Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/mDo3d-op6hOtQ-nSeM2Ptzc4sxY.roa
File: mDo3d-op6hOtQ-nSeM2Ptzc4sxY.roa (raw, json)
Hash identifier: 6aKPOZyWrBpu+TqlCZAf2RNOFPQuGd9JNRzx9FH3mY8=
Subject key identifier: 98:3A:37:77:EA:29:EA:13:AD:43:E9:D2:78:CD:8F:B7:37:38:B3:16
Certificate issuer: /CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Certificate serial: 01941FFA3F616169C8997995A9EDF30D26A0
Authority key identifier: E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/mDo3d-op6hOtQ-nSeM2Ptzc4sxY.roa
Signing time: Wed 01 Jan 2025 03:48:01 +0000
ROA not before: Wed 01 Jan 2025 03:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21497
IP address blocks: 5.207.0.0/16 maxlen: 17
31.144.0.0/16 maxlen: 19
46.133.0.0/16 maxlen: 19
77.52.0.0/16 maxlen: 18
80.255.64.0/20 maxlen: 21
88.214.64.0/18 maxlen: 19
89.209.0.0/16 maxlen: 19
128.124.0.0/16 maxlen: 19
178.133.0.0/16 maxlen: 19
2a00:f50::/30 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 Jan 2025 12:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3f:61:61:69:c8:99:79:95:a9:ed:f3:0d:26:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1cadc8a421c1f22f1e2904ccfdbbcec5dbe1b11
Validity
Not Before: Jan 1 03:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=983a3777ea29ea13ad43e9d278cd8fb73738b316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:68:b4:58:a3:24:bd:00:cf:89:f5:b4:56:af:
70:47:23:52:f0:f7:87:1d:e7:ad:32:dd:4d:f9:5e:
d1:8a:f3:6b:b6:2e:d3:36:f0:14:8a:80:d6:a1:c8:
9f:aa:2d:b3:58:20:1f:bd:ce:6b:de:ab:df:bc:aa:
35:35:49:98:78:ef:86:3c:07:ff:cd:75:66:3c:52:
2f:f2:a1:3d:a2:2b:ff:e2:45:a4:bb:c3:bb:16:44:
21:81:19:b5:23:f8:37:16:45:36:91:d2:d2:f8:9d:
59:fe:14:83:27:ea:7d:42:a5:2b:0c:5f:96:c5:23:
b1:58:ae:de:09:32:55:3a:c7:93:a6:cd:df:76:56:
8e:7c:b1:fc:99:47:70:a5:08:c0:07:e9:53:50:4f:
89:08:f7:d7:c5:0f:8d:35:98:f2:98:8c:56:46:99:
96:96:00:29:2e:6e:35:d8:95:c7:8c:81:74:25:03:
e8:c1:c0:15:07:ea:68:63:40:fa:2d:a4:96:35:d1:
c5:f7:2f:f3:b2:19:b9:b3:79:cf:86:7c:23:3a:9d:
a2:8d:79:46:93:54:31:4e:36:f4:f3:03:1f:28:41:
db:17:3b:88:c9:df:18:0c:99:74:d0:74:b1:54:6a:
73:94:e4:b1:09:1f:76:8f:a7:36:10:9e:93:c7:47:
67:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3A:37:77:EA:29:EA:13:AD:43:E9:D2:78:CD:8F:B7:37:38:B3:16
X509v3 Authority Key Identifier:
keyid:E1:CA:DC:8A:42:1C:1F:22:F1:E2:90:4C:CF:DB:BC:EC:5D:BE:1B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4crcikIcHyLx4pBMz9u87F2-GxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/mDo3d-op6hOtQ-nSeM2Ptzc4sxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/11af42-d3ed-43cd-8274-742dc0c970c0/1/4crcikIcHyLx4pBMz9u87F2-GxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.207.0.0/16
