Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/M-7DftnVMU2vQVpihtmmt6GDegE.roa
File: M-7DftnVMU2vQVpihtmmt6GDegE.roa (raw, json)
Hash identifier: NjMoMTAOJACyoeAMXdQkVn5eqrAoHptJxj6X7GGEcNk=
Subject key identifier: 33:EE:C3:7E:D9:D5:31:4D:AF:41:5A:62:86:D9:A6:B7:A1:83:7A:01
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 018B4249FBD0BBD112814AA2141941DA9C09
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/M-7DftnVMU2vQVpihtmmt6GDegE.roa
Signing time: Wed 18 Oct 2023 10:17:06 +0000
ROA not before: Wed 18 Oct 2023 10:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31200
IP address blocks: 178.49.248.0/22 maxlen: 22
178.49.200.0/22 maxlen: 22
5.130.166.0/24 maxlen: 24
5.129.0.0/17 maxlen: 17
37.193.0.0/16 maxlen: 16
5.129.128.0/19 maxlen: 19
37.195.0.0/16 maxlen: 16
5.131.0.0/16 maxlen: 16
178.49.12.0/22 maxlen: 22
5.130.0.0/16 maxlen: 16
37.194.0.0/16 maxlen: 16
178.49.56.0/22 maxlen: 22
37.192.0.0/16 maxlen: 16
5.128.0.0/16 maxlen: 16
5.129.186.0/24 maxlen: 24
5.129.181.0/24 maxlen: 24
5.129.184.0/23 maxlen: 23
37.192.0.0/14 maxlen: 14
178.49.0.0/17 maxlen: 17
178.49.0.0/16 maxlen: 24
178.49.132.0/24 maxlen: 24
178.49.128.0/17 maxlen: 24
178.49.133.0/24 maxlen: 24
178.49.145.0/24 maxlen: 24
178.49.144.0/24 maxlen: 24
178.49.142.0/24 maxlen: 24
178.49.141.0/24 maxlen: 24
178.49.146.0/24 maxlen: 24
178.49.148.0/24 maxlen: 24
178.49.147.0/24 maxlen: 24
178.49.152.0/23 maxlen: 23
178.49.152.0/24 maxlen: 24
178.49.152.0/22 maxlen: 22
178.49.150.0/23 maxlen: 23
178.49.159.0/24 maxlen: 24
178.49.158.0/24 maxlen: 24
178.49.156.0/23 maxlen: 23
178.49.154.0/24 maxlen: 24
178.49.154.0/23 maxlen: 23
5.128.119.0/24 maxlen: 24
5.131.240.0/20 maxlen: 20
5.131.251.0/24 maxlen: 24
2a00:7700::/32 maxlen: 32
2a00:7700:8a02::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:49:fb:d0:bb:d1:12:81:4a:a2:14:19:41:da:9c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Oct 18 10:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33eec37ed9d5314daf415a6286d9a6b7a1837a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:43:c0:99:18:2a:62:f2:d1:54:bb:95:1a:bc:
0e:28:dc:e7:69:fa:28:b8:13:6d:f1:a5:14:6c:4f:
9c:ef:ba:12:ee:59:30:51:22:d4:82:fb:7e:38:d2:
b2:b7:b3:3f:04:29:d5:79:e5:9b:cc:58:b6:76:de:
fb:29:94:51:8d:e0:16:d2:b8:f9:e8:c0:63:b1:3f:
6b:dc:cd:23:ff:00:76:de:41:73:3e:80:a7:70:14:
50:5c:41:0d:61:ba:d9:1e:e1:93:69:77:3c:7c:aa:
7d:73:f7:bc:cc:df:45:d3:8e:73:1a:fd:de:97:04:
01:72:e5:53:4f:bc:03:8c:a6:02:81:5a:db:25:39:
bb:a1:b2:bc:47:03:d7:a8:85:ea:5e:8c:2d:54:b4:
77:23:5f:7a:7c:a2:46:b5:77:e5:a8:11:f4:63:76:
9f:d2:e0:8c:fc:03:c2:aa:fd:2d:80:c1:e0:90:1f:
50:cd:db:50:c4:22:61:99:ee:96:ef:06:ff:75:37:
89:c5:7d:60:71:5f:84:88:8e:88:0e:d3:58:39:fc:
32:34:16:7d:48:a9:d1:ba:dc:7e:d6:c9:ee:c6:9a:
7c:50:d4:bc:92:c0:f1:58:e8:8d:48:de:fc:eb:f9:
e9:4f:c4:b2:f5:d0:6b:7d:15:45:3d:98:0f:b9:5d:
51:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EE:C3:7E:D9:D5:31:4D:AF:41:5A:62:86:D9:A6:B7:A1:83:7A:01
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/M-7DftnVMU2vQVpihtmmt6GDegE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.128.0.0-5.129.159.255
5.129.181.0/24
5.129.184.0-5.129.186.255
5.130.0.0/15
37.192.0.0/14
178.49.0.0/16
IPv6:
2a00:7700::/32
Signature Algorithm: sha256WithRSAEncryption
84:f2:60:84:38:d9:e3:94:49:97:ef:4b:d9:c1:94:98:52:4b:
bb:cd:67:82:ce:0d:c6:d7:67:52:94:7c:b7:92:e0:07:0f:74:
2f:36:35:ca:68:d2:7e:32:e9:00:b0:e9:b5:ba:ef:77:49:a8:
2c:fd:e5:18:93:a7:fa:db:8d:fd:3a:2e:06:72:fd:0a:49:b1:
b0:53:d9:bd:2e:ee:8a:d8:a5:d5:87:10:67:a5:5c:7a:a1:e2:
65:bf:4a:c1:f2:c4:a1:24:a3:0f:fa:1d:2e:48:d2:0d:b8:0a:
4f:03:7b:c9:8d:47:ef:93:3e:a3:a3:51:28:f3:75:ca:fc:34:
48:8e:94:93:d1:70:5f:50:46:59:0a:58:26:de:b8:4f:a5:77:
0d:96:cb:a5:12:6d:61:69:68:51:d9:a5:36:09:c8:41:23:8e:
df:03:5a:50:63:fb:da:9c:fb:0c:79:13:8f:68:d0:b2:e2:0d:
fa:92:1c:b9:67:fa:02:97:b3:29:b1:96:7a:82:c0:48:ec:34:
32:a8:f1:a3:d1:3f:f2:7a:e6:38:7a:97:8e:d0:0d:65:05:0b:
84:e7:4d:94:a7:f5:b2:38:30:90:51:45:67:8c:9e:76:c0:30:
98:64:7b:96:81:c0:59:2d:13:db:6b:e5:26:0c:ad:c6:39:38:
9d:6f:0c:8c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYtCSfvQu9ESgUqiFBlB2pwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjMxMDE4MTAxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VlYzM3ZWQ5ZDUzMTRkYWY0MTVhNjI4NmQ5YTZiN2ExODM3YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUPAmRgqYvLRVLuVGrwOKNznafoo
uBNt8aUUbE+c77oS7lkwUSLUgvt+ONKyt7M/BCnVeeWbzFi2dt77KZRRjeAW0rj5
6MBjsT9r3M0j/wB23kFzPoCncBRQXEENYbrZHuGTaXc8fKp9c/e8zN9F045zGv3e
lwQBcuVTT7wDjKYCgVrbJTm7obK8RwPXqIXqXowtVLR3I196fKJGtXflqBH0Y3af
0uCM/APCqv0tgMHgkB9QzdtQxCJhme6W7wb/dTeJxX1gcV+EiI6IDtNYOfwyNBZ9
SKnRutx+1snuxpp8UNS8ksDxWOiNSN786/npT8Sy9dBrfRVFPZgPuV1RHwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDPuw37Z1TFNr0FaYobZprehg3oBMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvTS03RGZ0blZNVTJ2UVZwaWh0bW10NkdEZWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwMAsDAwcFgAME
BQWBgAMEAAWBtTAMAwQDBYG4AwQABYG6AwMBBYIDAwIlwAMDALIxMA0EAgACMAcD
BQAqAHcAMA0GCSqGSIb3DQEBCwUAA4IBAQCE8mCEONnjlEmX70vZwZSYUku7zWeC
zg3G12dSlHy3kuAHD3QvNjXKaNJ+MukAsOm1uu93Sags/eUYk6f62439Oi4Gcv0K
SbGwU9m9Lu6K2KXVhxBnpVx6oeJlv0rB8sShJKMP+h0uSNINuApPA3vJjUfvkz6j
o1Eo83XK/DRIjpST0XBfUEZZClgm3rhPpXcNlsulEm1haWhR2aU2CchBI47fA1pQ
Y/vanPsMeROPaNCy4g36khy5Z/oCl7MpsZZ6gsBI7DQyqPGj0T/yeuY4epeO0A1l
BQuE502Up/WyODCQUUVnjJ52wDCYZHuWgcBZLRPba+UmDK3GOTidbwyM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org