Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/M7fOZCCx-mSSBzoHU6yPlzXQ3UE.roa
File: M7fOZCCx-mSSBzoHU6yPlzXQ3UE.roa (raw, json)
Hash identifier: wLuvQ616hhrWI/JwDJIVun0Eco3DkxJaeMzn/ZCWbLo=
Subject key identifier: 33:B7:CE:64:20:B1:FA:64:92:07:3A:07:53:AC:8F:97:35:D0:DD:41
Certificate issuer: /CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Certificate serial: 018D1D2A5CE0C8E0162529B40F54931FE7DA
Authority key identifier: BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/M7fOZCCx-mSSBzoHU6yPlzXQ3UE.roa
Signing time: Thu 18 Jan 2024 15:22:11 +0000
ROA not before: Thu 18 Jan 2024 15:22:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 45.14.24.0/22 maxlen: 22
109.108.224.0/19 maxlen: 19
141.138.96.0/19 maxlen: 19
178.74.192.0/18 maxlen: 18
178.74.192.0/19 maxlen: 19
178.74.240.0/20 maxlen: 20
185.16.124.0/22 maxlen: 22
185.181.36.0/22 maxlen: 22
193.106.20.0/22 maxlen: 22
193.148.88.0/22 maxlen: 22
213.226.92.0/22 maxlen: 22
217.30.192.0/20 maxlen: 20
2a04:100::/29 maxlen: 29
2a04:100::/36 maxlen: 36
2a04:100:1000::/36 maxlen: 36
2a04:100:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 29 Jan 2024 07:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:2a:5c:e0:c8:e0:16:25:29:b4:0f:54:93:1f:e7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Validity
Not Before: Jan 18 15:22:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33b7ce6420b1fa6492073a0753ac8f9735d0dd41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:9a:50:1a:76:c7:c7:44:16:ad:3d:a8:d6:
6e:4d:c0:0a:c9:5e:a4:ee:ed:0d:67:8c:64:e3:9e:
8f:01:47:7f:dd:f0:c3:a9:ca:d4:a7:5e:72:2c:e3:
99:25:7c:13:08:20:a7:c2:90:2e:12:33:48:75:e3:
47:74:46:bd:9c:6d:8c:ef:ad:95:28:64:09:ff:79:
bd:f5:ec:af:d4:00:96:27:50:b5:2c:0f:32:4e:62:
09:9e:f1:d1:3a:b8:cd:f9:bd:6a:f9:ee:0e:9f:ee:
88:f4:d3:12:6c:eb:99:c5:f0:6d:c0:d8:5b:f5:45:
6e:1b:14:44:70:6a:ea:5e:70:31:91:ea:4d:3d:36:
b1:35:5d:75:04:93:5b:80:ee:29:f5:6a:9d:7c:3c:
70:e3:be:95:1c:5a:e5:56:69:87:ad:85:c2:63:0e:
62:a1:56:87:9c:de:9a:17:8c:53:cf:22:d4:5b:01:
f2:92:09:e5:bd:d1:95:6e:ad:41:3d:6c:bb:91:0b:
e8:56:32:20:98:17:f9:af:75:60:33:6b:b1:68:25:
c8:1b:58:ff:b1:0f:4a:ee:6d:db:1e:06:c4:9a:6c:
52:c5:3a:71:b4:f4:39:78:83:2f:ac:dc:d2:26:19:
93:30:1b:e5:dd:24:76:b8:c0:37:b2:fa:61:34:a0:
57:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B7:CE:64:20:B1:FA:64:92:07:3A:07:53:AC:8F:97:35:D0:DD:41
X509v3 Authority Key Identifier:
keyid:BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/M7fOZCCx-mSSBzoHU6yPlzXQ3UE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.24.0/22
109.108.224.0/19
141.138.96.0/19
