Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/mxjapXk8s1R_1eg7-0-2RbtdokM.roa
File: mxjapXk8s1R_1eg7-0-2RbtdokM.roa (raw, json)
Hash identifier: E/fmiAyE9UEwMWPljCprlZ+4uMg1nWYMYodrK6cRp2c=
Subject key identifier: 9B:18:DA:A5:79:3C:B3:54:7F:D5:E8:3B:FB:4F:B6:45:BB:5D:A2:43
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 018CC5008F4F744345AEFF30DF96CE1EEBA8
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/mxjapXk8s1R_1eg7-0-2RbtdokM.roa
Signing time: Mon 01 Jan 2024 12:29:57 +0000
ROA not before: Mon 01 Jan 2024 12:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43733
IP address blocks: 217.76.0.0/24 maxlen: 24
217.76.0.0/21 maxlen: 21
217.76.0.0/20 maxlen: 20
217.76.2.0/24 maxlen: 24
217.76.1.0/24 maxlen: 24
217.76.8.0/21 maxlen: 21
46.130.0.0/17 maxlen: 17
46.130.0.0/16 maxlen: 16
83.139.24.0/22 maxlen: 22
83.139.24.0/21 maxlen: 21
83.139.28.0/22 maxlen: 22
185.36.36.0/22 maxlen: 22
185.36.36.0/24 maxlen: 24
46.130.128.0/17 maxlen: 17
46.130.255.0/24 maxlen: 24
2a00:1f28::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Apr 2024 06:05:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:8f:4f:74:43:45:ae:ff:30:df:96:ce:1e:eb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: Jan 1 12:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b18daa5793cb3547fd5e83bfb4fb645bb5da243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:97:cc:d1:47:e6:bd:a8:c4:01:1e:5c:85:48:
39:67:7c:6a:1a:af:8c:c4:8e:4e:93:dd:9f:f2:c2:
75:f0:fe:b3:f1:4e:fc:d3:99:87:60:2d:29:a5:0c:
85:bc:8d:4d:f3:ca:9a:ad:64:81:aa:80:2d:5c:9c:
36:87:f3:2b:5e:e3:35:f0:0a:59:4e:04:52:04:3d:
82:35:de:8e:44:63:f0:ce:2e:0a:e0:23:88:3a:4d:
98:50:b9:74:2a:d0:07:d9:33:cb:5d:91:eb:2e:81:
47:d9:7b:4b:82:6b:a4:81:28:14:cd:09:43:59:b9:
91:43:80:29:9d:e9:bd:c0:77:d7:f6:4b:2a:1a:ca:
91:ff:6a:11:a9:67:67:93:12:e8:c0:8c:b4:86:14:
ba:00:8c:54:44:6f:bd:ee:c9:dc:3a:d6:b8:c1:da:
33:79:fb:ae:f7:18:a8:c4:99:f4:e3:a3:c9:ad:74:
08:45:96:61:f4:e0:a2:fe:ef:0b:64:e3:b1:df:e5:
01:2d:46:66:72:64:43:1d:87:3a:26:03:c3:de:57:
18:a0:30:92:d9:1a:5c:fa:e2:40:8e:64:13:71:fb:
19:9b:b0:23:7f:c9:31:b4:c9:16:ac:d4:45:6c:38:
7f:60:05:3b:3a:7b:15:b6:7b:d1:e9:ad:ec:f6:2f:
d7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:18:DA:A5:79:3C:B3:54:7F:D5:E8:3B:FB:4F:B6:45:BB:5D:A2:43
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/mxjapXk8s1R_1eg7-0-2RbtdokM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.130.0.0/16
