Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/MtG_roDmlPAqZjL5IGXzGmkrLAo.roa
File: MtG_roDmlPAqZjL5IGXzGmkrLAo.roa (raw, json)
Hash identifier: cfoZmCxCjN06tauEGq2n1GiBuxTPZT4O0EDgaDoqTyo=
Subject key identifier: 32:D1:BF:AE:80:E6:94:F0:2A:66:32:F9:20:65:F3:1A:69:2B:2C:0A
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 018F0B7B6AF0973E4E7331E79B58AA7B3F36
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/MtG_roDmlPAqZjL5IGXzGmkrLAo.roa
Signing time: Tue 23 Apr 2024 15:03:08 +0000
ROA not before: Tue 23 Apr 2024 15:03:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136258
IP address blocks: 109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 May 2024 14:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0b:7b:6a:f0:97:3e:4e:73:31:e7:9b:58:aa:7b:3f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Apr 23 15:03:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32d1bfae80e694f02a6632f92065f31a692b2c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:5b:05:b3:42:71:74:13:1d:93:ef:85:32:a7:
ec:d7:fd:bd:e3:5f:49:59:9a:c6:f5:4d:87:56:e2:
79:fc:c3:a2:83:ef:e9:ed:0b:17:60:57:f1:58:68:
21:a6:6b:62:6c:0f:25:b6:6f:92:66:d9:b7:7c:67:
5c:03:f4:38:45:e9:d1:e8:43:5c:0e:7d:8d:7f:e9:
09:f1:f8:d3:a6:c7:1c:00:42:ad:df:97:a5:8e:0f:
c3:47:ed:0c:d4:c8:3e:41:b6:32:8a:99:e8:35:fa:
19:22:b4:2b:84:c3:f5:a2:db:f2:0b:21:e5:8c:ed:
39:9d:03:f6:db:9e:d9:94:e3:77:e1:57:61:d0:8c:
be:95:0c:65:62:11:4f:d1:e6:01:4d:f5:d6:b2:4b:
1b:dd:2b:a9:40:be:aa:e9:1a:38:5a:0d:24:ca:23:
90:90:4c:5e:2e:c8:c6:84:31:46:48:10:56:4a:fc:
b8:73:13:e5:fb:c8:08:de:8e:bd:1e:7f:d5:62:d9:
a0:d4:a7:a7:2c:f4:af:f6:c5:19:91:67:88:16:7e:
23:23:42:7b:a4:8c:7e:da:90:16:ec:d3:74:12:d3:
98:f9:4c:e8:dc:3d:c7:da:70:82:52:48:e0:b2:ae:
ef:48:37:10:8a:94:6d:08:05:88:37:ac:6a:28:5b:
38:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D1:BF:AE:80:E6:94:F0:2A:66:32:F9:20:65:F3:1A:69:2B:2C:0A
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/MtG_roDmlPAqZjL5IGXzGmkrLAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.238.0/23
185.213.23.0/24
IPv6:
2a11:840:6::-2a11:840:8:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:17::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::/47
2a11:840:24::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:60::-2a11:840:62:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
93:15:15:47:ba:e3:07:8f:41:df:5a:cd:64:f8:19:90:4b:5d:
e2:0c:32:a8:2c:e2:ea:f3:6c:7f:50:fd:41:ad:b1:36:48:60:
15:8a:dc:1b:98:f5:fe:9a:39:9c:97:dc:05:3d:a5:94:5b:df:
e6:5f:67:f9:60:47:a8:d8:88:90:d3:2f:65:da:63:e5:bf:36:
0f:08:6a:04:35:12:11:41:6a:39:e1:a0:30:a7:27:1b:58:a8:
03:04:70:7c:b1:51:fc:88:95:4c:c2:79:27:5c:b6:45:76:a6:
48:6c:05:f4:4f:3f:bf:c0:70:bf:9d:ad:c0:6e:93:16:53:5b:
7a:65:e6:ae:b8:23:74:37:59:33:19:09:3a:05:98:03:10:ee:
24:e0:af:e6:d4:d3:32:80:f9:8f:9f:41:b7:8d:e2:69:18:73:
75:e1:23:23:e2:4f:d8:c3:f7:66:0d:1f:7e:b6:95:8e:8e:d6:
e5:ed:f2:52:0c:58:36:38:79:11:83:25:a5:93:cb:45:e5:e7:
c8:aa:16:56:13:9f:81:ce:68:32:b0:f8:69:1d:93:2a:cd:0d:
19:2e:a6:86:0d:b2:c1:ec:9d:9c:9b:81:10:5d:87:87:51:73:
22:41:97:25:af:cb:c2:89:e6:84:ec:a3:9d:be:59:5c:3d:7f:
92:97:47:a9
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAY8Le2rwlz5OczHnm1iqez82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjQwNDIzMTUwMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQxYmZhZTgwZTY5NGYwMmE2NjMyZjkyMDY1ZjMxYTY5MmIyYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVsFs0JxdBMdk++FMqfs1/29419J
WZrG9U2HVuJ5/MOig+/p7QsXYFfxWGghpmtibA8ltm+SZtm3fGdcA/Q4RenR6ENc
Dn2Nf+kJ8fjTpsccAEKt35eljg/DR+0M1Mg+QbYyipnoNfoZIrQrhMP1otvyCyHl
jO05nQP2257ZlON34Vdh0Iy+lQxlYhFP0eYBTfXWsksb3SupQL6q6Ro4Wg0kyiOQ
kExeLsjGhDFGSBBWSvy4cxPl+8gI3o69Hn/VYtmg1KenLPSv9sUZkWeIFn4jI0J7
pIx+2pAW7NN0EtOY+Uzo3D3H2nCCUkjgsq7vSDcQipRtCAWIN6xqKFs4KQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFDLRv66A5pTwKmYy+SBl8xppKywKMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTXRHX3JvRG1sUEFxWmpMNUlHWHpHbWtyTEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TAkBAIAATAeAwQBbWiY
AwQAbWibAwQCk04AAwQBuX7uAwQAudUXMIGsBAIAAjCBpTASAwcBKhEIQAAGAwcA
KhEIQAAIMBIDBwQqEQhAABADBwAqEQhAABQwEgMHACoRCEAAFwMHASoRCEAAGAMH
ASoRCEAAIDASAwcCKhEIQAAkAwcAKhEIQAAmAwcAKhEIQAAwAwcAKhEIQAAzAwcB
KhEIQABAMBIDBwAqEQhAAEcDBwAqEQhAAEgDBwAqEQhAAFQwEgMHBSoRCEAAYAMH
ACoRCEAAYjANBgkqhkiG9w0BAQsFAAOCAQEAkxUVR7rjB49B31rNZPgZkEtd4gwy
qCzi6vNsf1D9Qa2xNkhgFYrcG5j1/po5nJfcBT2llFvf5l9n+WBHqNiIkNMvZdpj
5b82DwhqBDUSEUFqOeGgMKcnG1ioAwRwfLFR/IiVTMJ5J1y2RXamSGwF9E8/v8Bw
v52twG6TFlNbemXmrrgjdDdZMxkJOgWYAxDuJOCv5tTTMoD5j59Bt43iaRhzdeEj
I+JP2MP3Zg0ffraVjo7W5e3yUgxYNjh5EYMlpZPLReXnyKoWVhOfgc5oMrD4aR2T
Ks0NGS6mhg2yweydnJuBEF2Hh1FzIkGXJa/LwonmhOyjnb5ZXD1/kpdHqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:20 2024 by rpki-client on console-fra.rpki-client.org