Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/MnynpL9qB0Zzjzi3O8UtzJUEcaw.roa
File: MnynpL9qB0Zzjzi3O8UtzJUEcaw.roa (raw, json)
Hash identifier: pN4TIxYWmMH1d2G+mqRZh2s1dFZnVAw72e0KK7dBucI=
Subject key identifier: 32:7C:A7:A4:BF:6A:07:46:73:8F:38:B7:3B:C5:2D:CC:95:04:71:AC
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 018FDA2C9C2683238F8202FEF3C82E260FEF
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/MnynpL9qB0Zzjzi3O8UtzJUEcaw.roa
Signing time: Sun 02 Jun 2024 18:18:27 +0000
ROA not before: Sun 02 Jun 2024 18:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 16
51.155.0.0/16 maxlen: 16
51.170.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 18
77.104.128.0/18 maxlen: 18
82.68.0.0/14 maxlen: 14
82.71.240.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
88.97.64.0/19 maxlen: 19
88.97.96.0/20 maxlen: 20
88.97.160.0/23 maxlen: 23
88.97.162.0/23 maxlen: 23
88.97.164.0/23 maxlen: 23
88.97.166.0/23 maxlen: 23
88.97.168.0/24 maxlen: 24
88.97.169.0/24 maxlen: 24
88.97.170.0/24 maxlen: 24
88.97.171.0/24 maxlen: 24
88.97.172.0/24 maxlen: 24
88.97.173.0/24 maxlen: 24
88.97.174.0/24 maxlen: 24
88.97.175.0/24 maxlen: 24
88.97.176.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 19
88.98.64.0/19 maxlen: 19
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 19
217.155.0.0/16 maxlen: 16
2a02:8010::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 06 Jun 2024 12:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:da:2c:9c:26:83:23:8f:82:02:fe:f3:c8:2e:26:0f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Jun 2 18:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=327ca7a4bf6a0746738f38b73bc52dcc950471ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4c:2c:9e:4d:dd:d5:cf:e3:e5:da:4d:6c:e5:
66:fb:9c:4a:9c:be:61:84:87:d7:4f:5c:fb:46:ca:
9b:cd:7a:ff:ef:fd:53:20:79:96:7c:65:5e:c4:50:
8b:fa:58:ca:56:84:1d:0e:42:97:3f:6a:c8:01:41:
c2:0c:9e:6e:82:27:ef:fe:1f:9f:c9:58:d5:f0:62:
c0:f7:46:54:c6:74:71:bd:93:21:ab:aa:7f:67:6a:
4c:9c:d7:3a:c1:9a:b9:66:e6:4a:a7:ac:7e:25:21:
8d:48:67:97:9c:d5:00:c8:8f:89:5b:05:3c:d2:8a:
ad:27:b4:32:20:8e:d2:e0:8a:3a:be:84:ba:0d:bb:
e1:9f:36:85:ec:4f:4d:86:14:c1:dc:41:0b:f8:f7:
54:70:2e:7b:25:d4:14:8d:8e:5f:f1:41:9a:0e:93:
6f:28:8d:78:a2:e7:48:37:ac:c6:a0:7f:14:a4:34:
69:57:a8:2a:4b:a5:f9:af:32:11:50:0b:c0:fd:9f:
92:56:5a:08:8c:07:91:0d:47:52:d1:a8:e2:10:76:
82:e1:20:50:65:07:ad:02:c4:a3:91:4f:fb:23:e9:
cb:c1:03:88:20:4e:90:ee:44:1c:e7:65:c5:89:c7:
9f:e7:ab:da:82:e6:9c:93:ad:e2:5a:c4:38:db:c1:
6b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7C:A7:A4:BF:6A:07:46:73:8F:38:B7:3B:C5:2D:CC:95:04:71:AC
