Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/pmxivIhqAzGvepS8yMC-d8ac2H8.roa
File: pmxivIhqAzGvepS8yMC-d8ac2H8.roa (raw, json)
Hash identifier: hVdWO1WYyBHP1xW19LtVfL3jbPLMnGtb1STS77Iaf7U=
Subject key identifier: A6:6C:62:BC:88:6A:03:31:AF:7A:94:BC:C8:C0:BE:77:C6:9C:D8:7F
Certificate issuer: /CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Certificate serial: 018CC493405CFF683F40579C9FE55FFBF9EB
Authority key identifier: F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/pmxivIhqAzGvepS8yMC-d8ac2H8.roa
Signing time: Mon 01 Jan 2024 10:30:33 +0000
ROA not before: Mon 01 Jan 2024 10:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42277
IP address blocks: 37.188.0.0/18 maxlen: 18
77.241.16.0/21 maxlen: 21
178.249.240.0/21 maxlen: 21
94.247.248.0/24 maxlen: 24
94.247.252.0/22 maxlen: 22
94.247.248.0/22 maxlen: 24
176.241.192.0/19 maxlen: 19
5.249.192.0/19 maxlen: 19
46.62.0.0/17 maxlen: 17
2a02:51c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Aug 2024 06:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:40:5c:ff:68:3f:40:57:9c:9f:e5:5f:fb:f9:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3cab68fbb0c979476594bdfc56c192042b8dedf
Validity
Not Before: Jan 1 10:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66c62bc886a0331af7a94bcc8c0be77c69cd87f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b0:1b:38:9c:df:ae:a4:5d:cc:11:1d:ad:ba:
62:b3:6b:3c:f0:29:5a:d3:04:68:f9:3c:98:fa:f1:
c3:31:11:c0:be:59:99:cf:7f:7f:82:d5:a1:4f:9c:
13:e4:c8:e1:ac:12:0d:d3:79:f4:e2:4a:a9:16:11:
f7:93:7c:64:5c:4e:2a:e8:aa:49:37:d9:93:e5:1f:
c4:29:50:5b:0f:6b:e5:ca:02:1c:26:d1:32:f1:39:
ce:21:78:75:f4:8f:f0:c0:55:8a:78:13:c3:f8:af:
ed:4e:a5:e2:d8:d3:97:80:b4:68:72:e4:5d:4c:05:
2c:95:ba:9d:44:c3:1a:05:52:8c:3f:04:31:ac:89:
04:57:2f:e5:0b:49:1c:a4:3e:a5:c0:9e:2f:7b:18:
4d:87:56:e3:57:9a:97:18:2d:f3:bb:e3:53:39:a6:
6d:c2:60:65:48:8b:2b:60:23:f3:0d:e3:3c:ec:19:
19:80:60:4d:c1:04:f6:e6:fc:3e:cd:ab:c6:16:f4:
4a:b6:9d:47:c5:f4:ce:4b:58:4b:69:55:f0:35:49:
3e:19:87:b4:29:5b:eb:34:f1:f9:0a:f9:aa:96:79:
60:b5:6c:81:93:66:f6:5e:42:15:25:8c:c6:8b:fe:
ba:85:2b:a5:00:5d:17:fc:d8:fb:a2:a9:a4:5c:ae:
cf:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6C:62:BC:88:6A:03:31:AF:7A:94:BC:C8:C0:BE:77:C6:9C:D8:7F
X509v3 Authority Key Identifier:
keyid:F3:CA:B6:8F:BB:0C:97:94:76:59:4B:DF:C5:6C:19:20:42:B8:DE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88q2j7sMl5R2WUvfxWwZIEK43t8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/pmxivIhqAzGvepS8yMC-d8ac2H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/a44335-414f-4479-a7fe-aa4a81a2eb23/1/88q2j7sMl5R2WUvfxWwZIEK43t8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.192.0/19
