Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/cCM5Mud9WLpJZ2M_p4TkLH9EWKM.roa
File: cCM5Mud9WLpJZ2M_p4TkLH9EWKM.roa (raw, json)
Hash identifier: AeoFLzhO5BAoZLJS/HzJSRt69isSqKXUVyQ1D9CQmh8=
Subject key identifier: 70:23:39:32:E7:7D:58:BA:49:67:63:3F:A7:84:E4:2C:7F:44:58:A3
Certificate issuer: /CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Certificate serial: 01856D9D0845C0313BF11BEB4A05DD2B969E
Authority key identifier: 3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/cCM5Mud9WLpJZ2M_p4TkLH9EWKM.roa
Signing time: Sun 01 Jan 2023 13:54:45 +0000
ROA not before: Sun 01 Jan 2023 13:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55002
IP address blocks: 91.106.120.0/21 maxlen: 24
88.133.232.0/21 maxlen: 24
46.227.96.0/21 maxlen: 24
80.209.192.0/19 maxlen: 24
95.130.160.0/21 maxlen: 24
212.77.160.0/19 maxlen: 24
185.119.92.0/22 maxlen: 24
88.133.176.0/20 maxlen: 24
81.27.160.0/20 maxlen: 24
217.74.0.0/21 maxlen: 24
5.149.224.0/20 maxlen: 24
130.185.0.0/18 maxlen: 24
2001:16e0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Mar 2023 10:23:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:08:45:c0:31:3b:f1:1b:eb:4a:05:dd:2b:96:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3da6e69e65dd0a540599703ed0c92474cb20e939
Validity
Not Before: Jan 1 13:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70233932e77d58ba4967633fa784e42c7f4458a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b0:4d:cd:cf:75:71:e0:41:42:ea:c2:ca:4c:
38:64:55:e4:67:a0:88:c1:78:36:7c:e4:4e:02:df:
64:eb:bc:0c:d4:11:81:8e:8f:57:9c:72:48:bc:12:
b5:0e:fe:39:9f:91:fe:a2:2f:d2:0d:18:fd:1f:28:
49:d5:be:9d:21:45:57:3d:08:3f:a1:f7:ff:bc:b5:
c5:ab:ec:10:82:65:55:35:f4:de:04:b2:96:51:06:
9d:b3:81:53:d9:83:7e:40:1d:9c:1e:6e:09:11:22:
92:f9:e0:6d:db:0f:9a:4a:8f:6f:6f:71:7f:89:c0:
8c:78:2f:08:96:4a:a2:62:e8:41:37:04:d2:c1:17:
de:0a:f3:35:5e:a6:37:fc:29:f8:78:f7:6b:e2:3a:
7f:78:d6:69:8c:2f:14:19:6b:2c:ef:9b:93:94:32:
c2:e3:23:89:d1:0a:8c:dc:25:ae:bf:35:7c:fd:6f:
95:f2:ef:bc:83:d5:20:0d:4f:10:b2:d0:eb:31:9c:
75:83:da:83:f4:f3:1c:68:91:ca:72:60:17:a4:c6:
d0:e5:f1:12:67:d0:de:57:d6:b1:d3:7c:b0:cc:8c:
15:7b:df:e9:3d:a1:fa:bf:99:98:0a:29:75:b8:52:
23:73:c1:54:52:ee:4b:8d:c4:17:43:5c:a7:e1:8c:
c3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:23:39:32:E7:7D:58:BA:49:67:63:3F:A7:84:E4:2C:7F:44:58:A3
X509v3 Authority Key Identifier:
keyid:3D:A6:E6:9E:65:DD:0A:54:05:99:70:3E:D0:C9:24:74:CB:20:E9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PabmnmXdClQFmXA-0MkkdMsg6Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/cCM5Mud9WLpJZ2M_p4TkLH9EWKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/f7c4a2-b606-4292-b9f7-fa3c4ef5edf6/1/PabmnmXdClQFmXA-0MkkdMsg6Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.224.0/20