83.139.24.0/21
185.36.36.0/22
217.76.0.0/20
IPv6:
2a00:1f28::/32
Signature Algorithm: sha256WithRSAEncryption
7b:1f:6f:55:b7:38:68:be:e4:d1:bf:1e:bd:53:1a:56:b7:ca:
09:67:ca:76:13:ab:1e:9b:5c:90:f7:c7:df:08:dc:2d:59:75:
2a:ff:63:d7:f8:20:f4:0a:29:6b:d3:3f:a5:ea:f9:11:12:37:
de:a9:6b:ed:64:8f:91:37:2b:64:49:27:59:19:29:d2:9f:4e:
90:ab:b6:52:fa:04:28:b7:4d:99:67:a8:d9:4b:17:d1:92:fc:
58:bf:27:bd:3f:49:3e:89:12:2e:4d:dc:6b:05:40:0d:68:c0:
6f:43:0b:36:2f:91:98:16:78:50:fb:d3:e6:3b:10:d7:e2:7f:
de:61:2a:71:b1:c9:00:35:35:48:14:45:ab:9e:d0:52:02:e9:
2b:d2:d6:b7:65:f9:99:82:61:0b:25:6b:a7:ed:fb:7d:68:de:
4e:3c:60:80:94:08:5e:f3:4a:82:11:d4:49:43:2d:39:bf:1c:
53:5f:0f:08:3f:83:b1:c7:0a:b1:9a:1d:c6:96:33:75:15:6d:
da:f3:81:0b:34:64:65:b8:02:6d:ed:55:8f:8d:44:74:25:fb:
42:61:b9:6d:54:d4:b0:c7:33:0c:b6:ea:bf:1f:80:a6:78:29:
36:bf:f9:9b:db:2b:0b:05:16:a7:57:16:d1:a3:39:05:00:c3:
73:a2:26:fb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzFAI9PdENFrv8w35bOHuuoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjQwMTAxMTIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE4ZGFhNTc5M2NiMzU0N2ZkNWU4M2JmYjRmYjY0NWJiNWRhMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5fM0UfmvajEAR5chUg5Z3xqGq+M
xI5Ok92f8sJ18P6z8U7805mHYC0ppQyFvI1N88qarWSBqoAtXJw2h/MrXuM18ApZ
TgRSBD2CNd6ORGPwzi4K4COIOk2YULl0KtAH2TPLXZHrLoFH2XtLgmukgSgUzQlD
WbmRQ4Apnem9wHfX9ksqGsqR/2oRqWdnkxLowIy0hhS6AIxURG+97sncOta4wdoz
efuu9xioxJn046PJrXQIRZZh9OCi/u8LZOOx3+UBLUZmcmRDHYc6JgPD3lcYoDCS
2Rpc+uJAjmQTcfsZm7Ajf8kxtMkWrNRFbDh/YAU7OnsVtnvR6a3s9i/XeQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJsY2qV5PLNUf9XoO/tPtkW7XaJDMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvbXhqYXBYazhzMVJfMWVnNy0wLTJSYnRkb2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMALoIDBANT
ixgDBAK5JCQDBATZTAAwDQQCAAIwBwMFACoAHygwDQYJKoZIhvcNAQELBQADggEB
AHsfb1W3OGi+5NG/Hr1TGla3yglnynYTqx6bXJD3x98I3C1ZdSr/Y9f4IPQKKWvT
P6Xq+RESN96pa+1kj5E3K2RJJ1kZKdKfTpCrtlL6BCi3TZlnqNlLF9GS/Fi/J70/
ST6JEi5N3GsFQA1owG9DCzYvkZgWeFD70+Y7ENfif95hKnGxyQA1NUgURaue0FIC
6SvS1rdl+ZmCYQsla6ft+31o3k48YICUCF7zSoIR1ElDLTm/HFNfDwg/g7HHCrGa
HcaWM3UVbdrzgQs0ZGW4Am3tVY+NRHQl+0JhuW1U1LDHMwy26r8fgKZ4KTa/+Zvb
KwsFFqdXFtGjOQUAw3OiJvs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:32 2024 by rpki-client on console-fra.rpki-client.org