/29 maxlen: 29
217.68.49.208/29 maxlen: 29
217.68.49.85/32 maxlen: 32
217.68.48.128/30 maxlen: 30
217.68.48.160/27 maxlen: 27
217.68.48.0/20 maxlen: 20
217.68.48.0/21 maxlen: 21
217.68.51.0/24 maxlen: 24
217.68.50.0/24 maxlen: 24
217.68.48.252/32 maxlen: 32
217.68.48.253/32 maxlen: 32
217.68.49.93/32 maxlen: 32
217.68.49.216/29 maxlen: 29
2a02:2400::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:66:08:5c:4c:a4:41:b9:51:38:c6:1c:ea:cb:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c7594b0214264f06677609bb4aa4779eb1eecad
Validity
Not Before: Jan 1 11:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32920e70604d9d1c3a685fda6f1c4d2296ac4ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fb:01:26:fe:b2:34:53:7c:db:7b:bc:5d:34:
df:e6:82:d1:c5:c2:b4:06:20:08:1f:dd:b4:4c:95:
de:b7:ee:a0:cc:47:5c:a0:44:6d:a3:14:fe:e9:1d:
8b:e5:1c:c0:8a:08:b4:68:c5:15:0b:c0:11:de:ca:
77:a2:fa:a5:44:a7:df:41:08:96:22:9c:b7:5d:d6:
3c:c9:63:b8:4b:ae:58:c6:9f:f5:75:75:3d:a5:8a:
c5:87:ac:5a:1f:0c:bc:2e:f7:c5:81:e6:2e:5a:de:
a7:17:da:3e:78:e4:d6:98:86:28:68:c5:8f:7e:1c:
22:dd:94:7d:e6:ca:f5:a6:d2:dc:5d:8f:73:30:11:
fb:14:b5:eb:68:90:dc:30:5d:1e:50:f8:e6:ad:c2:
77:a2:60:30:27:4c:5d:c1:2a:2e:e8:e7:24:a9:bb:
0d:68:f7:c5:40:72:a0:7c:1a:eb:97:5c:52:9a:56:
82:68:f4:e4:6e:bd:9d:e5:94:8b:aa:51:5e:6e:ce:
3c:a8:3d:5e:13:e7:33:d3:71:54:2d:90:23:ce:74:
bf:89:fb:8f:f1:90:aa:77:50:e2:05:28:95:ae:59:
4b:c8:2a:37:41:66:ef:a2:69:2d:4a:84:bc:09:86:
ea:4c:fa:20:fe:2b:b7:40:71:3c:dd:6f:79:8c:50:
be:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:92:0E:70:60:4D:9D:1C:3A:68:5F:DA:6F:1C:4D:22:96:AC:4C:A2
X509v3 Authority Key Identifier:
keyid:4C:75:94:B0:21:42:64:F0:66:77:60:9B:B4:AA:47:79:EB:1E:EC:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THWUsCFCZPBmd2CbtKpHeese7K0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/MpIOcGBNnRw6aF_abxxNIpasTKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/b80b47-a7bc-4eb4-8be6-b130bf76fe10/1/THWUsCFCZPBmd2CbtKpHeese7K0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.68.48.0/20
IPv6:
2a02:2400::/32
Signature Algorithm: sha256WithRSAEncryption
b7:5d:65:8f:df:4b:b1:5a:77:db:71:2e:2c:ba:b1:76:56:b9:
aa:7a:f5:0e:a9:18:17:79:12:7d:47:62:95:1a:af:11:8f:31:
f9:47:e6:d4:e3:83:7b:25:77:9b:06:19:c9:f1:2f:25:7b:c4:
8a:13:b1:a3:8f:fb:2c:41:3f:cf:eb:63:dc:0d:8c:3d:77:fe:
54:59:b0:8b:bb:cd:56:7f:12:69:81:a6:82:e3:d3:46:2b:a8:
76:5d:98:bd:c5:0f:85:dc:49:0b:08:88:49:f1:14:df:fd:5b:
1c:3a:0a:68:7e:a0:51:87:ac:f5:6f:ec:46:e7:8c:fc:b1:87:
b3:7b:91:b9:f3:77:99:26:51:25:d4:b5:3d:d1:b4:4a:6e:34:
c8:0f:eb:12:41:46:99:a4:47:07:d5:85:db:22:3e:99:74:95:
5d:71:5c:11:30:0a:93:97:21:6b:4a:1f:66:2d:26:5b:6a:0d:
e8:26:1d:4d:81:4b:9f:e0:a6:85:70:89:11:af:97:ce:b0:e3:
49:a1:f3:97:72:ca:f3:c3:92:2e:17:58:1e:7c:f6:c4:94:2f:
23:b0:9c:75:e5:3c:e1:b5:4e:5c:c7:c6:09:7d:d8:28:02:cd:
43:87:70:5d:5a:37:b3:28:3f:95:84:3a:d5:6e:8d:67:ed:e7:
d5:a2:01:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAWYIXEykQblROMYc6svLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzU5NGIwMjE0MjY0ZjA2Njc3NjA5YmI0YWE0Nzc5ZWIx
ZWVjYWQwHhcNMjMwMTAxMTEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkyMGU3MDYwNGQ5ZDFjM2E2ODVmZGE2ZjFjNGQyMjk2YWM0Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/sBJv6yNFN823u8XTTf5oLRxcK0
BiAIH920TJXet+6gzEdcoERtoxT+6R2L5RzAigi0aMUVC8AR3sp3ovqlRKffQQiW
Ipy3XdY8yWO4S65Yxp/1dXU9pYrFh6xaHwy8LvfFgeYuWt6nF9o+eOTWmIYoaMWP
fhwi3ZR95sr1ptLcXY9zMBH7FLXraJDcMF0eUPjmrcJ3omAwJ0xdwSou6OckqbsN
aPfFQHKgfBrrl1xSmlaCaPTkbr2d5ZSLqlFebs48qD1eE+cz03FULZAjznS/ifuP
8ZCqd1DiBSiVrllLyCo3QWbvomktSoS8CYbqTPog/iu3QHE83W95jFC+/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDKSDnBgTZ0cOmhf2m8cTSKWrEyiMB8GA1UdIwQY
MBaAFEx1lLAhQmTwZndgm7SqR3nrHuytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYt
YjEzMGJmNzZmZTEwLzEvTXBJT2NHQk5uUnc2YUZfYWJ4eE5JcGFzVEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9iODBiNDctYTdiYy00ZWI0LThiZTYtYjEzMGJmNzZmZTEw
LzEvVEhXVXNDRkNaUEJtZDJDYnRLcEhlZXNlN0swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UQwMA0E
AgACMAcDBQAqAiQAMA0GCSqGSIb3DQEBCwUAA4IBAQC3XWWP30uxWnfbcS4surF2
VrmqevUOqRgXeRJ9R2KVGq8RjzH5R+bU44N7JXebBhnJ8S8le8SKE7Gjj/ssQT/P
62PcDYw9d/5UWbCLu81WfxJpgaaC49NGK6h2XZi9xQ+F3EkLCIhJ8RTf/VscOgpo
fqBRh6z1b+xG54z8sYeze5G583eZJlEl1LU90bRKbjTID+sSQUaZpEcH1YXbIj6Z
dJVdcVwRMAqTlyFrSh9mLSZbag3oJh1NgUuf4KaFcIkRr5fOsONJofOXcsrzw5Iu
F1gefPbElC8jsJx15TzhtU5cx8YJfdgoAs1Dh3BdWjezKD+VhDrVbo1n7efVogFN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:50 2024 by rpki-client on console-ams.rpki-client.org