Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/tMugKmCf-bfGBG7Ii6I9KNM2MJc.roa
File: tMugKmCf-bfGBG7Ii6I9KNM2MJc.roa (raw, json)
Hash identifier: k9QTIDdBm/L7fZ8WydDV/IGlpZxmXm0xFNC9mb/IvPQ=
Subject key identifier: B4:CB:A0:2A:60:9F:F9:B7:C6:04:6E:C8:8B:A2:3D:28:D3:36:30:97
Certificate issuer: /CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Certificate serial: 01927B308B570B4AFBBC9F74842E2CD20344
Authority key identifier: 9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/tMugKmCf-bfGBG7Ii6I9KNM2MJc.roa
Signing time: Fri 11 Oct 2024 10:47:11 +0000
ROA not before: Fri 11 Oct 2024 10:47:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12843
IP address blocks: 37.16.64.0/21 maxlen: 21
37.228.160.0/20 maxlen: 20
46.167.16.0/21 maxlen: 21
46.232.224.0/21 maxlen: 21
81.26.160.0/20 maxlen: 20
85.115.0.0/19 maxlen: 19
88.214.60.0/22 maxlen: 22
93.189.152.0/21 maxlen: 21
109.109.200.0/21 maxlen: 21
109.109.201.200/30 maxlen: 30
185.9.176.0/22 maxlen: 22
185.106.0.0/21 maxlen: 21
213.144.0.0/19 maxlen: 19
2a02:788::/29 maxlen: 29
2a02:788:1::18/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7b:30:8b:57:0b:4a:fb:bc:9f:74:84:2e:2c:d2:03:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b7d24416aa8a478b3ed36e2e65855d42259d9ee
Validity
Not Before: Oct 11 10:47:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4cba02a609ff9b7c6046ec88ba23d28d3363097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bc:81:64:91:1a:d4:77:40:7b:c7:d0:dd:67:
2c:aa:ee:72:eb:22:b3:3f:55:d7:63:d5:00:03:2f:
bc:77:52:0e:f4:75:8d:25:bc:2d:74:00:dd:00:84:
3c:76:6a:41:24:e0:ae:71:f0:5c:4d:2e:d5:d6:cd:
73:91:36:2d:47:1b:4b:ec:1d:24:6b:3b:00:cd:34:
fd:02:df:62:bf:1b:20:eb:d3:27:7c:21:8a:49:6d:
24:60:d0:27:85:f9:2a:0e:e5:66:65:f1:ab:cb:87:
35:7d:b5:d0:8f:78:db:f7:a6:ae:e6:9c:58:f2:0c:
61:92:f4:3e:4c:5e:c0:de:4c:43:b7:5a:bf:fe:20:
0e:7b:d7:98:e7:d2:87:60:47:f6:da:b9:5e:06:9a:
60:24:0f:9b:37:68:29:a1:35:16:d0:a6:96:b4:b7:
b6:28:67:5c:33:1f:fa:d4:09:d6:a0:81:21:d3:02:
28:a7:9c:cc:2e:bf:ab:75:18:62:34:34:9a:7d:72:
7d:90:16:d4:b3:c8:8a:13:a0:02:71:0e:3b:bc:c0:
8e:a8:71:fc:5b:f8:63:08:62:9b:0c:64:9a:2d:38:
17:2d:75:05:18:37:56:a2:34:b8:0a:f8:e3:8d:64:
27:47:1d:6b:a3:c0:0f:76:de:5f:b7:87:63:e6:4f:
31:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:CB:A0:2A:60:9F:F9:B7:C6:04:6E:C8:8B:A2:3D:28:D3:36:30:97
X509v3 Authority Key Identifier:
keyid:9B:7D:24:41:6A:A8:A4:78:B3:ED:36:E2:E6:58:55:D4:22:59:D9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m30kQWqopHiz7Tbi5lhV1CJZ2e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/tMugKmCf-bfGBG7Ii6I9KNM2MJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/1b8f2a-0abd-4ffb-82f6-ef3bbb05655e/1/m30kQWqopHiz7Tbi5lhV1CJZ2e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.64.0/21