31.144.0.0/16
46.133.0.0/16
77.52.0.0/16
80.255.64.0/20
88.214.64.0/18
89.209.0.0/16
128.124.0.0/16
178.133.0.0/16
IPv6:
2a00:f50::/30
Signature Algorithm: sha256WithRSAEncryption
0f:85:e5:bf:bb:64:87:1f:ea:55:67:1c:24:b0:a8:ef:bf:6a:
66:99:d8:08:83:a4:22:6c:c4:99:90:31:33:71:fe:1d:db:26:
72:9e:fc:18:ad:dd:96:97:10:b0:c7:51:98:b8:e7:de:ba:c4:
11:27:c7:ec:0c:45:4a:b4:f2:52:ac:3a:63:e7:d3:88:ea:e1:
5c:5d:03:69:76:3e:2a:d2:b2:fa:d0:25:cb:a5:40:76:f0:91:
88:90:76:c6:4e:6a:98:a4:2b:86:f2:01:2a:a5:eb:8b:9c:23:
51:f6:19:3e:71:7e:d8:3b:f3:c6:c9:07:fd:ca:68:03:41:74:
90:d8:8c:c4:46:2b:4a:70:6f:63:f2:41:6b:1d:19:18:0e:57:
47:c3:c9:94:d3:2a:f0:3f:21:e2:62:ad:6f:a4:8a:db:c4:94:
cf:ff:88:81:ef:08:30:8d:ca:b4:2a:08:74:11:8b:c1:54:17:
74:95:55:51:33:ac:45:6c:5d:38:57:fb:f0:01:b4:c8:d3:00:
48:8b:cd:3f:f2:a7:5a:17:06:ec:c4:2a:f8:80:78:a0:2f:31:
91:02:b2:b1:9a:fe:20:31:1d:07:e0:17:b6:9b:91:01:65:78:
c6:54:fb:27:00:30:5e:9d:38:97:41:ca:b2:39:ae:46:8b:37:
57:61:e4:1d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQf+j9hYWnImXmVqe3zDSagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxY2FkYzhhNDIxYzFmMjJmMWUyOTA0Y2NmZGJiY2VjNWRi
ZTFiMTEwHhcNMjUwMTAxMDM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNhMzc3N2VhMjllYTEzYWQ0M2U5ZDI3OGNkOGZiNzM3MzhiMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGi0WKMkvQDPifW0Vq9wRyNS8PeH
HeetMt1N+V7RivNrti7TNvAUioDWocifqi2zWCAfvc5r3qvfvKo1NUmYeO+GPAf/
zXVmPFIv8qE9oiv/4kWku8O7FkQhgRm1I/g3FkU2kdLS+J1Z/hSDJ+p9QqUrDF+W
xSOxWK7eCTJVOseTps3fdlaOfLH8mUdwpQjAB+lTUE+JCPfXxQ+NNZjymIxWRpmW
lgApLm412JXHjIF0JQPowcAVB+poY0D6LaSWNdHF9y/zshm5s3nPhnwjOp2ijXlG
k1QxTjb08wMfKEHbFzuIyd8YDJl00HSxVGpzlOSxCR92j6c2EJ6Tx0dnQwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJg6N3fqKeoTrUPp0njNj7c3OLMWMB8GA1UdIwQY
MBaAFOHK3IpCHB8i8eKQTM/bvOxdvhsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQt
NzQyZGMwYzk3MGMwLzEvbURvM2Qtb3A2aE90US1uU2VNMlB0emM0c3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xMWFmNDItZDNlZC00M2NkLTgyNzQtNzQyZGMwYzk3MGMw
LzEvNGNyY2lrSWNIeUx4NHBCTXo5dTg3RjItR3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMABc8DAwAf
kAMDAC6FAwMATTQDBARQ/0ADBAZY1kADAwBZ0QMDAIB8AwMAsoUwDQQCAAIwBwMF
AioAD1AwDQYJKoZIhvcNAQELBQADggEBAA+F5b+7ZIcf6lVnHCSwqO+/amaZ2AiD
pCJsxJmQMTNx/h3bJnKe/Bit3ZaXELDHUZi45966xBEnx+wMRUq08lKsOmPn04jq
4VxdA2l2PirSsvrQJculQHbwkYiQdsZOapikK4byASql64ucI1H2GT5xftg788bJ
B/3KaANBdJDYjMRGK0pwb2PyQWsdGRgOV0fDyZTTKvA/IeJirW+kitvElM//iIHv
CDCNyrQqCHQRi8FUF3SVVVEzrEVsXThX+/ABtMjTAEiLzT/yp1oXBuzEKviAeKAv
MZECsrGa/iAxHQfgF7abkQFleMZU+ycAMF6dOJdByrI5rkaLN1dh5B0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:38 2025 by rpki-client