Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/MApjBfLl2JD3n36dOZryv8Iu0yY.roa
File: MApjBfLl2JD3n36dOZryv8Iu0yY.roa (raw, json)
Hash identifier: W3jg/sk2ibRntnpngT7dQOI1kPdx76tbhVQoQqi3HEk=
Subject key identifier: 30:0A:63:05:F2:E5:D8:90:F7:9F:7E:9D:39:9A:F2:BF:C2:2E:D3:26
Certificate issuer: /CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Certificate serial: 01856FF02D0AF58CC165AE54503FDACEC1BD
Authority key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/MApjBfLl2JD3n36dOZryv8Iu0yY.roa
Signing time: Mon 02 Jan 2023 00:44:49 +0000
ROA not before: Mon 02 Jan 2023 00:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25227
IP address blocks: 85.236.0.0/19 maxlen: 24
81.95.137.0/24 maxlen: 24
81.95.134.0/24 maxlen: 24
81.95.140.0/24 maxlen: 24
213.134.192.0/19 maxlen: 24
141.136.112.0/21 maxlen: 24
94.230.0.0/20 maxlen: 24
92.60.80.0/20 maxlen: 24
92.60.80.0/24 maxlen: 24
46.28.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2d:0a:f5:8c:c1:65:ae:54:50:3f:da:ce:c1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd
Validity
Not Before: Jan 2 00:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300a6305f2e5d890f79f7e9d399af2bfc22ed326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:79:38:e2:42:08:15:1a:31:1d:51:98:bc:86:
40:dd:4b:5c:b1:a7:1e:ec:93:1d:e6:25:9d:0a:b4:
8e:f4:74:ff:d4:1b:22:e6:76:13:55:4b:80:f4:cf:
2e:14:d0:0d:95:75:31:6f:66:15:6e:d0:e2:2f:63:
44:7f:bb:8e:d5:bf:b2:13:50:da:73:7f:c2:25:8d:
ab:88:75:69:d5:40:e9:d0:05:d6:9d:63:bc:3a:61:
95:cf:58:74:66:0d:85:3b:72:72:21:ed:af:80:73:
17:11:37:ff:4f:b8:d2:1d:66:c5:83:bf:4e:82:ae:
33:c0:ab:a7:85:b1:e5:c4:56:16:b9:7d:d1:36:d6:
28:dd:92:58:3b:e8:75:61:58:47:85:d5:1f:47:b3:
0d:43:3d:bf:80:88:1a:04:86:e1:cf:e7:58:e4:68:
fb:3a:d6:fb:7f:cc:db:aa:19:c0:ea:c1:23:fa:d7:
15:e9:6f:d6:e6:a5:5f:ca:76:f0:22:69:87:68:0b:
88:78:97:7e:ea:4c:2d:49:9f:fe:35:b3:25:8d:59:
9b:ad:e1:5c:0d:b4:68:76:b5:b6:5f:6e:0f:2c:3d:
d9:7b:e2:db:93:15:87:cf:7c:41:b6:e3:c2:f6:b6:
e2:91:00:1a:a5:9e:ee:85:e9:c8:77:f9:87:8a:51:
e1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0A:63:05:F2:E5:D8:90:F7:9F:7E:9D:39:9A:F2:BF:C2:2E:D3:26
X509v3 Authority Key Identifier:
keyid:99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/MApjBfLl2JD3n36dOZryv8Iu0yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.94.0/24
81.95.134.0/24
81.95.137.0/24
81.95.140.0/24
85.236.0.0/19
92.60.80.0/20
94.230.0.0/20
141.136.112.0/21
213.134.192.0/19