178.74.192.0/18
185.16.124.0/22
185.181.36.0/22
193.106.20.0/22
193.148.88.0/22
213.226.92.0/22
217.30.192.0/20
IPv6:
2a04:100::/29
Signature Algorithm: sha256WithRSAEncryption
01:59:2b:83:49:ce:2a:40:14:9b:52:fd:f2:fa:4f:5a:bb:9f:
4b:b4:93:93:28:c3:7a:28:e1:09:33:a2:44:c2:30:43:24:e5:
7f:be:5b:4e:9d:43:ce:1c:b6:6e:f3:7d:ab:2b:6d:3a:cb:15:
2b:2a:11:fa:c8:16:f6:ff:68:c6:09:6b:d1:bd:8a:25:6d:50:
30:c9:c7:29:71:65:e5:a9:a2:73:05:3a:38:51:23:02:2a:13:
12:78:0b:60:5f:58:ca:5e:e4:2f:dc:5a:0b:ba:94:f8:53:93:
cc:f0:1c:16:f0:16:8c:be:ee:66:f9:93:28:cd:cc:df:52:0b:
47:84:98:d7:e3:72:87:77:6b:1c:47:c6:77:64:29:bc:7f:7f:
06:ba:c2:0d:b8:01:15:d7:5b:f1:62:37:f7:ce:48:af:f9:27:
1f:e9:f7:c3:ca:86:fe:f5:a4:17:be:8b:8a:97:94:df:5b:bf:
d7:ea:1c:69:e3:f3:97:15:31:0d:bb:10:77:d6:be:cb:10:ae:
7d:d5:a2:7f:92:1d:2a:e3:17:f4:ed:d6:93:12:9f:0e:88:f2:
cd:74:eb:f0:c6:9c:8c:2b:95:1e:c1:2e:67:c8:23:b3:94:15:
7b:5b:8b:4c:1c:c2:6a:34:1a:ed:59:3c:4c:b2:61:b1:35:1d:
01:08:12:11
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY0dKlzgyOAWJSm0D1STH+faMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2NjYjFhNmUzYmNhYjYzMTlkMzE3ZjYyYzc0YmYxZTFm
NDE0NzMwHhcNMjQwMTE4MTUyMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2I3Y2U2NDIwYjFmYTY0OTIwNzNhMDc1M2FjOGY5NzM1ZDBkZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6WaUBp2x8dEFq09qNZuTcAKyV6k
7u0NZ4xk456PAUd/3fDDqcrUp15yLOOZJXwTCCCnwpAuEjNIdeNHdEa9nG2M762V
KGQJ/3m99eyv1ACWJ1C1LA8yTmIJnvHROrjN+b1q+e4On+6I9NMSbOuZxfBtwNhb
9UVuGxREcGrqXnAxkepNPTaxNV11BJNbgO4p9WqdfDxw476VHFrlVmmHrYXCYw5i
oVaHnN6aF4xTzyLUWwHykgnlvdGVbq1BPWy7kQvoVjIgmBf5r3VgM2uxaCXIG1j/
sQ9K7m3bHgbEmmxSxTpxtPQ5eIMvrNzSJhmTMBvl3SR2uMA3svphNKBX2QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDO3zmQgsfpkkgc6B1Osj5c10N1BMB8GA1UdIwQY
MBaAFLt8yxpuO8q2MZ0xf2LHS/Hh9BRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMt
NjRiMGU2MTRkMDA0LzEvTTdmT1pDQ3gtbVNTQnpvSFU2eVBselhRM1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMtNjRiMGU2MTRkMDA0
LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLQ4YAwQF
bWzgAwQFjYpgAwQGskrAAwQCuRB8AwQCubUkAwQCwWoUAwQCwZRYAwQC1eJcAwQE
2R7AMA0EAgACMAcDBQMqBAEAMA0GCSqGSIb3DQEBCwUAA4IBAQABWSuDSc4qQBSb
Uv3y+k9au59LtJOTKMN6KOEJM6JEwjBDJOV/vltOnUPOHLZu832rK206yxUrKhH6
yBb2/2jGCWvRvYolbVAwyccpcWXlqaJzBTo4USMCKhMSeAtgX1jKXuQv3FoLupT4
U5PM8BwW8BaMvu5m+ZMozczfUgtHhJjX43KHd2scR8Z3ZCm8f38GusINuAEV11vx
Yjf3zkiv+Scf6ffDyob+9aQXvouKl5TfW7/X6hxp4/OXFTENuxB31r7LEK591aJ/
kh0q4xf07daTEp8OiPLNdOvwxpyMK5UewS5nyCOzlBV7W4tMHMJqNBrtWTxMsmGx
NR0BCBIR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:08 2025 by rpki-client