Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7UhU4lfw4iAz-6Kncs6wSUEvhI.roa
File: M7UhU4lfw4iAz-6Kncs6wSUEvhI.roa (raw, json)
Hash identifier: wuberbRFhVPXj1oEU2A9HTt9vX2HVz+jBsbpo3XNVcQ=
Subject key identifier: 33:B5:21:53:89:5F:C3:88:80:CF:EE:8A:9D:CB:3A:C1:25:04:BE:12
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3494C13D66608F29186127A27B177F6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7UhU4lfw4iAz-6Kncs6wSUEvhI.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 82.152.174.0/23 maxlen: 23
109.176.246.0/24 maxlen: 24
82.153.208.0/22 maxlen: 22
89.213.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Feb 2024 08:42:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4c:13:d6:66:08:f2:91:86:12:7a:27:b1:77:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33b52153895fc38880cfee8a9dcb3ac12504be12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:58:ca:ee:c5:a6:d5:de:00:86:0e:1b:71:28:
de:aa:35:ca:9d:2b:37:04:9b:a2:b3:88:35:d5:2c:
23:b0:d6:20:34:94:ea:6a:6e:8c:a2:7d:13:18:c4:
30:c2:bf:ce:0a:7e:ef:99:7d:73:d7:71:90:93:63:
dd:52:07:fb:15:8a:51:29:86:65:74:e0:37:6d:62:
68:de:1a:b5:67:18:43:60:eb:35:3b:44:2b:87:e6:
aa:e9:2f:1e:0f:96:0a:aa:eb:f8:bd:5a:10:74:2a:
e4:86:6d:d0:4f:47:b5:b9:3c:57:46:b2:0e:97:b7:
12:17:eb:dd:96:59:1f:65:a9:56:ec:7f:14:e7:64:
e9:d0:59:a5:46:25:5b:89:ba:70:4e:b7:41:f3:f5:
09:52:7e:d3:30:c1:c0:29:ae:10:e1:0f:15:64:93:
f4:53:07:c1:fe:74:99:43:9e:dd:bd:42:20:32:13:
e5:af:d6:e0:b5:91:80:ed:ea:e2:06:b3:19:ee:e3:
3c:54:b6:10:b7:bd:68:e3:4a:03:f8:41:1f:62:93:
eb:b9:1a:b1:41:e7:2f:b0:83:65:3c:e0:1b:83:ec:
aa:2d:8e:1e:f5:77:46:52:44:ef:73:b8:2f:ea:88:
7a:d8:f5:67:5f:f5:53:67:a8:ea:d5:17:7d:de:16:
2a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B5:21:53:89:5F:C3:88:80:CF:EE:8A:9D:CB:3A:C1:25:04:BE:12
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M7UhU4lfw4iAz-6Kncs6wSUEvhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
82.153.208.0/22
89.213.158.0/24
109.176.246.0/24
Signature Algorithm: sha256WithRSAEncryption
13:7e:c8:c7:d5:6d:06:40:01:4c:e5:e4:d3:00:cf:21:39:cf:
f8:35:ea:9f:9c:fd:5f:29:4a:e1:4f:2d:b7:89:b8:33:6a:3f:
41:f1:01:fc:77:ce:a2:9c:1e:2f:a7:0b:10:8a:ee:2a:0a:9d:
e2:5e:84:b0:68:a9:a0:09:12:d5:a7:fb:ce:0e:11:a8:a1:f3:
1e:bc:fd:ba:7a:20:45:38:9d:d9:08:26:a3:5e:dc:17:a0:9c:
da:cd:45:cb:47:1c:b0:5f:68:3f:a7:14:ab:84:0b:d0:7a:77:
bb:0b:c2:38:54:19:96:7c:15:dc:8b:ba:4e:ab:36:31:19:88:
e0:6a:61:8c:1a:10:a7:d6:d1:c6:8f:4c:ce:f1:a3:a3:1b:45:
45:03:b4:32:e4:03:48:f6:f8:7f:d2:2a:1d:11:96:62:ca:d0:
bf:50:f8:14:cc:ca:82:46:77:df:46:0b:e9:ee:5a:09:89:e5:
8a:ec:a9:1f:17:3d:5e:87:dc:65:ed:d5:0c:04:2f:33:fa:f9:
15:91:43:3d:07:f3:19:9f:35:59:af:13:88:b2:f0:23:4b:b8:
29:55:ec:7e:6b:e6:ab:b6:9c:9c:fb:72:df:54:92:ea:dd:ef:
a0:7a:6b:32:c6:84:c9:09:ec:75:c7:ef:f7:4d:25:9c:cf:0f:
f6:49:52:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSUwT1mYI8pGGEnonsXf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2I1MjE1Mzg5NWZjMzg4ODBjZmVlOGE5ZGNiM2FjMTI1MDRiZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1jK7sWm1d4Ahg4bcSjeqjXKnSs3
BJuis4g11SwjsNYgNJTqam6Mon0TGMQwwr/OCn7vmX1z13GQk2PdUgf7FYpRKYZl
dOA3bWJo3hq1ZxhDYOs1O0Qrh+aq6S8eD5YKquv4vVoQdCrkhm3QT0e1uTxXRrIO
l7cSF+vdllkfZalW7H8U52Tp0FmlRiVbibpwTrdB8/UJUn7TMMHAKa4Q4Q8VZJP0
UwfB/nSZQ57dvUIgMhPlr9bgtZGA7eriBrMZ7uM8VLYQt71o40oD+EEfYpPruRqx
QecvsINlPOAbg+yqLY4e9XdGUkTvc7gv6oh62PVnX/VTZ6jq1Rd93hYqjQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDO1IVOJX8OIgM/uip3LOsElBL4SMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTTdVaFU0bGZ3NGlBei02S25jczZ3U1VFdmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUpiuAwQC
UpnQAwQAWdWeAwQAbbD2MA0GCSqGSIb3DQEBCwUAA4IBAQATfsjH1W0GQAFM5eTT
AM8hOc/4NeqfnP1fKUrhTy23ibgzaj9B8QH8d86inB4vpwsQiu4qCp3iXoSwaKmg
CRLVp/vODhGoofMevP26eiBFOJ3ZCCajXtwXoJzazUXLRxywX2g/pxSrhAvQene7
C8I4VBmWfBXci7pOqzYxGYjgamGMGhCn1tHGj0zO8aOjG0VFA7Qy5ANI9vh/0iod
EZZiytC/UPgUzMqCRnffRgvp7loJieWK7KkfFz1eh9xl7dUMBC8z+vkVkUM9B/MZ
nzVZrxOIsvAjS7gpVex+a+artpyc+3LfVJLq3e+gemsyxoTJCex1x+/3TSWczw/2
SVKf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:22 2024 by rpki-client on console-ams.rpki-client.org