Signature Algorithm: sha256WithRSAEncryption
2c:9e:2d:c6:25:b7:c2:c9:4b:3c:a9:9e:63:6d:73:90:07:7f:
ca:71:69:bf:ba:24:e0:c2:e7:6d:15:33:b5:e1:6a:97:98:88:
81:30:41:a3:56:9c:15:b2:48:9b:02:bf:9e:de:51:2b:74:6d:
69:fa:1d:7f:43:9a:92:05:12:ae:fc:d1:49:ae:bc:a0:b9:0b:
6e:33:81:57:90:b5:0d:00:16:7a:7b:b4:48:71:74:77:de:b8:
c3:38:66:76:42:74:5f:ce:dc:aa:c5:f1:52:22:a6:72:f7:c8:
db:96:2f:ff:2c:53:c3:92:5f:de:29:4a:8b:73:bc:e1:86:2b:
25:47:8c:83:fd:62:3d:b3:09:31:b7:11:9f:9d:8c:f9:46:94:
cc:5e:3d:d4:ae:47:d5:df:56:29:1e:bb:96:53:6d:02:1e:4c:
11:88:2e:ef:27:37:23:26:0f:00:98:d5:7a:22:59:89:a5:77:
15:30:f4:09:a5:67:35:b7:39:e8:f5:25:cc:46:f5:7f:1f:4b:
c4:49:e2:eb:04:65:27:0c:74:57:17:83:2f:f1:1f:50:60:75:
16:b8:83:3b:fc:f6:c0:f2:12:5c:56:3b:a5:d9:c4:b9:de:45:
62:cf:c3:09:de:6c:83:47:67:c1:71:68:3e:5b:8c:1a:67:a9:
24:ca:5b:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVv8C0K9YzBZa5UUD/azsG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NGI3ZDMwYzFjNGY2MjQzMTgyZDNlY2QzZDA1MzlmNDJm
YWFjZmQwHhcNMjMwMTAyMDA0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBhNjMwNWYyZTVkODkwZjc5ZjdlOWQzOTlhZjJiZmMyMmVkMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXk44kIIFRoxHVGYvIZA3Utcsace
7JMd5iWdCrSO9HT/1Bsi5nYTVUuA9M8uFNANlXUxb2YVbtDiL2NEf7uO1b+yE1Da
c3/CJY2riHVp1UDp0AXWnWO8OmGVz1h0Zg2FO3JyIe2vgHMXETf/T7jSHWbFg79O
gq4zwKunhbHlxFYWuX3RNtYo3ZJYO+h1YVhHhdUfR7MNQz2/gIgaBIbhz+dY5Gj7
Otb7f8zbqhnA6sEj+tcV6W/W5qVfynbwImmHaAuIeJd+6kwtSZ/+NbMljVmbreFc
DbRodrW2X24PLD3Ze+LbkxWHz3xBtuPC9rbikQAapZ7uhenId/mHilHhIwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDAKYwXy5diQ959+nTma8r/CLtMmMB8GA1UdIwQY
MBaAFJlLfTDBxPYkMYLT7NPQU59C+qz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUt
NTY0NmVlZGQ5OWJmLzEvTUFwakJmTGwySkQzbjM2ZE9acnl2OEl1MHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUtNTY0NmVlZGQ5OWJm
LzEvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALhxeAwQA
UV+GAwQAUV+JAwQAUV+MAwQFVewAAwQEXDxQAwQEXuYAAwQDjYhwAwQF1YbAMA0G
CSqGSIb3DQEBCwUAA4IBAQAsni3GJbfCyUs8qZ5jbXOQB3/KcWm/uiTgwudtFTO1
4WqXmIiBMEGjVpwVskibAr+e3lErdG1p+h1/Q5qSBRKu/NFJrryguQtuM4FXkLUN
ABZ6e7RIcXR33rjDOGZ2QnRfztyqxfFSIqZy98jbli//LFPDkl/eKUqLc7zhhisl
R4yD/WI9swkxtxGfnYz5RpTMXj3UrkfV31YpHruWU20CHkwRiC7vJzcjJg8AmNV6
IlmJpXcVMPQJpWc1tzno9SXMRvV/H0vESeLrBGUnDHRXF4Mv8R9QYHUWuIM7/PbA
8hJcVjul2cS53kViz8MJ3myDR2fBcWg+W4waZ6kkyluw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:41 2024 by rpki-client on console-fra.rpki-client.org