37.228.160.0/20
46.167.16.0/21
46.232.224.0/21
81.26.160.0/20
85.115.0.0/19
88.214.60.0/22
93.189.152.0/21
109.109.200.0/21
185.9.176.0/22
185.106.0.0/21
213.144.0.0/19
IPv6:
2a02:788::/29
Signature Algorithm: sha256WithRSAEncryption
0e:e7:5b:1c:87:cc:30:cc:98:00:34:38:a8:d7:af:f2:61:03:
f2:7c:13:69:87:95:26:9d:3c:37:37:29:68:a2:f7:eb:ae:92:
15:38:37:aa:db:e8:4d:cc:63:53:84:60:0a:d3:de:e7:d0:17:
c6:c1:37:6e:ba:16:83:4b:e4:2c:0a:51:2a:80:41:19:14:a8:
df:31:46:ee:99:03:bc:12:a2:9a:98:23:a8:8c:7e:72:d5:30:
e4:83:68:d3:04:69:b0:9b:46:80:ee:4c:15:2b:35:47:00:ff:
80:9e:90:5b:a0:12:77:29:20:a5:9a:19:37:d1:bc:bc:75:5b:
97:76:91:6b:3a:b4:d4:50:d5:86:dc:7b:5b:b7:7e:a1:71:3f:
ba:e7:e0:df:16:a2:4b:cc:e4:30:85:99:b0:ec:66:56:e6:5c:
f2:f9:f6:ca:e4:d6:11:a5:68:fb:17:62:1c:a9:37:bc:22:41:
37:64:a2:62:ea:8a:7a:f5:ec:69:89:4b:b4:e3:0b:7b:88:5d:
8e:17:24:93:b7:7d:12:8e:50:12:4d:a1:ad:d4:0a:01:23:aa:
4c:22:1b:fe:f4:da:c7:a2:40:d5:09:e3:29:ec:a4:b3:52:75:
de:4b:f1:da:37:f2:ad:d4:de:45:f9:c3:e2:12:82:34:d5:48:
49:30:3e:69
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZJ7MItXC0r7vJ90hC4s0gNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliN2QyNDQxNmFhOGE0NzhiM2VkMzZlMmU2NTg1NWQ0MjI1
OWQ5ZWUwHhcNMjQxMDExMTA0NzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGNiYTAyYTYwOWZmOWI3YzYwNDZlYzg4YmEyM2QyOGQzMzYzMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbyBZJEa1HdAe8fQ3Wcsqu5y6yKz
P1XXY9UAAy+8d1IO9HWNJbwtdADdAIQ8dmpBJOCucfBcTS7V1s1zkTYtRxtL7B0k
azsAzTT9At9ivxsg69MnfCGKSW0kYNAnhfkqDuVmZfGry4c1fbXQj3jb96au5pxY
8gxhkvQ+TF7A3kxDt1q//iAOe9eY59KHYEf22rleBppgJA+bN2gpoTUW0KaWtLe2
KGdcMx/61AnWoIEh0wIop5zMLr+rdRhiNDSafXJ9kBbUs8iKE6ACcQ47vMCOqHH8
W/hjCGKbDGSaLTgXLXUFGDdWojS4CvjjjWQnRx1ro8APdt5ft4dj5k8xQQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFLTLoCpgn/m3xgRuyIuiPSjTNjCXMB8GA1UdIwQY
MBaAFJt9JEFqqKR4s+024uZYVdQiWdnuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYt
ZWYzYmJiMDU2NTVlLzEvdE11Z0ttQ2YtYmZHQkc3SWk2STlLTk0yTUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8xYjhmMmEtMGFiZC00ZmZiLTgyZjYtZWYzYmJiMDU2NTVl
LzEvbTMwa1FXcW9wSGl6N1RiaTVsaFYxQ0paMmU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJRBAAwQE
JeSgAwQDLqcQAwQDLujgAwQEURqgAwQFVXMAAwQCWNY8AwQDXb2YAwQDbW3IAwQC
uQmwAwQDuWoAAwQF1ZAAMA0EAgACMAcDBQMqAgeIMA0GCSqGSIb3DQEBCwUAA4IB
AQAO51sch8wwzJgANDio16/yYQPyfBNph5UmnTw3NyloovfrrpIVODeq2+hNzGNT
hGAK097n0BfGwTduuhaDS+QsClEqgEEZFKjfMUbumQO8EqKamCOojH5y1TDkg2jT
BGmwm0aA7kwVKzVHAP+AnpBboBJ3KSClmhk30by8dVuXdpFrOrTUUNWG3Htbt36h
cT+65+DfFqJLzOQwhZmw7GZW5lzy+fbK5NYRpWj7F2IcqTe8IkE3ZKJi6op69exp
iUu04wt7iF2OFySTt30SjlASTaGt1AoBI6pMIhv+9NrHokDVCeMp7KSzUnXeS/Ha
N/Kt1N5F+cPiEoI01UhJMD5p
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:00:06 2025 by rpki-client