Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/M-JPtP-kdTEx_9uHZalDoQbZBbg.roa
File: M-JPtP-kdTEx_9uHZalDoQbZBbg.roa (raw, json)
Hash identifier: WcGuOjN4O9Ztr720sMY1Q06HDiDQ9xR+p7XgtN1O6Sk=
Subject key identifier: 33:E2:4F:B4:FF:A4:75:31:31:FF:DB:87:65:A9:43:A1:06:D9:05:B8
Certificate issuer: /CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Certificate serial: 018E2CC23B4700DE77DD6A7D335DE07CF7B0
Authority key identifier: C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/M-JPtP-kdTEx_9uHZalDoQbZBbg.roa
Signing time: Mon 11 Mar 2024 09:05:10 +0000
ROA not before: Mon 11 Mar 2024 09:05:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198682
IP address blocks: 45.88.140.0/22 maxlen: 24
109.71.136.0/21 maxlen: 24
109.205.0.0/21 maxlen: 24
185.71.148.0/22 maxlen: 24
185.220.72.0/22 maxlen: 24
185.230.96.0/22 maxlen: 24
193.176.64.0/22 maxlen: 24
2a00:1f10::/32 maxlen: 32
2a0b:f1c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jul 2024 12:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:c2:3b:47:00:de:77:dd:6a:7d:33:5d:e0:7c:f7:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8acf59abd4abbfbf830a060225a96a2179a2694
Validity
Not Before: Mar 11 09:05:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33e24fb4ffa4753131ffdb8765a943a106d905b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:01:ac:f5:b4:1e:83:e9:27:46:c3:cb:fb:71:
31:c2:0c:b6:76:8b:78:67:77:c2:f6:94:c8:b6:49:
e8:3c:17:d6:47:6d:c2:38:02:04:99:04:1a:17:85:
85:3e:7d:4c:86:a6:dd:d1:3a:84:ae:12:b3:98:95:
a6:b7:47:c8:be:57:c8:ce:52:64:02:c0:85:df:ff:
45:99:82:06:98:a0:de:70:85:45:41:ce:d5:a8:00:
35:0e:df:67:48:c3:1c:cd:d4:66:7d:7d:08:8d:9c:
88:a2:1a:4d:68:be:c2:04:80:c2:6e:df:94:75:03:
15:f1:69:d0:f7:21:65:76:bb:7b:0d:98:66:97:21:
42:1e:33:ac:88:57:15:61:d6:15:62:02:0f:d5:2e:
38:b1:21:9c:b7:c6:83:21:06:b5:6f:c4:db:cc:61:
94:f4:bd:33:41:46:9f:74:9e:54:66:6d:d0:1e:9c:
09:a2:ab:3a:dc:00:61:b4:a2:93:48:a9:a8:a8:93:
38:67:23:b1:53:e2:0b:17:ff:5b:f4:da:59:35:9b:
16:b8:31:51:74:ac:d1:8b:a3:46:0f:32:b0:98:6e:
64:f2:8e:34:e9:40:ff:fa:1f:0c:ca:89:5c:74:1c:
dc:61:fa:6c:f9:39:42:0a:b6:3c:0f:61:de:e5:62:
35:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E2:4F:B4:FF:A4:75:31:31:FF:DB:87:65:A9:43:A1:06:D9:05:B8
X509v3 Authority Key Identifier:
keyid:C8:AC:F5:9A:BD:4A:BB:FB:F8:30:A0:60:22:5A:96:A2:17:9A:26:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/M-JPtP-kdTEx_9uHZalDoQbZBbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/yKz1mr1Ku_v4MKBgIlqWoheaJpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.140.0/22
