Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/MXKn3xx2PEWv6ls6F5KUuvj07zI.roa
File: MXKn3xx2PEWv6ls6F5KUuvj07zI.roa (raw, json)
Hash identifier: 57wE8jFoNLYw223E0oBeWtFLsjhwFda5qsRA/FtyCyQ=
Subject key identifier: 31:72:A7:DF:1C:76:3C:45:AF:EA:5B:3A:17:92:94:BA:F8:F4:EF:32
Certificate issuer: /CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Certificate serial: 0191C7CDDB0B1C07576A4A50C6D414B42560
Authority key identifier: C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/MXKn3xx2PEWv6ls6F5KUuvj07zI.roa
Signing time: Fri 06 Sep 2024 14:47:22 +0000
ROA not before: Fri 06 Sep 2024 14:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.233.0/24 maxlen: 24
5.183.208.0/24 maxlen: 24
91.240.40.0/22 maxlen: 22
93.92.116.0/22 maxlen: 22
94.176.100.0/22 maxlen: 22
185.35.232.0/22 maxlen: 22
185.67.120.0/24 maxlen: 24
185.107.24.0/22 maxlen: 22
185.125.36.0/22 maxlen: 22
185.224.116.0/22 maxlen: 22
193.32.11.0/24 maxlen: 24
193.124.76.0/22 maxlen: 22
193.124.144.0/21 maxlen: 21
194.135.200.0/21 maxlen: 21
195.216.136.0/22 maxlen: 22
2a04:65c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:cd:db:0b:1c:07:57:6a:4a:50:c6:d4:14:b4:25:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74ca0855178a0cdd71914bcf223aa31af6369a4
Validity
Not Before: Sep 6 14:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3172a7df1c763c45afea5b3a179294baf8f4ef32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:95:4a:0d:79:98:29:4f:54:f3:3f:71:e1:a1:
4c:cc:7d:c1:22:93:6a:3e:57:a0:17:c6:ee:13:fc:
c5:26:3d:4e:84:86:9a:db:59:56:75:93:92:d7:42:
d7:6a:71:75:7f:cb:f8:53:58:d2:87:46:96:04:16:
bc:4c:26:e5:5d:a0:48:92:be:fa:2c:a1:80:8b:b5:
6e:df:1c:20:86:8d:90:22:48:0f:b6:da:4c:80:8d:
38:9a:2b:ea:c6:73:ce:7f:49:02:e5:51:80:a7:74:
fb:44:58:0a:20:ab:fe:bf:09:7d:02:bb:e1:a7:2d:
1a:6a:2c:24:b6:56:54:6a:8a:e7:28:e7:47:e4:4c:
43:25:8e:d6:e6:90:64:b7:5f:af:a6:ac:08:72:b5:
a2:aa:f1:af:77:81:ff:c3:de:5b:2d:9e:3c:31:f5:
c0:cf:f8:af:f1:ac:d4:17:22:84:67:4e:64:8e:13:
26:0a:e7:73:29:a1:63:2d:d8:65:6d:99:c6:e7:65:
ae:db:02:10:c9:6d:b0:a3:d6:5c:da:de:0a:0b:57:
53:42:4e:23:84:e5:63:de:3e:e4:20:ed:46:56:cf:
29:c0:55:a3:f5:18:e7:ca:66:c5:5c:c9:fb:d3:7d:
f9:52:01:46:af:84:2d:24:8f:05:a2:e9:f9:e6:03:
fb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:72:A7:DF:1C:76:3C:45:AF:EA:5B:3A:17:92:94:BA:F8:F4:EF:32
X509v3 Authority Key Identifier:
keyid:C7:4C:A0:85:51:78:A0:CD:D7:19:14:BC:F2:23:AA:31:AF:63:69:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0yghVF4oM3XGRS88iOqMa9jaaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/MXKn3xx2PEWv6ls6F5KUuvj07zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f220a0-df81-42fb-b714-dedd35293230/1/x0yghVF4oM3XGRS88iOqMa9jaaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.233.0/24
5.183.208.0/24
