Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKk4mcNUDxBG2TEYzEzoqzBeARY.roa
File: mKk4mcNUDxBG2TEYzEzoqzBeARY.roa (raw, json)
Hash identifier: EBAN1AfHPqCSvo5JOeH9G1i5+AgoAJWw2YBdvRi1g5c=
Subject key identifier: 98:A9:38:99:C3:54:0F:10:46:D9:31:18:CC:4C:E8:AB:30:5E:01:16
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018CC9BA9E6ADD7990055FD3D7F4D01F41D5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKk4mcNUDxBG2TEYzEzoqzBeARY.roa
Signing time: Tue 02 Jan 2024 10:31:39 +0000
ROA not before: Tue 02 Jan 2024 10:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 91.186.204.0/22 maxlen: 24
91.186.216.0/22 maxlen: 24
94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.27.0/24 maxlen: 24
178.253.26.0/23 maxlen: 24
178.253.26.0/24 maxlen: 24
178.253.44.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jan 2024 02:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:ba:9e:6a:dd:79:90:05:5f:d3:d7:f4:d0:1f:41:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 10:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a93899c3540f1046d93118cc4ce8ab305e0116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:3e:52:22:bc:31:5c:3c:ab:49:bb:e6:fb:
ef:df:d9:4f:12:29:4b:43:d7:92:e0:44:bb:30:3b:
a6:7b:30:2d:99:97:a4:86:d1:15:71:17:b7:b1:2b:
4e:ca:cd:4c:5e:bd:7b:c8:2d:e3:60:03:82:6f:1b:
e0:0e:76:f5:98:a7:b3:f6:c6:c2:ac:38:b4:69:13:
01:dd:fe:c5:a8:17:08:ce:19:91:e2:91:af:6c:ea:
05:6f:94:aa:e9:ff:4c:13:02:ad:44:1a:f4:51:ff:
e0:f5:4a:a8:8d:c6:da:96:88:6c:91:c4:b2:16:77:
ec:24:f4:d8:64:93:c6:ad:66:03:ce:37:31:ae:26:
8f:f7:1b:0f:ac:55:36:88:50:6c:d7:12:3d:64:cb:
67:b4:08:bb:23:01:fe:43:65:f1:bc:ad:8a:41:24:
70:c3:fc:a4:2c:e1:4d:cd:19:b3:89:a7:bf:99:c1:
18:42:74:bf:10:7b:de:c9:a6:ee:be:1a:68:cc:0e:
65:55:d2:dc:d0:6f:27:e6:de:47:22:cd:40:82:52:
f7:47:98:df:b5:36:c8:ca:03:d3:bc:57:fd:01:4f:
e6:b8:f7:7f:b2:f7:42:2b:66:48:e0:57:97:3a:9b:
e3:ac:cd:cc:ea:fe:fe:ef:db:ca:f7:68:37:12:34:
63:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A9:38:99:C3:54:0F:10:46:D9:31:18:CC:4C:E8:AB:30:5E:01:16
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mKk4mcNUDxBG2TEYzEzoqzBeARY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
83.147.252.0/22
91.186.204.0/22
91.186.216.0/22
94.241.160.0-94.241.165.255
178.253.26.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:8b:37:dd:70:03:ed:69:d7:1f:f4:0e:b8:56:36:f4:d1:a6:
9f:2d:68:f6:87:77:7a:8e:ff:d5:4c:a1:a3:f6:6c:68:23:96:
d4:98:f1:57:f6:64:0c:fc:29:8c:73:15:d0:d0:eb:29:5b:5e:
e1:9a:92:e2:55:64:48:85:69:3c:30:13:06:c4:61:20:73:42:
2d:21:bb:8e:4f:97:5b:af:1c:c5:a1:7d:da:68:07:f2:37:79:
97:e5:1a:bd:90:00:8b:89:3e:20:fc:b2:63:5f:6b:c6:24:6e:
69:01:45:8e:cf:38:f7:af:80:13:27:8c:f5:33:ae:96:87:a9:
5a:dd:8f:45:44:65:b1:fd:61:8e:72:f1:d2:a8:43:22:c8:10:
14:d8:bd:89:f7:0b:5b:9c:91:d5:89:1a:18:ad:1f:b5:75:5c:
85:9f:32:be:65:63:f0:3c:f6:9e:3a:49:7d:0f:60:47:8a:a2:
e5:ab:e9:15:32:b3:f6:5c:1d:fa:5a:b3:d0:b1:0c:78:47:4f:
ad:60:f0:52:8c:07:c2:e1:9b:e6:75:00:b8:95:3b:34:8c:d3:
4e:b4:1b:9e:96:a8:60:04:03:e6:e8:1c:8a:70:98:fc:67:c4:
0e:5c:09:79:7f:e7:ed:79:1b:9a:ab:f6:1b:da:4c:48:51:0b:
49:42:ec:57
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzJup5q3XmQBV/T1/TQH0HVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE5Mzg5OWMzNTQwZjEwNDZkOTMxMThjYzRjZThhYjMwNWUwMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooE+UiK8MVw8q0m75vvv39lPEilL
Q9eS4ES7MDumezAtmZekhtEVcRe3sStOys1MXr17yC3jYAOCbxvgDnb1mKez9sbC
rDi0aRMB3f7FqBcIzhmR4pGvbOoFb5Sq6f9MEwKtRBr0Uf/g9UqojcbalohskcSy
FnfsJPTYZJPGrWYDzjcxriaP9xsPrFU2iFBs1xI9ZMtntAi7IwH+Q2XxvK2KQSRw
w/ykLOFNzRmziae/mcEYQnS/EHveyabuvhpozA5lVdLc0G8n5t5HIs1AglL3R5jf
tTbIygPTvFf9AU/muPd/svdCK2ZI4FeXOpvjrM3M6v7+79vK92g3EjRjQQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJipOJnDVA8QRtkxGMxM6KswXgEWMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbUtrNG1jTlVEeEJHMlRFWXpFem9xekJlQVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCU5PoAwQC
U5P8AwQCW7rMAwQCW7rYMAwDBAVe8aADBAFe8aQDBAGy/RoDBAGy/SwwDQYJKoZI
hvcNAQELBQADggEBAE2LN91wA+1p1x/0DrhWNvTRpp8taPaHd3qO/9VMoaP2bGgj
ltSY8Vf2ZAz8KYxzFdDQ6ylbXuGakuJVZEiFaTwwEwbEYSBzQi0hu45Pl1uvHMWh
fdpoB/I3eZflGr2QAIuJPiD8smNfa8YkbmkBRY7POPevgBMnjPUzrpaHqVrdj0VE
ZbH9YY5y8dKoQyLIEBTYvYn3C1uckdWJGhitH7V1XIWfMr5lY/A89p46SX0PYEeK
ouWr6RUys/ZcHfpas9CxDHhHT61g8FKMB8Lhm+Z1ALiVOzSM0060G56WqGAEA+bo
HIpwmPxnxA5cCXl/5+15G5qr9hvaTEhRC0lC7Fc=
Generated at Sun Jan 14 06:08:23 2024 by rpki-client on console-ams.rpki-client.org