Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mMSyA77NVWG6tbQzO4BBU4T3sSI.roa
File: mMSyA77NVWG6tbQzO4BBU4T3sSI.roa (raw, json)
Hash identifier: 4+4TQDKvwI8gAC3Ovqw+Z0SS7Wwirz08xI3EJ1poi30=
Subject key identifier: 98:C4:B2:03:BE:CD:55:61:BA:B5:B4:33:3B:80:41:53:84:F7:B1:22
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0190DA8C30CC503A4C64AFDA98DC3D250F20
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mMSyA77NVWG6tbQzO4BBU4T3sSI.roa
Signing time: Mon 22 Jul 2024 13:05:38 +0000
ROA not before: Mon 22 Jul 2024 13:05:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
45.132.252.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.139.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
103.82.103.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.204.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.200.188.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
193.124.176.0/21 maxlen: 21
193.124.176.0/24 maxlen: 24
193.124.177.0/24 maxlen: 24
193.124.178.0/24 maxlen: 24
193.124.179.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.184.0/21 maxlen: 21
193.124.184.0/24 maxlen: 24
193.124.186.0/24 maxlen: 24
193.124.187.0/24 maxlen: 24
193.124.188.0/24 maxlen: 24
193.124.189.0/24 maxlen: 24
193.124.190.0/24 maxlen: 24
193.124.191.0/24 maxlen: 24
193.168.224.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.193.0/24 maxlen: 24
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a0a:9300::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9300:d0::/48 maxlen: 48
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9302:1::/48 maxlen: 48
2a0b:7780::/29 maxlen: 29
2a0c:77c0::/32 maxlen: 32
2a0d:3880::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jul 2024 07:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:8c:30:cc:50:3a:4c:64:af:da:98:dc:3d:25:0f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jul 22 13:05:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c4b203becd5561bab5b4333b80415384f7b122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:01:a2:7d:d9:e7:11:37:a2:db:4b:59:82:
d0:0c:32:05:30:8a:4d:98:40:01:80:54:b1:eb:5c:
a3:d0:3d:a2:a7:b5:62:89:df:b6:5d:92:ff:1e:b3:
19:a7:5c:7a:44:0d:90:6c:ad:14:29:2e:f3:a1:fd:
a8:20:26:43:1e:88:26:99:40:4d:c1:52:d1:e3:f9:
6a:8c:17:31:bb:40:c3:f5:71:40:74:09:8e:71:44:
5a:c4:f2:86:d0:21:c7:0a:a9:c9:ec:f5:61:56:25:
53:42:c0:f2:8d:12:b0:b9:90:07:4f:07:8c:db:92:
20:ee:1c:0f:50:c9:f2:88:5f:a8:ff:3d:fd:2e:ea:
7a:3f:a4:28:e7:95:50:24:d6:4b:7a:c3:14:9c:47:
21:70:4d:93:78:18:40:cb:9e:41:09:f7:5a:4e:ea:
e8:f2:e2:ba:d9:16:9b:d1:b0:7a:1b:78:89:a0:dc:
1b:ac:99:fb:28:04:15:5e:22:12:a6:e9:92:df:98:
f0:e3:c9:3e:45:2a:ce:54:68:43:05:3d:0b:7d:09:
53:b7:54:74:c1:7f:d7:69:84:64:de:3d:03:1e:43:
f8:67:00:eb:7a:95:f5:fc:09:34:8c:75:40:04:ca:
91:6d:6f:3f:89:97:5d:69:01:9c:72:7e:1b:a2:8b:
b9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C4:B2:03:BE:CD:55:61:BA:B5:B4:33:3B:80:41:53:84:F7:B1:22