91.240.40.0/22
93.92.116.0/22
94.176.100.0/22
185.35.232.0/22
185.67.120.0/24
185.107.24.0/22
185.125.36.0/22
185.224.116.0/22
193.32.11.0/24
193.124.76.0/22
193.124.144.0/21
194.135.200.0/21
195.216.136.0/22
IPv6:
2a04:65c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:bb:e2:89:10:5f:6b:8e:ce:b6:57:6a:2f:ae:ea:cb:53:88:
a9:4b:95:30:fd:ba:51:9d:de:49:b5:69:61:d5:96:13:5e:ce:
36:71:39:d2:5c:11:db:d7:c3:bf:be:6b:0f:99:4b:8f:c8:f9:
94:54:e7:6b:26:29:c4:b1:38:b4:ef:ee:f4:07:f1:9b:a2:6b:
c8:ef:01:2f:45:c9:05:58:aa:72:5c:42:e2:85:36:b1:78:22:
5e:9b:4f:34:1e:ea:03:71:8c:d0:68:a8:48:4e:ea:32:c1:80:
ff:4f:30:60:89:a0:66:de:32:93:c0:a2:59:80:d8:fa:72:03:
13:35:94:27:77:fb:10:76:fd:c8:08:ca:b5:93:f3:d5:76:21:
eb:cb:27:97:d7:8b:94:92:3c:c7:09:6f:de:51:d1:9e:1d:c7:
4f:5b:b7:84:ac:12:f9:1e:b7:6d:41:4a:69:fb:71:cc:27:4a:
da:16:e0:f4:72:b8:69:e2:62:0e:60:09:e1:c9:31:90:23:5c:
ec:a7:8a:d6:35:84:57:2c:6a:52:a1:98:72:44:07:07:cb:49:
64:13:33:7b:b0:28:87:c4:93:24:18:68:08:d1:4b:26:14:c5:
13:1f:71:c3:f4:4e:d7:23:4b:78:37:f7:fc:25:d8:be:68:a5:
e6:e7:48:96
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZHHzdsLHAdXakpQxtQUtCVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGNhMDg1NTE3OGEwY2RkNzE5MTRiY2YyMjNhYTMxYWY2
MzY5YTQwHhcNMjQwOTA2MTQ0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTcyYTdkZjFjNzYzYzQ1YWZlYTViM2ExNzkyOTRiYWY4ZjRlZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZVKDXmYKU9U8z9x4aFMzH3BIpNq
PlegF8buE/zFJj1OhIaa21lWdZOS10LXanF1f8v4U1jSh0aWBBa8TCblXaBIkr76
LKGAi7Vu3xwgho2QIkgPttpMgI04mivqxnPOf0kC5VGAp3T7RFgKIKv+vwl9Arvh
py0aaiwktlZUaornKOdH5ExDJY7W5pBkt1+vpqwIcrWiqvGvd4H/w95bLZ48MfXA
z/iv8azUFyKEZ05kjhMmCudzKaFjLdhlbZnG52Wu2wIQyW2wo9Zc2t4KC1dTQk4j
hOVj3j7kIO1GVs8pwFWj9RjnymbFXMn70335UgFGr4QtJI8Foun55gP7jwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDFyp98cdjxFr+pbOheSlLr49O8yMB8GA1UdIwQY
MBaAFMdMoIVReKDN1xkUvPIjqjGvY2mkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQt
ZGVkZDM1MjkzMjMwLzEvTVhLbjN4eDJQRVd2NmxzNkY1S1V1dmowN3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMjIwYTAtZGY4MS00MmZiLWI3MTQtZGVkZDM1MjkzMjMw
LzEveDB5Z2hWRjRvTTNYR1JTODhpT3FNYTlqYWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAAWa6QME
AAW30AMEAlvwKAMEAl1cdAMEAl6wZAMEArkj6AMEALlDeAMEArlrGAMEArl9JAME
ArngdAMEAMEgCwMEAsF8TAMEA8F8kAMEA8KHyAMEAsPYiDANBAIAAjAHAwUDKgRl
wDANBgkqhkiG9w0BAQsFAAOCAQEAALviiRBfa47OtldqL67qy1OIqUuVMP26UZ3e
SbVpYdWWE17ONnE50lwR29fDv75rD5lLj8j5lFTnayYpxLE4tO/u9Afxm6JryO8B
L0XJBViqclxC4oU2sXgiXptPNB7qA3GM0GioSE7qMsGA/08wYImgZt4yk8CiWYDY
+nIDEzWUJ3f7EHb9yAjKtZPz1XYh68snl9eLlJI8xwlv3lHRnh3HT1u3hKwS+R63
bUFKaftxzCdK2hbg9HK4aeJiDmAJ4ckxkCNc7KeK1jWEVyxqUqGYckQHB8tJZBMz
e7Aoh8STJBhoCNFLJhTFEx9xw/RO1yNLeDf3/CXYvmil5udIlg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:49:57 2025 by rpki-client