109.71.136.0/21
109.205.0.0/21
185.71.148.0/22
185.220.72.0/22
185.230.96.0/22
193.176.64.0/22
IPv6:
2a00:1f10::/32
2a0b:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:99:a5:7b:78:f2:ed:44:95:b3:ee:34:40:a4:cb:b6:da:88:
e5:6c:ab:7b:10:91:06:d6:f0:84:71:af:7d:4f:9f:a6:3e:e8:
58:ac:c3:d4:45:aa:55:27:79:e4:73:f3:a9:eb:c7:bf:92:63:
ae:a8:37:27:d9:6d:64:88:80:5c:2f:2f:d8:ce:2d:38:7b:32:
9b:a2:16:0f:51:14:83:f4:fc:9b:23:93:a9:4e:84:81:d0:ee:
03:58:a3:c5:cd:b0:d0:fc:db:a9:19:c6:97:60:37:de:36:18:
89:b9:6a:19:28:73:12:8c:a8:06:5b:f8:7c:5b:a2:fc:7b:bf:
63:2f:42:d3:4e:dc:37:39:98:1e:17:4a:fb:86:c9:31:8a:82:
f1:09:a7:0a:41:98:14:54:c2:98:a1:49:a7:f3:d0:61:46:b9:
fa:b5:79:5d:b5:9a:26:d6:ef:9f:48:e2:fd:b1:a8:e3:80:42:
7a:a2:ff:2e:6c:5b:2f:f2:de:ab:a0:df:cf:23:bf:32:1f:dd:
1a:40:5b:4a:40:44:29:a2:1c:d9:3e:33:2c:14:ec:3f:89:7d:
b3:fc:65:f0:86:65:a8:4c:60:db:2e:dc:c4:aa:2c:01:9f:a2:
fe:8b:d1:ea:e4:d9:b6:1e:d6:49:8e:1a:29:2c:58:3f:98:f3:
2f:39:e5:12
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY4swjtHAN533Wp9M13gfPewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4YWNmNTlhYmQ0YWJiZmJmODMwYTA2MDIyNWE5NmEyMTc5
YTI2OTQwHhcNMjQwMzExMDkwNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2UyNGZiNGZmYTQ3NTMxMzFmZmRiODc2NWE5NDNhMTA2ZDkwNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAGs9bQeg+knRsPL+3Exwgy2dot4
Z3fC9pTItknoPBfWR23COAIEmQQaF4WFPn1Mhqbd0TqErhKzmJWmt0fIvlfIzlJk
AsCF3/9FmYIGmKDecIVFQc7VqAA1Dt9nSMMczdRmfX0IjZyIohpNaL7CBIDCbt+U
dQMV8WnQ9yFldrt7DZhmlyFCHjOsiFcVYdYVYgIP1S44sSGct8aDIQa1b8TbzGGU
9L0zQUafdJ5UZm3QHpwJoqs63ABhtKKTSKmoqJM4ZyOxU+ILF/9b9NpZNZsWuDFR
dKzRi6NGDzKwmG5k8o406UD/+h8MyolcdBzcYfps+TlCCrY8D2He5WI14wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDPiT7T/pHUxMf/bh2WpQ6EG2QW4MB8GA1UdIwQY
MBaAFMis9Zq9Srv7+DCgYCJalqIXmiaUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvTS1KUHRQLWtkVEV4Xzl1SFphbERvUWJaQmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEveUt6MW1yMUt1X3Y0TUtCZ0lscVdvaGVhSnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCLViMAwQD
bUeIAwQDbc0AAwQCuUeUAwQCudxIAwQCueZgAwQCwbBAMBQEAgACMA4DBQAqAB8Q
AwUAKgvxwDANBgkqhkiG9w0BAQsFAAOCAQEAj5mle3jy7USVs+40QKTLttqI5Wyr
exCRBtbwhHGvfU+fpj7oWKzD1EWqVSd55HPzqevHv5Jjrqg3J9ltZIiAXC8v2M4t
OHsym6IWD1EUg/T8myOTqU6EgdDuA1ijxc2w0PzbqRnGl2A33jYYiblqGShzEoyo
Blv4fFui/Hu/Yy9C007cNzmYHhdK+4bJMYqC8QmnCkGYFFTCmKFJp/PQYUa5+rV5
XbWaJtbvn0ji/bGo44BCeqL/LmxbL/Leq6DfzyO/Mh/dGkBbSkBEKaIc2T4zLBTs
P4l9s/xl8IZlqExg2y7cxKosAZ+i/ovR6uTZth7WSY4aKSxYP5jzLznlEg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:57 2025 by rpki-client