Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/MuSzEaPivNj2TaPBec2y5lhkFIY.roa
File: MuSzEaPivNj2TaPBec2y5lhkFIY.roa (raw, json)
Hash identifier: Xaf0fbQlQRqRLchOPCnyPBlFx90RCsTcbBA7LLX5hX0=
Subject key identifier: 32:E4:B3:11:A3:E2:BC:D8:F6:4D:A3:C1:79:CD:B2:E6:58:64:14:86
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019415113F191082C9BC3FFC8D97AA195F16
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/MuSzEaPivNj2TaPBec2y5lhkFIY.roa
Signing time: Mon 30 Dec 2024 00:57:19 +0000
ROA not before: Mon 30 Dec 2024 00:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.187.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
45.248.54.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.144.0/24 maxlen: 24
63.246.148.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/24 maxlen: 24
63.246.159.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
103.216.197.0/24 maxlen: 24
103.216.199.0/24 maxlen: 24
149.126.13.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
212.60.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:15:11:3f:19:10:82:c9:bc:3f:fc:8d:97:aa:19:5f:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Dec 30 00:57:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32e4b311a3e2bcd8f64da3c179cdb2e658641486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:10:bc:7b:2d:b8:88:fa:88:bd:8b:69:09:14:
4f:d4:a5:8e:54:d9:36:f8:ae:3a:83:f6:30:91:92:
b8:b9:52:43:e2:c1:24:38:41:f4:d8:88:e1:de:ce:
24:15:2e:9a:38:30:e0:9c:bb:de:3c:c2:76:40:04:
19:08:2b:cd:75:10:f9:5e:17:7b:6f:81:56:2d:07:
82:8e:60:19:ac:96:a5:3f:40:c3:33:59:23:cf:6d:
a5:58:61:16:7c:38:c3:e4:8b:2b:14:e4:d4:63:c1:
df:d1:c6:bf:a7:05:4d:79:83:05:99:72:14:3a:1d:
f4:20:ff:25:59:e4:20:3b:d3:ec:1d:8d:28:47:68:
d0:f8:ff:ce:71:1b:17:0f:fb:93:10:26:39:e1:bc:
93:d9:83:a5:2b:ca:fd:c8:d9:e8:02:ac:38:a8:91:
9f:45:e4:e2:14:75:ac:c2:fd:3f:3f:a2:59:60:55:
07:97:23:8c:f4:2d:2d:80:72:55:c1:7e:b5:f8:63:
32:ea:b2:a0:93:41:62:00:be:5c:19:67:b9:50:5b:
51:d6:fd:21:86:8e:7c:04:67:ce:5a:9d:d6:8e:a6:
c5:b0:05:91:cb:ba:e5:79:6b:0f:1c:40:f7:cf:17:
91:23:a8:db:1f:51:39:ee:0b:b3:40:70:f5:34:d2:
f2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:E4:B3:11:A3:E2:BC:D8:F6:4D:A3:C1:79:CD:B2:E6:58:64:14:86
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/MuSzEaPivNj2TaPBec2y5lhkFIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/23
5.182.193.0-5.182.195.255
5.182.198.0/24
31.132.54.0/23
45.248.54.0/24
63.246.129.0-63.246.133.255
63.246.137.0/24
63.246.144.0/24
63.246.148.0/24
63.246.150.0-63.246.152.255
63.246.158.0/23
78.31.204.0/24
