Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/M-nm6Cx5EC1j_kSmGGVqUBfqQOE.roa
File: M-nm6Cx5EC1j_kSmGGVqUBfqQOE.roa (raw, json)
Hash identifier: WBgc5GMXiAxgnoLAVTVG4HWALmQaWJECuLfJx4aN5io=
Subject key identifier: 33:E9:E6:E8:2C:79:10:2D:63:FE:44:A6:18:65:6A:50:17:EA:40:E1
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018CEF5826A17E65FD5ABE4DC0107246849A
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/M-nm6Cx5EC1j_kSmGGVqUBfqQOE.roa
Signing time: Tue 09 Jan 2024 17:49:40 +0000
ROA not before: Tue 09 Jan 2024 17:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 185.213.23.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
2a11:840:18::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 12:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:58:26:a1:7e:65:fd:5a:be:4d:c0:10:72:46:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 9 17:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33e9e6e82c79102d63fe44a618656a5017ea40e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:5e:ac:50:8e:fb:28:1a:51:ee:58:93:61:c6:
a0:a5:27:af:74:0b:38:5e:0b:99:9e:fc:03:74:f5:
78:e4:25:b4:4f:62:e2:89:10:dc:33:d8:0c:00:99:
ff:6a:3e:5e:63:4e:52:47:4e:e9:39:59:87:ad:24:
74:c9:2d:3c:8d:f8:37:a8:14:f9:d7:c8:10:2b:06:
fc:1b:6b:3b:c1:b6:25:98:0f:f7:8a:f8:dd:2a:55:
40:b5:ca:94:2e:ae:2e:bb:41:e6:16:e2:4a:9d:3c:
0c:cc:fe:77:63:60:97:24:d0:f6:e3:0b:71:90:83:
ca:24:8d:26:19:0d:b4:44:fd:ab:43:ed:d2:1f:24:
b0:c9:93:58:42:d0:ba:f4:fb:0e:08:1f:20:58:b4:
cf:3a:5a:b7:3e:94:94:64:3b:10:91:8e:67:78:c0:
3f:99:be:e3:71:0a:d6:27:71:8c:2b:de:34:52:69:
75:f1:14:85:be:f7:d0:1f:d8:b3:74:bd:73:1c:ca:
b3:52:45:c4:0e:74:dc:0e:65:2c:d7:97:2d:bc:83:
94:71:e2:04:43:d1:7f:d3:cd:e3:aa:40:47:0a:49:
42:98:c0:b4:71:a0:e7:06:94:16:89:71:17:4f:8f:
1a:f6:55:89:85:22:85:50:67:76:fc:06:69:09:e5:
88:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E9:E6:E8:2C:79:10:2D:63:FE:44:A6:18:65:6A:50:17:EA:40:E1
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/M-nm6Cx5EC1j_kSmGGVqUBfqQOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/23
147.78.3.0/24
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/48
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
Signature Algorithm: sha256WithRSAEncryption
8c:54:1b:69:51:6b:e5:cb:c1:f6:e9:98:86:15:93:3a:47:8c:
69:89:e3:e8:d6:0c:ce:30:ea:db:d5:8b:2d:99:30:b4:b7:3c:
8c:dd:42:73:23:b4:bc:08:d3:4b:02:76:17:26:a9:3c:0a:a1:
11:4d:12:02:a5:e5:e1:9e:ed:f0:0e:a3:d7:eb:bf:f8:26:35:
85:86:47:89:90:82:42:42:90:81:ba:f6:07:23:9d:08:b9:8e:
c7:95:05:0c:37:b2:62:9b:51:18:76:8c:d1:04:22:b8:a4:1d:
59:d3:df:e6:44:0b:6f:02:c3:60:6a:f9:11:20:6f:90:44:10:
99:ca:21:c0:22:f6:8a:f1:df:c8:85:37:dd:d7:3c:d2:b7:93:
c1:90:6e:bb:e4:74:94:01:52:d9:df:16:08:9c:df:84:ea:5b:
6c:6b:c9:94:e1:7a:79:94:ab:70:8e:e4:b6:96:10:e5:2e:27:
c6:86:e5:25:3f:e7:70:a4:be:46:1e:86:f0:dd:33:7b:41:aa:
bb:31:ec:2c:52:09:83:18:bc:6a:fa:3c:d5:39:61:63:65:8d:
98:d0:af:f5:9e:f4:d5:69:f0:b8:26:7e:00:21:29:eb:5e:90:
97:db:39:40:33:04:85:43:f5:da:40:c2:ae:f6:33:e9:b1:68:
cd:bd:e7:45
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYzvWCahfmX9Wr5NwBByRoSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwMTA5MTc0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U5ZTZlODJjNzkxMDJkNjNmZTQ0YTYxODY1NmE1MDE3ZWE0MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg16sUI77KBpR7liTYcagpSevdAs4
XguZnvwDdPV45CW0T2LiiRDcM9gMAJn/aj5eY05SR07pOVmHrSR0yS08jfg3qBT5
18gQKwb8G2s7wbYlmA/3ivjdKlVAtcqULq4uu0HmFuJKnTwMzP53Y2CXJND24wtx
kIPKJI0mGQ20RP2rQ+3SHySwyZNYQtC69PsOCB8gWLTPOlq3PpSUZDsQkY5neMA/
mb7jcQrWJ3GMK940Uml18RSFvvfQH9izdL1zHMqzUkXEDnTcDmUs15ctvIOUceIE
Q9F/083jqkBHCklCmMC0caDnBpQWiXEXT48a9lWJhSKFUGd2/AZpCeWIHQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFDPp5ugseRAtY/5EphhlalAX6kDhMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTS1ubTZDeDVFQzFqX2tTbUdHVnFVQmZxUU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjAqBAIAATAkAwQBbWiY
AwQAbWibAwQBk04AAwQAk04DAwQBuX7uAwQAudUXMIGPBAIAAjCBiDASAwcBKhEI
QAAGAwcAKhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoR
CEAAGAMHACoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAzAwcBKhEI
QABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQwDQYJKoZIhvcNAQELBQAD
ggEBAIxUG2lRa+XLwfbpmIYVkzpHjGmJ4+jWDM4w6tvViy2ZMLS3PIzdQnMjtLwI
00sCdhcmqTwKoRFNEgKl5eGe7fAOo9frv/gmNYWGR4mQgkJCkIG69gcjnQi5jseV
BQw3smKbURh2jNEEIrikHVnT3+ZEC28Cw2Bq+REgb5BEEJnKIcAi9orx38iFN93X
PNK3k8GQbrvkdJQBUtnfFgic34TqW2xryZThenmUq3CO5LaWEOUuJ8aG5SU/53Ck
vkYehvDdM3tBqrsx7CxSCYMYvGr6PNU5YWNljZjQr/We9NVp8LgmfgAhKetekJfb
OUAzBIVD9dpAwq72M+mxaM2950U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org