Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/mtNULqQYD6M15y3iT2M6LxYNzB8.roa
File: mtNULqQYD6M15y3iT2M6LxYNzB8.roa (raw, json)
Hash identifier: LsWiwT1k/KsKGX5bytznFeT6YJQ7FIkuFCe4cXIWIR4=
Subject key identifier: 9A:D3:54:2E:A4:18:0F:A3:35:E7:2D:E2:4F:63:3A:2F:16:0D:CC:1F
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 018CC5005F913CF43618ACF3C61E2861D605
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/mtNULqQYD6M15y3iT2M6LxYNzB8.roa
Signing time: Mon 01 Jan 2024 12:29:45 +0000
ROA not before: Mon 01 Jan 2024 12:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 94.143.208.0/21 maxlen: 24
213.108.29.0/24 maxlen: 24
185.63.20.0/22 maxlen: 24
185.61.224.0/22 maxlen: 24
62.112.224.0/19 maxlen: 24
2a00:1558::/32 maxlen: 48
2a02:27c8::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5f:91:3c:f4:36:18:ac:f3:c6:1e:28:61:d6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jan 1 12:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ad3542ea4180fa335e72de24f633a2f160dcc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:a2:f5:75:2f:39:86:ac:9d:e9:26:df:79:
03:73:ed:5d:ff:a2:90:76:4e:eb:50:4a:60:24:73:
da:4a:3f:9c:69:e8:91:6e:6c:fe:26:0f:6a:04:34:
48:2e:a8:22:96:25:b3:11:bc:29:7e:f7:0b:26:89:
3d:9c:c2:53:1e:82:98:fc:0a:bb:2b:6e:7e:c8:92:
09:2d:53:b5:03:cf:db:da:13:85:e0:cb:a3:6d:c1:
37:b4:81:12:66:f6:97:fe:26:5d:3b:a6:43:0f:91:
87:4e:91:cb:0a:92:0e:fa:96:03:a6:99:5b:b0:cd:
bd:6c:97:99:75:07:c5:0b:25:b8:04:7b:4d:85:97:
a9:ae:4a:4f:ff:85:40:ec:bc:04:1e:77:8c:e9:42:
f6:95:6e:22:17:59:47:74:48:6a:88:5b:1a:82:c1:
01:80:89:68:fd:dc:90:40:83:d2:72:85:2f:9f:1c:
79:e6:fe:bb:2c:c2:9c:ed:17:6a:f9:cd:cd:e0:37:
c6:f0:e8:f4:86:f9:b6:fb:3d:48:3b:4d:3b:ce:e5:
b3:47:92:1b:4c:0e:92:c3:0a:48:00:d4:66:5c:d2:
00:b2:36:98:53:fd:df:2c:35:d6:95:35:8c:fe:47:
f0:da:42:34:9f:65:9b:b9:38:ec:26:95:ad:76:d0:
0e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D3:54:2E:A4:18:0F:A3:35:E7:2D:E2:4F:63:3A:2F:16:0D:CC:1F
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/mtNULqQYD6M15y3iT2M6LxYNzB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.224.0/19
94.143.208.0/21
185.61.224.0/22
185.63.20.0/22
213.108.29.0/24
IPv6:
2a00:1558::/32
2a02:27c8::/32
Signature Algorithm: sha256WithRSAEncryption
0c:dc:42:d5:26:bc:e9:3f:f5:7c:bf:20:6d:74:24:ee:94:18:
05:04:c9:c0:32:65:97:31:55:53:3c:21:58:fb:3e:93:d3:26:
52:6c:7e:ac:1f:56:0e:97:5e:71:e9:95:5e:2f:48:ce:ee:8c:
e8:3d:f2:a2:be:23:9a:e8:b4:a7:08:83:8d:88:f4:d1:33:91:
04:84:ae:0b:66:da:10:20:0a:83:01:f8:3a:fc:3f:51:53:72:
97:85:41:c4:d4:78:28:0c:53:f1:a7:99:93:bf:5b:33:82:19:
5f:bf:5f:0b:af:48:f9:dc:cd:13:e9:ef:a6:5c:c8:8d:63:6b:
95:e0:d8:c9:ff:34:78:53:91:aa:80:43:6a:68:dc:db:d4:c9:
ef:42:b1:2c:97:a6:0e:ea:1d:4a:bc:04:b4:6a:b3:6d:17:f4:
ed:71:44:0b:1e:48:0c:f1:04:d5:12:9f:e3:e0:df:a2:1a:0a:
85:86:db:a7:83:66:75:be:64:5a:df:93:26:e1:a3:25:03:a8:
5e:d1:95:08:b7:01:0c:58:05:e9:bc:80:88:ff:ff:6a:bc:94:
ac:85:03:1d:2b:75:e4:0f:c9:8a:aa:33:2e:f1:80:bb:ab:da:
b1:f2:a9:b6:7a:94:3b:c5:dd:08:97:8e:8f:fc:03:90:62:40:
5b:7d:93:f2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzFAF+RPPQ2GKzzxh4oYdYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjQwMTAxMTIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQzNTQyZWE0MTgwZmEzMzVlNzJkZTI0ZjYzM2EyZjE2MGRjYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozyi9XUvOYasnekm33kDc+1d/6KQ
dk7rUEpgJHPaSj+caeiRbmz+Jg9qBDRILqgiliWzEbwpfvcLJok9nMJTHoKY/Aq7
K25+yJIJLVO1A8/b2hOF4MujbcE3tIESZvaX/iZdO6ZDD5GHTpHLCpIO+pYDpplb
sM29bJeZdQfFCyW4BHtNhZeprkpP/4VA7LwEHneM6UL2lW4iF1lHdEhqiFsagsEB
gIlo/dyQQIPScoUvnxx55v67LMKc7Rdq+c3N4DfG8Oj0hvm2+z1IO007zuWzR5Ib
TA6SwwpIANRmXNIAsjaYU/3fLDXWlTWM/kfw2kI0n2WbuTjsJpWtdtAOIwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJrTVC6kGA+jNect4k9jOi8WDcwfMB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvbXROVUxxUVlENk0xNXkzaVQyTTZMeFlOekI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMtMDcyMjg4MTJkMDE3
LzEveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQFPnDgAwQD
Xo/QAwQCuT3gAwQCuT8UAwQA1WwdMBQEAgACMA4DBQAqABVYAwUAKgInyDANBgkq
hkiG9w0BAQsFAAOCAQEADNxC1Sa86T/1fL8gbXQk7pQYBQTJwDJllzFVUzwhWPs+
k9MmUmx+rB9WDpdecemVXi9Izu6M6D3yor4jmui0pwiDjYj00TORBISuC2baECAK
gwH4Ovw/UVNyl4VBxNR4KAxT8aeZk79bM4IZX79fC69I+dzNE+nvplzIjWNrleDY
yf80eFORqoBDamjc29TJ70KxLJemDuodSrwEtGqzbRf07XFECx5IDPEE1RKf4+Df
ohoKhYbbp4Nmdb5kWt+TJuGjJQOoXtGVCLcBDFgF6byAiP//aryUrIUDHSt15A/J
iqozLvGAu6vasfKptnqUO8XdCJeOj/wDkGJAW32T8g==
-----END CERTIFICATE-----
Generated at Tue Apr 15 02:41:57 2025 by rpki-client