Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/M9MRkfnFoBtwKtReLjzQADav9oA.roa
File: M9MRkfnFoBtwKtReLjzQADav9oA.roa (raw, json)
Hash identifier: 6ZtUCeDnSGezUMZUP8s9mHA0ZpoooeSgE68wHjpi3sw=
Subject key identifier: 33:D3:11:91:F9:C5:A0:1B:70:2A:D4:5E:2E:3C:D0:00:36:AF:F6:80
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 01856FE6EE8C2E977C65B95039E7818739EE
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/M9MRkfnFoBtwKtReLjzQADav9oA.roa
Signing time: Mon 02 Jan 2023 00:34:43 +0000
ROA not before: Mon 02 Jan 2023 00:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44453
IP address blocks: 5.132.137.0/24 maxlen: 32
185.2.156.0/22 maxlen: 22
5.198.144.0/20 maxlen: 20
128.204.128.0/19 maxlen: 24
128.204.135.0/24 maxlen: 24
5.132.162.0/24 maxlen: 32
5.132.161.0/24 maxlen: 32
5.132.163.0/24 maxlen: 24
5.132.162.0/23 maxlen: 23
5.132.189.0/24 maxlen: 24
5.132.190.0/24 maxlen: 32
2a03:3180::/32 maxlen: 32
2a03:3180::/36 maxlen: 36
2a03:3180:4000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ee:8c:2e:97:7c:65:b9:50:39:e7:81:87:39:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 2 00:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33d31191f9c5a01b702ad45e2e3cd00036aff680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:c8:0d:4c:64:fd:f3:51:b3:8a:c7:ce:be:
69:9a:37:fd:d1:4b:4a:02:85:10:9c:d8:f8:d8:93:
c2:82:1f:fd:20:c2:ca:b2:bb:06:c3:70:a8:8c:a9:
6e:5d:1b:80:5b:45:42:9e:2d:8d:fa:7c:b4:ab:63:
0b:91:ec:db:89:cf:76:e9:3e:d4:52:64:fa:ba:ca:
e2:a3:3a:b8:4e:8c:1e:56:68:d1:9c:d6:8a:74:4b:
1f:4c:96:8b:21:bb:8c:43:8c:cb:33:ad:2e:f5:ce:
2b:ea:6a:90:6f:ff:37:1a:0d:a6:75:bd:ac:4c:9e:
e4:22:d2:38:84:81:c5:fd:46:50:df:6a:67:62:dc:
52:cb:50:83:67:60:ec:62:c7:94:82:52:6d:e4:96:
67:9f:de:76:e8:e1:9c:eb:33:6d:f9:e3:c1:53:3a:
b4:a4:c3:34:77:b2:98:ff:eb:d6:cc:43:f8:6d:56:
dc:85:3d:24:cb:00:96:a6:ef:44:45:69:3b:13:55:
5b:1e:78:c7:0e:e7:dc:98:f5:f9:c6:d3:be:91:01:
1e:ed:f7:a2:76:d5:67:54:3e:a6:e1:a8:a4:ef:9f:
d5:2b:2b:47:fd:88:91:19:f3:a9:46:20:2f:c5:85:
05:35:d1:f1:2a:be:40:80:c7:d1:8d:f0:ac:cc:6a:
c7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D3:11:91:F9:C5:A0:1B:70:2A:D4:5E:2E:3C:D0:00:36:AF:F6:80
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/M9MRkfnFoBtwKtReLjzQADav9oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.137.0/24
5.132.161.0-5.132.163.255
5.132.189.0-5.132.190.255
5.198.144.0/20
128.204.128.0/19
185.2.156.0/22
IPv6:
2a03:3180::/32