46.227.96.0/21
80.209.192.0/19
81.27.160.0/20
88.133.176.0/20
88.133.232.0/21
91.106.120.0/21
95.130.160.0/21
130.185.0.0/18
185.119.92.0/22
212.77.160.0/19
217.74.0.0/21
IPv6:
2001:16e0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:6c:ab:1e:a4:97:0e:60:bf:fa:46:6d:c8:98:08:ae:64:aa:
68:5e:c1:39:8c:01:45:6d:bc:c2:32:a0:b9:af:7a:51:25:d6:
cd:f5:41:84:e6:60:59:d4:fd:5e:89:95:ba:e1:bd:9a:c8:82:
31:bb:6c:ed:96:1b:70:f9:79:56:8a:4a:97:d0:64:01:32:b8:
b6:19:69:f5:da:3e:09:7c:81:0a:07:85:24:8e:b8:fd:c9:25:
73:86:a0:74:db:ce:02:a6:cf:b8:1f:a6:43:52:2e:fb:dd:3b:
ec:72:39:50:9b:57:ce:6a:be:6c:76:f7:12:3a:2d:c9:24:1e:
64:b0:e7:2e:95:9a:1a:20:fa:7d:22:00:8d:e5:36:25:fa:dc:
1b:bb:8d:56:a2:0f:56:f8:85:f6:59:e9:72:03:5e:d7:31:e7:
85:c6:3d:41:2f:6f:2e:49:3f:9a:5d:12:56:cc:35:54:23:dd:
47:ff:54:16:3e:06:22:38:ee:e1:a5:16:93:30:76:43:6a:4a:
fd:82:4b:10:75:20:08:33:e0:a0:62:f5:20:b1:36:c8:b3:e5:
15:b7:18:81:aa:0e:70:59:4c:21:6c:db:17:6f:41:16:0d:23:
25:13:4a:95:bb:f4:9d:48:88:c4:07:22:6b:92:bc:42:8d:b1:
05:30:83:e9
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVtnQhFwDE78RvrSgXdK5aeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYTZlNjllNjVkZDBhNTQwNTk5NzAzZWQwYzkyNDc0Y2Iy
MGU5MzkwHhcNMjMwMTAxMTM1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIzMzkzMmU3N2Q1OGJhNDk2NzYzM2ZhNzg0ZTQyYzdmNDQ1OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbBNzc91ceBBQurCykw4ZFXkZ6CI
wXg2fOROAt9k67wM1BGBjo9XnHJIvBK1Dv45n5H+oi/SDRj9HyhJ1b6dIUVXPQg/
off/vLXFq+wQgmVVNfTeBLKWUQads4FT2YN+QB2cHm4JESKS+eBt2w+aSo9vb3F/
icCMeC8IlkqiYuhBNwTSwRfeCvM1XqY3/Cn4ePdr4jp/eNZpjC8UGWss75uTlDLC
4yOJ0QqM3CWuvzV8/W+V8u+8g9UgDU8QstDrMZx1g9qD9PMcaJHKcmAXpMbQ5fES
Z9DeV9ax03ywzIwVe9/pPaH6v5mYCil1uFIjc8FUUu5LjcQXQ1yn4YzDTQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHAjOTLnfVi6SWdjP6eE5Cx/RFijMB8GA1UdIwQY
MBaAFD2m5p5l3QpUBZlwPtDJJHTLIOk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5Zjct
ZmEzYzRlZjVlZGY2LzEvY0NNNU11ZDlXTHBKWjJNX3A0VGtMSDlFV0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mN2M0YTItYjYwNi00MjkyLWI5ZjctZmEzYzRlZjVlZGY2
LzEvUGFibW5tWGRDbFFGbVhBLTBNa2tkTXNnNlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQEBZXgAwQD
LuNgAwQFUNHAAwQEURugAwQEWIWwAwQDWIXoAwQDW2p4AwQDX4KgAwQGgrkAAwQC
uXdcAwQF1E2gAwQD2UoAMA0EAgACMAcDBQMgARbgMA0GCSqGSIb3DQEBCwUAA4IB
AQBcbKsepJcOYL/6Rm3ImAiuZKpoXsE5jAFFbbzCMqC5r3pRJdbN9UGE5mBZ1P1e
iZW64b2ayIIxu2ztlhtw+XlWikqX0GQBMri2GWn12j4JfIEKB4Ukjrj9ySVzhqB0
284Cps+4H6ZDUi773TvscjlQm1fOar5sdvcSOi3JJB5ksOculZoaIPp9IgCN5TYl
+twbu41Wog9W+IX2WelyA17XMeeFxj1BL28uST+aXRJWzDVUI91H/1QWPgYiOO7h
pRaTMHZDakr9gksQdSAIM+CgYvUgsTbIs+UVtxiBqg5wWUwhbNsXb0EWDSMlE0qV
u/SdSIjEByJrkrxCjbEFMIPp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org