Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/mMs_dVOhpFLi0n7LyJcLjwIt86o.roa
File: mMs_dVOhpFLi0n7LyJcLjwIt86o.roa (raw, json)
Hash identifier: PFU5sdmXPlpOmuFHLFhjdMx3RnWmWEDPjNR5bSNBT6o=
Subject key identifier: 98:CB:3F:75:53:A1:A4:52:E2:D2:7E:CB:C8:97:0B:8F:02:2D:F3:AA
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE437E5F626A2209BCD97FB049FBC
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/mMs_dVOhpFLi0n7LyJcLjwIt86o.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/22 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 01 Feb 2024 10:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e4:37:e5:f6:26:a2:20:9b:cd:97:fb:04:9f:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98cb3f7553a1a452e2d27ecbc8970b8f022df3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:b1:47:eb:26:f1:95:e6:ed:d4:14:e1:92:
36:21:0d:11:e5:b0:88:aa:95:23:c7:b7:e1:83:72:
dd:46:40:da:86:e5:3e:75:a5:b5:1c:79:08:59:b1:
61:d5:5f:be:6e:a0:79:0a:8a:66:62:32:79:1d:69:
fb:a3:43:da:73:25:15:51:31:51:56:1b:c7:a2:60:
a2:e0:fe:df:98:2a:12:1e:01:15:91:58:0a:79:a7:
c4:ed:07:03:ed:00:d0:3c:98:8d:ec:a7:12:ff:e2:
1d:d2:86:b3:b7:7d:4b:51:8a:67:09:ee:e6:43:f5:
8f:66:97:eb:25:2c:b9:a2:9c:8c:48:b1:30:88:b1:
89:08:f4:ee:df:0b:fb:3c:b7:df:e5:f2:e8:c6:94:
59:93:2c:e0:c4:9f:9b:77:ea:4c:40:72:f2:4b:78:
94:f3:43:96:4e:0c:d2:57:54:ad:47:af:b6:4b:11:
b5:71:6b:04:58:80:8c:4a:8a:42:72:df:59:7d:5a:
62:ae:70:f3:92:cd:33:41:e6:27:c8:d2:7c:0c:15:
bf:48:16:28:3a:49:71:35:1b:e4:f7:5a:5c:58:99:
51:e7:de:88:17:ee:d7:14:27:85:65:b4:70:8c:ce:
a9:26:a7:b8:b2:36:52:b7:a1:75:39:7b:89:b7:39:
77:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CB:3F:75:53:A1:A4:52:E2:D2:7E:CB:C8:97:0B:8F:02:2D:F3:AA
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/mMs_dVOhpFLi0n7LyJcLjwIt86o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
45.86.124.0/22
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
8d:82:aa:97:5c:ef:89:df:20:4a:50:44:b5:32:03:c1:a0:5b:
cf:b1:c3:1b:67:32:a3:bd:3d:b9:eb:4a:b0:70:ac:7d:16:78:
87:8f:18:30:04:93:49:a1:b1:93:e5:7d:1b:54:f3:f1:d8:66:
84:ca:d7:f9:7d:7b:54:ac:46:35:90:dd:21:06:54:4c:43:89:
1b:29:fc:1a:d5:a6:87:d4:22:79:e7:86:32:74:82:ed:91:47:
bf:8d:2a:37:6a:cf:50:dc:d5:05:9a:8e:88:b7:bb:a9:90:d1:
cc:f2:e8:cc:08:b1:43:b8:b0:fb:74:b3:1d:47:e4:14:96:f8:
37:4d:a4:0b:0a:28:9e:f6:26:0c:16:c3:5d:53:6d:12:01:2e:
70:72:b5:51:25:3d:8e:2e:8e:9c:df:94:40:e2:4d:6b:4b:07:
d3:24:c8:02:7b:5b:44:bc:6e:98:a4:d4:23:82:20:79:26:d5:
c1:01:79:40:30:da:21:32:cd:fe:84:20:b2:cc:64:d9:c5:f5:
31:4c:20:1f:f7:3b:69:5b:09:91:4d:1c:63:17:c4:b7:80:dd:
1a:aa:3c:57:53:62:39:0c:52:65:32:08:d5:06:6c:f6:17:b7:
fd:21:eb:05:d5:f8:c1:88:20:f5:54:d6:71:56:d7:b8:52:02:
e5:e1:32:1d
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzGSuQ35fYmoiCbzZf7BJ+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGNiM2Y3NTUzYTFhNDUyZTJkMjdlY2JjODk3MGI4ZjAyMmRmM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr12xR+sm8ZXm7dQU4ZI2IQ0R5bCI
qpUjx7fhg3LdRkDahuU+daW1HHkIWbFh1V++bqB5CopmYjJ5HWn7o0PacyUVUTFR
VhvHomCi4P7fmCoSHgEVkVgKeafE7QcD7QDQPJiN7KcS/+Id0oazt31LUYpnCe7m
Q/WPZpfrJSy5opyMSLEwiLGJCPTu3wv7PLff5fLoxpRZkyzgxJ+bd+pMQHLyS3iU
80OWTgzSV1StR6+2SxG1cWsEWICMSopCct9ZfVpirnDzks0zQeYnyNJ8DBW/SBYo
OklxNRvk91pcWJlR596IF+7XFCeFZbRwjM6pJqe4sjZSt6F1OXuJtzl3IwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJjLP3VToaRS4tJ+y8iXC48CLfOqMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvbU1zX2RWT2hwRkxpMG43THlKY0xqd0l0ODZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAeBAIAATAYAwQBAjo0AwQB
BbTAAwQCLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABADBQAqCeHA
AwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAI2Cqpdc74nfIEpQRLUy
A8GgW8+xwxtnMqO9PbnrSrBwrH0WeIePGDAEk0mhsZPlfRtU8/HYZoTK1/l9e1Ss
RjWQ3SEGVExDiRsp/BrVpofUInnnhjJ0gu2RR7+NKjdqz1Dc1QWajoi3u6mQ0czy
6MwIsUO4sPt0sx1H5BSW+DdNpAsKKJ72JgwWw11TbRIBLnBytVElPY4ujpzflEDi
TWtLB9MkyAJ7W0S8bpik1COCIHkm1cEBeUAw2iEyzf6EILLMZNnF9TFMIB/3O2lb
CZFNHGMXxLeA3RqqPFdTYjkMUmUyCNUGbPYXt/0h6wXV+MGIIPVU1nFW17hSAuXh
Mh0=
-----END CERTIFICATE-----
Generated at Thu Feb 1 13:28:31 2024 by rpki-client on console-ams.rpki-client.org