Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MARdh5LA2I6HVFqEKA-_npRDz44.roa
File: MARdh5LA2I6HVFqEKA-_npRDz44.roa (raw, json)
Hash identifier: Kj+bBJUEscsAMERaozj0c/0prAY3KDuGKL0nZ+eBxRw=
Subject key identifier: 30:04:5D:87:92:C0:D8:8E:87:54:5A:84:28:0F:BF:9E:94:43:CF:8E
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018BFB6A7D9A3AF49A81A161EFCDEB800671
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MARdh5LA2I6HVFqEKA-_npRDz44.roa
Signing time: Thu 23 Nov 2023 09:02:22 +0000
ROA not before: Thu 23 Nov 2023 09:02:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 94.241.175.0/24 maxlen: 24
94.241.173.0/24 maxlen: 24
94.241.174.0/24 maxlen: 24
91.186.198.0/24 maxlen: 24
91.186.199.0/24 maxlen: 24
91.186.196.0/24 maxlen: 24
91.186.197.0/24 maxlen: 24
83.147.244.0/24 maxlen: 24
83.147.245.0/24 maxlen: 24
83.147.246.0/24 maxlen: 24
83.147.247.0/24 maxlen: 24
94.241.138.0/24 maxlen: 24
94.241.139.0/24 maxlen: 24
94.241.141.0/24 maxlen: 24
94.241.142.0/24 maxlen: 24
94.241.143.0/24 maxlen: 24
94.241.140.0/24 maxlen: 24
94.241.172.0/24 maxlen: 24
94.241.168.0/24 maxlen: 24
94.241.169.0/24 maxlen: 24
94.241.170.0/24 maxlen: 24
94.241.171.0/24 maxlen: 24
178.253.22.0/24 maxlen: 24
178.253.23.0/24 maxlen: 24
178.253.40.0/24 maxlen: 24
178.253.41.0/24 maxlen: 24
178.253.42.0/24 maxlen: 24
178.253.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:6a:7d:9a:3a:f4:9a:81:a1:61:ef:cd:eb:80:06:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 23 09:02:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30045d8792c0d88e87545a84280fbf9e9443cf8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:54:37:a4:38:3e:4e:7c:f9:b0:b3:fc:4f:
19:7e:4c:61:39:3b:ec:0d:bc:bd:68:38:6e:f3:d4:
2b:fc:04:66:d7:1a:2f:ca:e0:b5:a7:cb:10:b8:9b:
42:db:9e:cc:16:bb:bd:9e:32:b4:b3:c8:26:9d:a0:
0b:22:4c:39:d3:81:a2:d6:5d:72:f9:16:18:15:4f:
1b:e6:f8:87:56:3b:7c:c1:fd:47:d8:e1:da:c4:6f:
94:8c:ca:e8:36:6f:8a:21:52:6e:87:3f:aa:c4:0e:
3f:ab:0f:22:ce:14:ae:bd:40:3e:47:36:b0:37:11:
89:ac:83:4d:66:3b:eb:34:cf:2d:36:7c:c2:c5:1f:
24:73:8d:9d:b0:96:cf:ca:9d:11:84:f2:2e:6b:8a:
be:55:c9:65:d8:6d:e0:e0:d2:9c:4b:3d:3b:1b:1e:
b0:0d:cc:1e:c2:0e:a9:93:68:1e:b8:36:bf:8c:ab:
94:c2:47:cd:67:32:b5:df:c1:07:d3:ec:66:d1:f1:
d5:e6:6e:79:59:96:6f:ad:9e:34:fe:c5:a3:fb:0a:
f8:95:8c:84:4c:dd:e7:f9:be:b9:6c:35:83:79:51:
b6:13:40:20:da:c5:b4:5c:cf:eb:1f:29:2b:e6:69:
ed:2e:19:91:7e:6c:c7:e1:70:f3:d7:d8:cf:24:aa:
