Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/MWJsHjMPE5RgDOqoIlwwNdFEe4o.roa
File: MWJsHjMPE5RgDOqoIlwwNdFEe4o.roa (raw, json)
Hash identifier: UkRKDNtn/7mCcMJn5GH+jpiXcMlfJ2MycGFIRYRAX84=
Subject key identifier: 31:62:6C:1E:33:0F:13:94:60:0C:EA:A8:22:5C:30:35:D1:44:7B:8A
Certificate issuer: /CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Certificate serial: 0192951014C13F9D7C57776E4B9A89E9EAB7
Authority key identifier: F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/MWJsHjMPE5RgDOqoIlwwNdFEe4o.roa
Signing time: Wed 16 Oct 2024 11:21:51 +0000
ROA not before: Wed 16 Oct 2024 11:21:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39923
IP address blocks: 91.238.219.0/24 maxlen: 24
109.68.0.0/21 maxlen: 21
109.68.160.0/21 maxlen: 21
109.68.160.0/24 maxlen: 24
109.68.161.0/24 maxlen: 24
109.68.162.0/24 maxlen: 24
109.68.163.0/24 maxlen: 24
109.68.164.0/24 maxlen: 24
109.68.165.0/24 maxlen: 24
109.68.166.0/24 maxlen: 24
109.68.167.0/24 maxlen: 24
185.35.164.0/22 maxlen: 22
185.35.164.0/24 maxlen: 24
185.35.165.0/24 maxlen: 24
185.35.166.0/24 maxlen: 24
185.35.167.0/24 maxlen: 24
185.58.96.0/22 maxlen: 22
185.58.96.0/24 maxlen: 24
185.58.97.0/24 maxlen: 24
185.58.98.0/24 maxlen: 24
185.58.99.0/24 maxlen: 24
185.111.204.0/22 maxlen: 22
185.111.204.0/24 maxlen: 24
185.111.205.0/24 maxlen: 24
185.111.206.0/24 maxlen: 24
185.111.207.0/24 maxlen: 24
194.145.127.0/24 maxlen: 24
194.145.152.0/24 maxlen: 24
194.145.155.0/24 maxlen: 24
194.146.23.0/24 maxlen: 24
195.189.202.0/23 maxlen: 23
195.189.202.0/24 maxlen: 24
195.189.203.0/24 maxlen: 24
2a02:2a08::/32 maxlen: 32
2a04:6480::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:10:14:c1:3f:9d:7c:57:77:6e:4b:9a:89:e9:ea:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f10d39eddb008d1b89df9741960dbf2044f657fb
Validity
Not Before: Oct 16 11:21:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31626c1e330f1394600ceaa8225c3035d1447b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:78:dd:60:b0:ad:4c:9d:ac:a7:af:45:a3:
73:05:c7:89:97:6e:3c:7f:d9:a6:95:bf:7b:25:e9:
eb:75:31:07:42:94:0d:d2:fc:d4:d0:17:9f:0e:fb:
68:1d:d5:05:9b:42:8f:77:e8:74:e3:f0:b6:7a:f3:
6d:9b:f6:83:1b:c9:78:95:bc:13:ea:69:73:a0:bc:
fd:29:44:18:be:a0:5f:c4:62:16:8a:f0:61:9b:53:
03:7a:e6:ab:a6:73:a8:43:58:db:15:aa:a0:a6:5d:
69:d2:1c:f2:28:49:a2:aa:66:7c:0c:20:33:aa:10:
9e:f8:10:97:e6:c7:84:6f:e6:cc:92:9a:92:ba:ed:
6f:33:a3:de:8c:ba:5e:40:6a:d6:db:9e:14:70:b5:
a1:6a:c9:40:c5:73:a0:46:7b:33:ff:b1:a3:94:ab:
a5:34:72:7a:c5:ec:70:02:bb:09:1f:ad:33:c0:d7:
33:4b:76:f2:ad:be:51:a3:9b:ea:c2:b7:d6:63:cf:
f2:b4:c9:12:44:34:87:84:5e:67:75:b2:be:e0:a8:
d4:4e:fd:0f:ff:42:61:86:bc:3b:9e:8b:b0:6c:cf:
b6:58:8e:fe:42:94:5b:c3:af:e9:9b:f4:a7:0c:61:
b2:c5:3d:94:66:f7:15:3c:c5:84:64:52:ff:13:5d:
76:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:62:6C:1E:33:0F:13:94:60:0C:EA:A8:22:5C:30:35:D1:44:7B:8A
X509v3 Authority Key Identifier:
keyid:F1:0D:39:ED:DB:00:8D:1B:89:DF:97:41:96:0D:BF:20:44:F6:57:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Q057dsAjRuJ35dBlg2_IET2V_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/MWJsHjMPE5RgDOqoIlwwNdFEe4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f70e1a-732e-4e6b-b3b5-f562b8974d8b/1/8Q057dsAjRuJ35dBlg2_IET2V_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.219.0/24
109.68.0.0/21
109.68.160.0/21
185.35.164.0/22
185.58.96.0/22
185.111.204.0/22
194.145.127.0/24
194.145.152.0/24
194.145.155.0/24
194.146.23.0/24
195.189.202.0/23
IPv6:
2a02:2a08::/32
2a04:6480::/29
Signature Algorithm: sha256WithRSAEncryption
03:b9:71:39:46:77:5c:6d:48:54:71:0d:2c:41:fb:7a:9f:20:
b7:50:dc:37:53:d4:c5:64:63:8e:cd:ec:69:e7:2d:00:c7:ae:
a3:fd:4a:68:39:0a:05:19:55:d8:71:4b:8f:4d:e9:f9:3f:fb:
60:18:61:78:28:0e:90:ed:0c:5e:e0:3f:d3:7b:5b:34:3b:1e:
36:a9:7f:02:12:d6:90:f9:c8:a9:67:61:bb:89:03:e2:4e:36:
6d:a3:3a:3d:59:c9:8d:5c:9e:95:24:0a:d1:ff:e2:27:f6:18:
be:76:c3:00:76:68:4c:b1:c6:5d:2f:e9:3f:b0:9b:a0:fb:77:
13:77:08:1f:1c:85:e0:14:9e:03:1c:46:c5:06:a0:83:d2:8d:
f3:9b:96:02:75:fd:76:40:ff:b6:12:4c:33:ac:04:38:e7:60:
50:aa:65:f3:43:83:5c:69:de:d7:52:b9:c7:0e:6c:e7:cc:8a:
d5:8d:08:13:f5:7d:28:fc:8d:57:d0:b0:43:e6:82:e6:a7:5c:
1d:87:03:e9:fb:f9:16:d0:aa:e9:2d:16:d3:ff:52:44:bf:3f:
e0:30:75:bb:49:11:ec:3d:e5:ed:55:8b:b1:37:82:11:7f:29:
44:d0:39:39:ad:0b:38:df:85:56:1f:9e:3c:71:eb:a5:00:a8:
7c:33:37:b3
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZKVEBTBP518V3duS5qJ6eq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMGQzOWVkZGIwMDhkMWI4OWRmOTc0MTk2MGRiZjIwNDRm
NjU3ZmIwHhcNMjQxMDE2MTEyMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYyNmMxZTMzMGYxMzk0NjAwY2VhYTgyMjVjMzAzNWQxNDQ3YjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/x43WCwrUydrKevRaNzBceJl248
f9mmlb97JenrdTEHQpQN0vzU0BefDvtoHdUFm0KPd+h04/C2evNtm/aDG8l4lbwT
6mlzoLz9KUQYvqBfxGIWivBhm1MDeuarpnOoQ1jbFaqgpl1p0hzyKEmiqmZ8DCAz
qhCe+BCX5seEb+bMkpqSuu1vM6PejLpeQGrW254UcLWhaslAxXOgRnsz/7GjlKul
NHJ6xexwArsJH60zwNczS3byrb5Ro5vqwrfWY8/ytMkSRDSHhF5ndbK+4KjUTv0P
/0Jhhrw7nouwbM+2WI7+QpRbw6/pm/SnDGGyxT2UZvcVPMWEZFL/E112AQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDFibB4zDxOUYAzqqCJcMDXRRHuKMB8GA1UdIwQY
MBaAFPENOe3bAI0bid+XQZYNvyBE9lf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUt
ZjU2MmI4OTc0ZDhiLzEvTVdKc0hqTVBFNVJnRE9xb0lsd3dOZEZFZTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mNzBlMWEtNzMyZS00ZTZiLWIzYjUtZjU2MmI4OTc0ZDhi
LzEvOFEwNTdkc0FqUnVKMzVkQmxnMl9JRVQyVl9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQAW+7bAwQD
bUQAAwQDbUSgAwQCuSOkAwQCuTpgAwQCuW/MAwQAwpF/AwQAwpGYAwQAwpGbAwQA
wpIXAwQBw73KMBQEAgACMA4DBQAqAioIAwUDKgRkgDANBgkqhkiG9w0BAQsFAAOC
AQEAA7lxOUZ3XG1IVHENLEH7ep8gt1DcN1PUxWRjjs3saectAMeuo/1KaDkKBRlV
2HFLj03p+T/7YBhheCgOkO0MXuA/03tbNDseNql/AhLWkPnIqWdhu4kD4k42baM6
PVnJjVyelSQK0f/iJ/YYvnbDAHZoTLHGXS/pP7CboPt3E3cIHxyF4BSeAxxGxQag
g9KN85uWAnX9dkD/thJMM6wEOOdgUKpl80ODXGne11K5xw5s58yK1Y0IE/V9KPyN
V9CwQ+aC5qdcHYcD6fv5FtCq6S0W0/9SRL8/4DB1u0kR7D3l7VWLsTeCEX8pRNA5
Oa0LON+FVh+ePHHrpQCofDM3sw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:28 2025 by rpki-client