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/MnynpL9qB0Zzjzi3O8UtzJUEcaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
51.170.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/14
88.97.0.0-88.97.111.255
88.97.160.0/19
88.98.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
3a:52:33:4a:e8:e9:d4:b7:47:6a:8b:88:59:e7:ef:33:cd:fb:
89:2c:35:dd:b3:1b:64:8a:8b:73:47:0b:68:94:70:f0:ec:7c:
91:53:e5:93:bd:ed:d2:e8:92:b3:45:3b:6b:27:fe:7a:c6:c3:
00:7f:ac:8f:df:64:dc:3f:d0:b3:5f:f6:2d:9b:df:9c:5a:d3:
a0:59:92:cf:56:9e:c4:0a:47:63:3f:76:b4:8e:7b:e3:a5:0a:
b8:01:e7:98:d0:59:ee:d8:a7:25:a5:81:bc:fc:6b:94:ba:30:
21:6c:1f:2a:87:c6:a7:20:31:e6:6a:90:1a:a0:2e:59:90:63:
7a:d5:71:d9:f0:36:24:e6:76:7f:58:ee:7e:94:b0:a6:cd:63:
e2:3e:7d:a5:36:f7:86:f6:ea:bf:18:3c:16:b7:38:6c:68:e1:
30:00:9c:ee:4a:93:47:32:c7:2d:2c:61:d3:6b:74:5f:96:5a:
56:32:ba:fe:21:1d:41:ef:5b:bb:47:da:a9:5e:be:f7:58:51:
e5:1c:78:e9:8a:bb:53:25:62:18:fd:f0:dd:f5:ce:e0:48:5b:
fc:5c:07:3f:2f:58:56:90:99:6e:47:87:b5:f0:ac:32:54:b6:
e1:22:8e:81:fc:07:63:74:33:a4:aa:ad:95:cb:6e:77:83:11:
30:fe:3e:35
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAY/aLJwmgyOPggL+88guJg/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjQwNjAyMTgxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdjYTdhNGJmNmEwNzQ2NzM4ZjM4YjczYmM1MmRjYzk1MDQ3MWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUwsnk3d1c/j5dpNbOVm+5xKnL5h
hIfXT1z7RsqbzXr/7/1TIHmWfGVexFCL+ljKVoQdDkKXP2rIAUHCDJ5ugifv/h+f
yVjV8GLA90ZUxnRxvZMhq6p/Z2pMnNc6wZq5ZuZKp6x+JSGNSGeXnNUAyI+JWwU8
0oqtJ7QyII7S4Io6voS6DbvhnzaF7E9NhhTB3EEL+PdUcC57JdQUjY5f8UGaDpNv
KI14oudIN6zGoH8UpDRpV6gqS6X5rzIRUAvA/Z+SVloIjAeRDUdS0ajiEHaC4SBQ
ZQetAsSjkU/7I+nLwQOIIE6Q7kQc52XFicef56vaguack63iWsQ428FrYwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFDJ8p6S/agdGc484tzvFLcyVBHGsMB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvTW55bnBMOXFCMFp6anppM084VXR6SlVFY2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBgQQCAAEwewMDADOU
AwMAM5sDAwAzqgMEBj4DQAMEBk1ogAMDAlJEMAsDAwBYYQMEBFhhYAMEBVhhoDAL
AwMBWGIDBABYYhIwDAMEAFhiFQMEBVhiQDAMAwQHWGKAAwQDWGKgMAwDBAFYYqoD
BAZYYoADBAaSQkADBAXUFwADAwDZmzANBAIAAjAHAwUDKgKAEDANBgkqhkiG9w0B
AQsFAAOCAQEAOlIzSujp1LdHaouIWefvM837iSw13bMbZIqLc0cLaJRw8Ox8kVPl
k73t0uiSs0U7ayf+esbDAH+sj99k3D/Qs1/2LZvfnFrToFmSz1aexApHYz92tI57
46UKuAHnmNBZ7tinJaWBvPxrlLowIWwfKofGpyAx5mqQGqAuWZBjetVx2fA2JOZ2
f1jufpSwps1j4j59pTb3hvbqvxg8Frc4bGjhMACc7kqTRzLHLSxh02t0X5ZaVjK6
/iEdQe9bu0faqV6+91hR5Rx46Yq7UyViGP3w3fXO4Ehb/FwHPy9YVpCZbkeHtfCs
MlS24SKOgfwHY3QzpKqtlctud4MRMP4+NQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org