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/mMSyA77NVWG6tbQzO4BBU4T3sSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
45.132.252.0/24
91.217.80.0/24
94.142.136.0/21
103.82.103.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
185.200.188.0/24
193.124.176.0/20
193.168.224.0/24
194.67.192.0/19
195.47.250.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
2a0b:7780::/29
2a0c:77c0::/32
2a0d:3880::/29
Signature Algorithm: sha256WithRSAEncryption
13:a8:97:d1:5c:42:91:5a:47:bd:28:67:67:56:a0:77:51:5a:
91:38:e8:d7:52:a0:94:be:60:0f:4f:39:56:85:d6:8a:86:ab:
ef:7b:f8:ea:86:ac:20:6b:98:ce:62:73:87:b6:38:ad:ed:95:
2f:3f:e6:7e:2e:b8:42:e8:50:13:66:1e:3e:bb:52:48:bb:27:
30:42:26:0b:ff:98:f0:a2:a9:6c:63:ff:44:52:21:47:4c:b1:
e1:01:25:06:3e:0f:f1:af:d9:e9:31:67:39:06:b4:1a:14:2b:
af:85:c6:08:07:2c:2e:63:91:35:4f:9c:09:81:34:15:80:f6:
42:ed:92:b4:c4:ee:e2:89:b0:3b:ee:21:d3:e7:a3:d0:c8:5d:
4a:b3:f3:ff:8c:1c:4d:8f:a6:20:ce:a1:5b:ce:82:5e:cd:1f:
6a:54:5b:cb:9e:85:90:11:ae:6c:df:3d:e8:72:d2:8c:88:c2:
14:ef:18:9b:dd:8d:ae:05:44:c0:13:ab:ec:cc:e7:dc:e7:15:
fe:75:0c:fd:66:9a:4f:29:1e:c4:ad:f9:f3:01:54:78:19:bc:
97:60:0b:6a:b7:16:89:31:0a:db:56:93:9e:5a:86:21:d0:2a:
ab:b4:03:4b:46:af:2f:1f:ad:b9:82:a9:d1:8b:a9:40:fe:11:
4d:cb:08:0a
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZDajDDMUDpMZK/amNw9JQ8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNzIyMTMwNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM0YjIwM2JlY2Q1NTYxYmFiNWI0MzMzYjgwNDE1Mzg0ZjdiMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtuQBon3Z5xE3ottLWYLQDDIFMIpN
mEABgFSx61yj0D2ip7Viid+2XZL/HrMZp1x6RA2QbK0UKS7zof2oICZDHogmmUBN
wVLR4/lqjBcxu0DD9XFAdAmOcURaxPKG0CHHCqnJ7PVhViVTQsDyjRKwuZAHTweM
25Ig7hwPUMnyiF+o/z39Lup6P6Qo55VQJNZLesMUnEchcE2TeBhAy55BCfdaTuro
8uK62Rab0bB6G3iJoNwbrJn7KAQVXiISpumS35jw48k+RSrOVGhDBT0LfQlTt1R0
wX/XaYRk3j0DHkP4ZwDrepX1/Ak0jHVABMqRbW8/iZddaQGccn4boou51QIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFJjEsgO+zVVhurW0MzuAQVOE97EiMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbU1TeUE3N05WV0c2dGJRek80QkJVNFQzc1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DByBAIAATBsAwQBLVlC
AwQCLYCwAwQALYT8AwQAW9lQAwQDXo6IAwQAZ1JnAwQCuQX4AwQCuTrMAwQCuVcw
AwQBuWl0AwQCuXWYAwQCuX3YAwQCuX3kAwQAuci8AwQEwXywAwQAwajgAwQFwkPA
AwQAwy/6MFoEAgACMFQDBwAqCpMAAAADBwAqCpMAAAIwEgMHBCoKkwAA0AMHACoK
kwAA0jAQAwUAKgqTAQMHACoKkwEAAgMFACoKkwIDBQMqC3eAAwUAKgx3wAMFAyoN
OIAwDQYJKoZIhvcNAQELBQADggEBABOol9FcQpFaR70oZ2dWoHdRWpE46NdSoJS+
YA9POVaF1oqGq+97+OqGrCBrmM5ic4e2OK3tlS8/5n4uuELoUBNmHj67Uki7JzBC
Jgv/mPCiqWxj/0RSIUdMseEBJQY+D/Gv2ekxZzkGtBoUK6+FxggHLC5jkTVPnAmB
NBWA9kLtkrTE7uKJsDvuIdPno9DIXUqz8/+MHE2PpiDOoVvOgl7NH2pUW8uehZAR
rmzfPehy0oyIwhTvGJvdja4FRMATq+zM59znFf51DP1mmk8pHsSt+fMBVHgZvJdg
C2q3FokxCttWk55ahiHQKqu0A0tGry8frbmCqdGLqUD+EU3LCAo=
-----END CERTIFICATE-----
Generated at Mon Jul 29 09:31:53 2024 by rpki-client on console-ams.rpki-client.org