Signature Algorithm: sha256WithRSAEncryption
70:d7:99:90:3c:38:ae:79:de:03:c0:15:89:86:d1:6f:cf:30:
14:a5:e3:63:cc:23:66:33:f6:b4:20:7f:f7:7f:9c:ab:66:9b:
90:ec:97:1f:83:9c:b4:1c:5c:41:18:b3:49:e5:dc:d3:f3:d9:
89:6e:7e:35:91:b7:d2:33:67:5a:fe:4d:e3:77:99:93:57:20:
9f:9c:f9:43:ab:e9:8f:31:f0:85:68:47:d5:a2:53:fe:71:f8:
36:7b:4f:d2:ee:60:0e:e5:0e:32:d0:51:cb:82:02:82:9c:fa:
f1:4e:4a:b6:20:37:10:d4:3f:54:e2:6a:4f:bd:2b:05:31:4b:
20:bb:cc:55:60:e2:8a:cd:e0:3a:2c:80:fa:f9:a9:3b:a0:8e:
36:f7:97:7b:40:2f:ba:b5:7c:e1:b7:d7:33:1a:8c:13:02:eb:
30:6a:5d:38:32:6e:51:ce:38:06:c2:43:3b:e5:61:60:67:12:
76:94:4f:7f:81:f1:81:d0:74:5b:3d:58:a8:01:1d:ff:d2:ec:
1b:3d:41:82:3b:ba:03:a1:87:cc:7d:e9:35:42:86:26:ca:08:
3e:cb:e5:ca:9c:3a:52:16:5d:cb:b6:67:d9:65:a8:d7:69:90:
90:d8:ba:06:c0:3b:bb:f9:b5:bf:14:7b:eb:a8:d6:b2:f3:a1:
ad:89:dc:12
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVv5u6MLpd8ZblQOeeBhznuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNGEyMDIwYjgyZDAyOTRlOTBhMmQ2YjJjMGYyOGQxMTcz
YjY0NjUwHhcNMjMwMTAyMDAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QzMTE5MWY5YzVhMDFiNzAyYWQ0NWUyZTNjZDAwMDM2YWZmNjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHjIDUxk/fNRs4rHzr5pmjf90UtK
AoUQnNj42JPCgh/9IMLKsrsGw3CojKluXRuAW0VCni2N+ny0q2MLkezbic926T7U
UmT6usriozq4ToweVmjRnNaKdEsfTJaLIbuMQ4zLM60u9c4r6mqQb/83Gg2mdb2s
TJ7kItI4hIHF/UZQ32pnYtxSy1CDZ2DsYseUglJt5JZnn9526OGc6zNt+ePBUzq0
pMM0d7KY/+vWzEP4bVbchT0kywCWpu9ERWk7E1VbHnjHDufcmPX5xtO+kQEe7fei
dtVnVD6m4aik75/VKytH/YiRGfOpRiAvxYUFNdHxKr5AgMfRjfCszGrHfQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFDPTEZH5xaAbcCrUXi480AA2r/aAMB8GA1UdIwQY
MBaAFB5KICC4LQKU6QotaywPKNEXO2RlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQt
NTMwNDQwYzRmYTI5LzEvTTlNUmtmbkZvQnR3S3RSZUxqelFBRGF2OW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQtNTMwNDQwYzRmYTI5
LzEvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQABYSJMAwD
BAAFhKEDBAIFhKAwDAMEAAWEvQMEAAWEvgMEBAXGkAMEBYDMgAMEArkCnDANBAIA
AjAHAwUAKgMxgDANBgkqhkiG9w0BAQsFAAOCAQEAcNeZkDw4rnneA8AViYbRb88w
FKXjY8wjZjP2tCB/93+cq2abkOyXH4OctBxcQRizSeXc0/PZiW5+NZG30jNnWv5N
43eZk1cgn5z5Q6vpjzHwhWhH1aJT/nH4NntP0u5gDuUOMtBRy4ICgpz68U5KtiA3
ENQ/VOJqT70rBTFLILvMVWDiis3gOiyA+vmpO6CONveXe0AvurV84bfXMxqMEwLr
MGpdODJuUc44BsJDO+VhYGcSdpRPf4HxgdB0Wz1YqAEd/9LsGz1Bgju6A6GHzH3p
NUKGJsoIPsvlypw6UhZdy7Zn2WWo12mQkNi6BsA7u/m1vxR766jWsvOhrYncEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:57 2024 by rpki-client on console-ams.rpki-client.org