78.31.206.0/24
94.154.170.0/24
103.216.197.0/24
103.216.199.0/24
149.126.13.0/24
162.218.88.0/23
162.218.91.0/24
185.52.137.0/24
185.171.126.0/24
185.201.40.0/23
185.201.43.0/24
212.60.14.0/24
Signature Algorithm: sha256WithRSAEncryption
55:52:f8:cf:41:6b:e8:59:0c:c5:95:3b:a4:2f:c7:de:6e:6a:
38:54:d3:e4:df:6f:7b:e6:a5:f7:21:07:4f:76:7b:0f:83:9d:
b2:7c:c4:11:c8:5c:1e:26:2e:34:73:5e:fb:c4:4a:21:ea:db:
0d:5e:3a:43:b7:f9:12:64:c0:37:39:7b:48:5f:ef:e0:f4:0e:
f9:e4:ce:ad:f6:eb:2a:0b:de:5e:aa:7c:40:a8:5d:76:84:82:
7d:1f:6d:49:db:46:c0:7b:5f:b2:a7:ab:9c:4a:ff:fe:fd:70:
fb:63:e5:f2:7b:57:cd:98:74:cf:74:55:43:b6:51:a6:1a:09:
ae:c8:b3:58:5a:e7:f5:04:90:41:c0:1a:bc:2f:ca:22:49:c4:
60:86:76:cf:33:c1:57:9d:e8:d9:93:56:47:d0:9e:58:ab:f0:
92:e2:61:66:53:44:06:cc:88:d5:fc:e9:0c:88:17:fb:09:0f:
d3:70:1f:36:8d:07:86:d7:29:b6:b5:9f:5a:a0:90:b1:43:9c:
69:64:75:04:78:51:bf:97:8a:95:0f:29:e8:d5:7a:93:06:48:
4c:f9:27:d5:32:41:21:b2:8b:12:6d:5f:fc:3c:c4:5b:9d:9c:
05:df:65:51:0a:84:2a:7a:e7:fb:45:e3:27:46:f6:bb:58:de:
e3:5e:9e:5b
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZQVET8ZEILJvD/8jZeqGV8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQxMjMwMDA1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmU0YjMxMWEzZTJiY2Q4ZjY0ZGEzYzE3OWNkYjJlNjU4NjQxNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRC8ey24iPqIvYtpCRRP1KWOVNk2
+K46g/YwkZK4uVJD4sEkOEH02Ijh3s4kFS6aODDgnLvePMJ2QAQZCCvNdRD5Xhd7
b4FWLQeCjmAZrJalP0DDM1kjz22lWGEWfDjD5IsrFOTUY8Hf0ca/pwVNeYMFmXIU
Oh30IP8lWeQgO9PsHY0oR2jQ+P/OcRsXD/uTECY54byT2YOlK8r9yNnoAqw4qJGf
ReTiFHWswv0/P6JZYFUHlyOM9C0tgHJVwX61+GMy6rKgk0FiAL5cGWe5UFtR1v0h
ho58BGfOWp3WjqbFsAWRy7rleWsPHED3zxeRI6jbH1E57guzQHD1NNLyPwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFDLksxGj4rzY9k2jwXnNsuZYZBSGMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvTXVTekVhUGl2TmoyVGFQQmVjMnk1bGhrRklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAEF
trowDAMEAAW2wQMEAgW2wAMEAAW2xgMEAR+ENgMEAC34NjAMAwQAP/aBAwQBP/aE
AwQAP/aJAwQAP/aQAwQAP/aUMAwDBAE/9pYDBAA/9pgDBAE/9p4DBABOH8wDBABO
H84DBABemqoDBABn2MUDBABn2McDBACVfg0DBAGi2lgDBACi2lsDBAC5NIkDBAC5
q34DBAG5ySgDBAC5ySsDBADUPA4wDQYJKoZIhvcNAQELBQADggEBAFVS+M9Ba+hZ
DMWVO6Qvx95uajhU0+Tfb3vmpfchB092ew+DnbJ8xBHIXB4mLjRzXvvESiHq2w1e
OkO3+RJkwDc5e0hf7+D0Dvnkzq326yoL3l6qfECoXXaEgn0fbUnbRsB7X7Knq5xK
//79cPtj5fJ7V82YdM90VUO2UaYaCa7Is1ha5/UEkEHAGrwvyiJJxGCGds8zwVed
6NmTVkfQnlir8JLiYWZTRAbMiNX86QyIF/sJD9NwHzaNB4bXKba1n1qgkLFDnGlk
dQR4Ub+XipUPKejVepMGSEz5J9UyQSGyixJtX/w8xFudnAXfZVEKhCp65/tF4ydG
9rtY3uNenls=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:52:34 2025 by rpki-client