37.188.0.0/18
46.62.0.0/17
77.241.16.0/21
94.247.248.0/21
176.241.192.0/19
178.249.240.0/21
IPv6:
2a02:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
08:25:44:56:a5:b7:3c:3f:87:d4:fd:4b:39:c0:1b:9b:70:02:
c7:6a:ed:c1:2f:f6:58:97:77:e7:d5:cd:f4:a7:0d:80:a8:b7:
eb:38:62:28:c1:10:00:ac:19:1b:e9:26:96:23:db:ed:24:02:
dd:60:57:cb:02:ec:ea:8c:14:3a:0f:4d:73:a4:88:f3:41:9e:
e9:14:3c:c6:22:79:6c:37:c2:d0:55:f7:fa:e2:14:18:8b:40:
ad:ff:8e:5e:db:26:cf:0a:34:76:f3:15:cb:7c:0e:a2:56:9f:
94:c7:4c:82:96:b6:79:d7:2c:e0:b8:8a:5b:f0:ef:7a:3b:cc:
2b:5c:65:60:75:0a:0f:e4:1f:25:83:4e:3f:40:6c:27:00:a9:
20:2d:68:b9:1c:b6:ae:bf:8f:9b:56:f3:34:4b:bb:93:14:29:
f7:d1:3d:b7:9d:96:69:5a:28:ab:44:04:0e:85:d5:3f:3e:3c:
d7:57:13:a5:ec:88:4a:29:9a:a3:57:ab:c0:6a:41:cc:65:e2:
d6:2f:06:4f:01:23:d3:d9:df:02:df:66:9f:00:fe:f0:72:96:
aa:78:af:39:10:15:f8:5e:8f:ab:a0:44:09:78:b1:45:a8:b4:
89:54:aa:dd:60:29:28:78:8f:c7:1a:ce:85:ce:04:ea:ee:7a:
05:8d:1f:49
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzEk0Bc/2g/QFecn+Vf+/nrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzY2FiNjhmYmIwYzk3OTQ3NjU5NGJkZmM1NmMxOTIwNDJi
OGRlZGYwHhcNMjQwMTAxMTAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZjNjJiYzg4NmEwMzMxYWY3YTk0YmNjOGMwYmU3N2M2OWNkODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLAbOJzfrqRdzBEdrbpis2s88Cla
0wRo+TyY+vHDMRHAvlmZz39/gtWhT5wT5MjhrBIN03n04kqpFhH3k3xkXE4q6KpJ
N9mT5R/EKVBbD2vlygIcJtEy8TnOIXh19I/wwFWKeBPD+K/tTqXi2NOXgLRocuRd
TAUslbqdRMMaBVKMPwQxrIkEVy/lC0kcpD6lwJ4vexhNh1bjV5qXGC3zu+NTOaZt
wmBlSIsrYCPzDeM87BkZgGBNwQT25vw+zavGFvRKtp1HxfTOS1hLaVXwNUk+GYe0
KVvrNPH5CvmqlnlgtWyBk2b2XkIVJYzGi/66hSulAF0X/Nj7oqmkXK7P2QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKZsYryIagMxr3qUvMjAvnfGnNh/MB8GA1UdIwQY
MBaAFPPKto+7DJeUdllL38VsGSBCuN7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUt
YWE0YTgxYTJlYjIzLzEvcG14aXZJaHFBekd2ZXBTOHlNQy1kOGFjMkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9hNDQzMzUtNDE0Zi00NDc5LWE3ZmUtYWE0YTgxYTJlYjIz
LzEvODhxMmo3c01sNVIyV1V2ZnhXd1pJRUs0M3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBfnAAwQG
JbwAAwQHLj4AAwQDTfEQAwQDXvf4AwQFsPHAAwQDsvnwMA0EAgACMAcDBQAqAlHA
MA0GCSqGSIb3DQEBCwUAA4IBAQAIJURWpbc8P4fU/Us5wBubcALHau3BL/ZYl3fn
1c30pw2AqLfrOGIowRAArBkb6SaWI9vtJALdYFfLAuzqjBQ6D01zpIjzQZ7pFDzG
InlsN8LQVff64hQYi0Ct/45e2ybPCjR28xXLfA6iVp+Ux0yClrZ51yzguIpb8O96
O8wrXGVgdQoP5B8lg04/QGwnAKkgLWi5HLauv4+bVvM0S7uTFCn30T23nZZpWiir
RAQOhdU/PjzXVxOl7IhKKZqjV6vAakHMZeLWLwZPASPT2d8C32afAP7wcpaqeK85
EBX4Xo+roEQJeLFFqLSJVKrdYCkoeI/HGs6FzgTq7noFjR9J
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:49 2025 by rpki-client