Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/msJGxe-Omzma_YyXgMQXxBcHFlA.roa
File: msJGxe-Omzma_YyXgMQXxBcHFlA.roa (raw, json)
Hash identifier: vXAHjMA57tujUA7SE9z9H8vdGVdA5C3x6qbJHBoj62M=
Subject key identifier: 9A:C2:46:C5:EF:8E:9B:39:9A:FD:8C:97:80:C4:17:C4:17:07:16:50
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0192687852C158AA0D0621D52C01740C03FF
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/msJGxe-Omzma_YyXgMQXxBcHFlA.roa
Signing time: Mon 07 Oct 2024 19:32:48 +0000
ROA not before: Mon 07 Oct 2024 19:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 5.180.234.0/24 maxlen: 24
45.8.205.0/24 maxlen: 24
2a06:e5c0::/29 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a13:4bc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:68:78:52:c1:58:aa:0d:06:21:d5:2c:01:74:0c:03:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 7 19:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ac246c5ef8e9b399afd8c9780c417c417071650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e5:9d:c6:e3:ee:db:42:c0:57:04:72:49:c8:
d9:29:dd:05:87:4b:62:22:0a:fc:f9:31:4f:b0:06:
4f:60:9c:96:55:98:5b:46:e6:ba:85:70:8b:3f:12:
e3:0e:d0:2c:01:7b:b4:fe:60:37:89:84:46:53:bf:
6b:af:52:99:02:6f:b8:3b:a3:61:40:7e:e4:cc:bd:
6d:0c:bb:09:71:81:b1:20:c0:09:f6:b0:40:36:62:
e8:91:59:98:b8:35:44:90:08:3e:62:35:d7:c7:b0:
79:ad:b6:d7:96:df:20:eb:bc:b5:98:f9:36:81:d5:
4e:3d:c3:a9:1a:0d:62:bd:17:ae:b9:3e:89:e4:89:
16:08:9b:53:bd:f0:e4:84:8c:f0:36:fe:a3:b4:51:
26:f6:1d:07:f5:46:05:83:51:4a:7e:61:2d:e0:97:
c1:ff:1e:4c:df:f4:ed:6b:40:36:d5:34:34:12:ce:
cf:3c:b9:5e:47:f8:3c:59:c2:34:52:b6:f2:87:c8:
70:8b:02:6f:48:c5:d1:80:96:8b:e8:7a:7c:4c:cc:
09:90:b0:dd:46:e5:43:9b:7a:7c:7f:03:f7:34:da:
19:ab:ba:1c:cb:08:b2:85:8b:fa:3b:3d:ba:3d:a8:
6a:1a:a5:17:f4:ac:6a:17:50:2a:c8:f8:06:5b:2e:
aa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C2:46:C5:EF:8E:9B:39:9A:FD:8C:97:80:C4:17:C4:17:07:16:50
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/msJGxe-Omzma_YyXgMQXxBcHFlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
45.8.205.0/24
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:53:64:55:e7:9d:b3:be:5f:c7:75:64:43:d9:fb:b0:49:7e:
23:7a:05:79:4c:23:fe:4b:ea:0f:27:43:e8:60:39:cf:7a:b4:
12:cc:95:ec:86:1e:be:45:24:45:ca:a9:92:20:86:cc:79:62:
d5:eb:ab:06:02:55:56:22:83:64:af:2d:ea:50:1e:ed:7b:c2:
7b:85:40:eb:82:93:c0:9e:fa:e8:7d:57:1f:7e:b3:82:08:c2:
6d:69:a2:ae:43:77:ea:4e:11:43:26:dd:ba:1f:c0:9d:28:1b:
28:15:77:f6:f6:5d:ee:36:cf:13:53:46:8f:42:36:2c:ea:1a:
e3:10:05:91:e5:34:ca:40:11:32:cc:60:32:ac:dd:19:48:c7:
db:35:9b:5c:ec:35:41:de:16:e1:72:fc:6e:0d:b3:4b:b9:92:
e8:69:b8:60:d1:75:2e:49:54:e9:ce:15:47:2b:53:c7:e2:5a:
8d:21:85:29:a6:40:ba:ca:3c:44:c8:2e:46:19:6d:35:84:ec:
5e:cc:71:5b:6f:75:97:f9:11:4c:59:0f:01:26:bc:ed:b4:16:
74:12:c9:36:a2:68:6a:f0:dc:34:e9:da:31:5e:b9:fe:db:b3:
3a:74:3a:d3:d9:a2:16:32:2c:8a:9f:9a:08:52:6a:40:1a:65:
f2:62:6c:c9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZJoeFLBWKoNBiHVLAF0DAP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQxMDA3MTkzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMyNDZjNWVmOGU5YjM5OWFmZDhjOTc4MGM0MTdjNDE3MDcxNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuWdxuPu20LAVwRyScjZKd0Fh0ti
Igr8+TFPsAZPYJyWVZhbRua6hXCLPxLjDtAsAXu0/mA3iYRGU79rr1KZAm+4O6Nh
QH7kzL1tDLsJcYGxIMAJ9rBANmLokVmYuDVEkAg+YjXXx7B5rbbXlt8g67y1mPk2
gdVOPcOpGg1ivReuuT6J5IkWCJtTvfDkhIzwNv6jtFEm9h0H9UYFg1FKfmEt4JfB
/x5M3/Tta0A21TQ0Es7PPLleR/g8WcI0Urbyh8hwiwJvSMXRgJaL6Hp8TMwJkLDd
RuVDm3p8fwP3NNoZq7ocywiyhYv6Oz26PahqGqUX9KxqF1AqyPgGWy6q8wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJrCRsXvjps5mv2Ml4DEF8QXBxZQMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbXNKR3hlLU9tem1hX1l5WGdNUVh4QmNIRmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTASBAIAATAMAwQABbTqAwQA
LQjNMCsEAgACMCUDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqE0vA
MA0GCSqGSIb3DQEBCwUAA4IBAQBKU2RV552zvl/HdWRD2fuwSX4jegV5TCP+S+oP
J0PoYDnPerQSzJXshh6+RSRFyqmSIIbMeWLV66sGAlVWIoNkry3qUB7te8J7hUDr
gpPAnvrofVcffrOCCMJtaaKuQ3fqThFDJt26H8CdKBsoFXf29l3uNs8TU0aPQjYs
6hrjEAWR5TTKQBEyzGAyrN0ZSMfbNZtc7DVB3hbhcvxuDbNLuZLoabhg0XUuSVTp
zhVHK1PH4lqNIYUppkC6yjxEyC5GGW01hOxezHFbb3WX+RFMWQ8BJrzttBZ0Esk2
omhq8Nw06doxXrn+27M6dDrT2aIWMiyKn5oIUmpAGmXyYmzJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:20 2025 by rpki-client