7f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:04:5D:87:92:C0:D8:8E:87:54:5A:84:28:0F:BF:9E:94:43:CF:8E
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MARdh5LA2I6HVFqEKA-_npRDz44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.244.0/22
91.186.196.0/22
94.241.138.0-94.241.143.255
94.241.168.0/21
178.253.22.0/23
178.253.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:36:20:d9:bf:7c:72:1f:73:cd:1b:92:c2:a0:4b:74:90:c5:
9a:2d:8f:da:04:ab:4d:61:27:57:f0:c1:95:57:43:4d:3d:f4:
61:f3:0f:6a:d0:5d:7c:ad:09:09:54:28:b8:99:f8:d5:6a:dc:
5b:66:50:00:f9:29:ad:99:65:2a:a6:4d:41:9e:9e:e9:0f:1d:
1f:e7:0e:43:41:c5:99:b3:71:96:5d:59:4c:6e:c9:0b:b0:03:
4d:4a:96:91:89:c4:43:96:78:fd:78:b8:c2:ed:8e:25:3c:da:
3c:70:e5:35:43:d4:16:83:47:ba:a1:bb:c5:3c:82:4d:13:73:
33:26:e6:53:35:40:f4:55:e2:dd:d9:4b:3e:48:b9:7d:b8:01:
11:f4:c8:ff:d2:a9:93:72:4d:0b:a0:7d:d7:e3:90:21:86:c6:
3a:93:19:68:67:a4:c2:9f:b5:96:d2:ef:9f:ed:a3:f5:5e:d6:
64:3c:f8:b3:39:0f:16:46:92:2e:e4:39:f0:d0:71:97:47:e9:
14:d5:7b:5b:e1:d1:f5:5a:46:d9:90:e1:38:d3:a6:81:b5:a9:
89:b3:b0:bd:db:f4:4a:d2:cd:6c:77:71:f9:97:9c:65:32:47:
19:d1:b6:26:39:22:fe:70:00:1d:31:ca:2c:e3:7a:16:8c:c4:
11:99:e5:f0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYv7an2aOvSagaFh783rgAZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTIzMDkwMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA0NWQ4NzkyYzBkODhlODc1NDVhODQyODBmYmY5ZTk0NDNjZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu1UN6Q4Pk58+bCz/E8ZfkxhOTvs
Dby9aDhu89Qr/ARm1xovyuC1p8sQuJtC257MFru9njK0s8gmnaALIkw504Gi1l1y
+RYYFU8b5viHVjt8wf1H2OHaxG+UjMroNm+KIVJuhz+qxA4/qw8izhSuvUA+Rzaw
NxGJrINNZjvrNM8tNnzCxR8kc42dsJbPyp0RhPIua4q+Vcll2G3g4NKcSz07Gx6w
Dcwewg6pk2geuDa/jKuUwkfNZzK138EH0+xm0fHV5m55WZZvrZ40/sWj+wr4lYyE
TN3n+b65bDWDeVG2E0Ag2sW0XM/rHykr5mntLhmRfmzH4XDz19jPJKp/bQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDAEXYeSwNiOh1RahCgPv56UQ8+OMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTUFSZGg1TEEySTZIVkZxRUtBLV9ucFJEejQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCU5P0AwQC
W7rEMAwDBAFe8YoDBARe8YADBANe8agDBAGy/RYDBAKy/SgwDQYJKoZIhvcNAQEL
BQADggEBABw2INm/fHIfc80bksKgS3SQxZotj9oEq01hJ1fwwZVXQ0099GHzD2rQ
XXytCQlUKLiZ+NVq3FtmUAD5Ka2ZZSqmTUGenukPHR/nDkNBxZmzcZZdWUxuyQuw
A01KlpGJxEOWeP14uMLtjiU82jxw5TVD1BaDR7qhu8U8gk0TczMm5lM1QPRV4t3Z
Sz5IuX24ARH0yP/SqZNyTQugfdfjkCGGxjqTGWhnpMKftZbS75/to/Ve1mQ8+LM5
DxZGki7kOfDQcZdH6RTVe1vh0fVaRtmQ4TjTpoG1qYmzsL3b9ErSzWx3cfmXnGUy
RxnRtiY5Iv5wAB0xyizjehaMxBGZ5fA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org