Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/mBoRVaDxPY3oBRo4ZHfsI32lOOw.roa
File: mBoRVaDxPY3oBRo4ZHfsI32lOOw.roa (raw, json)
Hash identifier: /nPbZCpxKi/b7hLeHEamcYjGEqCoKpWVidlKTGYB9pM=
Subject key identifier: 98:1A:11:55:A0:F1:3D:8D:E8:05:1A:38:64:77:EC:23:7D:A5:38:EC
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 01856FF95A55BADA33FC821E916CF6FD198C
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/mBoRVaDxPY3oBRo4ZHfsI32lOOw.roa
Signing time: Mon 02 Jan 2023 00:54:50 +0000
ROA not before: Mon 02 Jan 2023 00:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29695
IP address blocks: 178.16.64.0/20 maxlen: 20
185.65.152.0/22 maxlen: 22
185.10.28.0/22 maxlen: 22
77.222.192.0/19 maxlen: 19
141.0.224.0/19 maxlen: 19
77.110.192.0/18 maxlen: 18
194.182.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 25 Jan 2023 22:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:5a:55:ba:da:33:fc:82:1e:91:6c:f6:fd:19:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: Jan 2 00:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981a1155a0f13d8de8051a386477ec237da538ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d3:30:b1:4d:2b:14:9f:83:76:c9:b5:e4:48:
f4:cc:21:9f:02:6a:8c:21:68:d5:fb:6f:4c:71:fc:
83:8c:df:1b:b1:b8:ca:ce:fc:45:54:d2:95:9d:23:
f2:48:3a:c5:45:90:11:92:c9:9b:fb:0b:87:e8:97:
ea:67:1a:83:05:6f:70:2a:1c:11:9c:27:20:e0:20:
ca:86:5c:e6:86:f2:0e:c3:89:5f:40:f8:21:61:ca:
a1:37:a0:f5:48:8d:90:ec:c7:cb:1d:9e:39:dd:eb:
96:b9:83:f4:3f:25:b3:8d:46:20:c8:3e:a9:8f:07:
50:2f:01:76:bc:b3:94:20:25:c8:58:8b:6f:f3:51:
7f:26:87:0d:89:71:c0:b4:07:7d:92:1c:aa:df:86:
30:e7:c8:8c:71:b4:c9:a5:35:45:61:9b:fc:95:58:
14:db:ac:ff:48:4e:e9:9e:04:f8:74:d9:82:b0:12:
d9:db:76:c1:ac:ad:f6:9c:f3:e6:cd:c9:98:26:0a:
ec:1b:3c:2f:83:63:9b:47:70:7b:74:fe:de:a7:a9:
aa:29:cb:cb:00:03:2f:b8:59:77:ef:0c:ae:43:10:
dc:c1:7d:a8:b5:d9:1e:8e:80:88:8e:00:08:45:dd:
37:0f:1a:48:e8:f5:4b:70:5c:28:ef:64:e2:71:6d:
8c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1A:11:55:A0:F1:3D:8D:E8:05:1A:38:64:77:EC:23:7D:A5:38:EC
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/mBoRVaDxPY3oBRo4ZHfsI32lOOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.192.0/18
77.222.192.0/19
141.0.224.0/19
178.16.64.0/20
185.10.28.0/22
185.65.152.0/22
194.182.224.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:25:d3:00:ce:9f:03:52:77:cb:8e:56:d6:c2:c3:e6:ba:f3:
28:2e:25:87:6f:a1:ff:76:40:c5:79:7d:6c:4f:85:a4:a0:bc:
98:b4:8d:80:45:25:07:1e:1a:8c:00:a6:9c:ba:5c:10:9b:82:
5c:c2:81:ac:6e:2c:cf:d6:31:e1:7c:b7:8d:7e:6e:56:b0:fc:
d3:ee:40:82:45:e0:b4:3f:91:8c:6c:44:e9:b7:eb:ea:1a:06:
db:92:56:7b:8f:16:f1:69:ef:32:66:a1:31:32:ab:f1:62:58:
09:b1:7a:30:8c:86:ef:32:29:9a:23:7f:2f:c8:3e:17:15:fb:
43:bb:01:75:2b:93:1a:f7:75:ae:0b:8a:e7:83:9b:b5:a1:7e:
df:cd:bb:4e:e6:85:f7:92:fb:27:f6:bf:1d:9e:4a:b2:80:6b:
d6:5a:31:a5:8e:11:38:df:8a:ca:0d:a5:15:fd:b9:fc:b4:90:
82:46:6a:eb:17:eb:18:86:31:c0:ab:87:a5:86:2f:b0:84:9b:
82:b7:97:9a:b6:dd:58:0a:34:de:1c:a6:32:40:e6:1a:9b:73:
3b:7a:55:a9:35:46:95:2b:14:1a:cf:54:c9:1d:3c:fc:b5:eb:
83:62:3c:4f:99:45:60:d5:ca:1d:1b:d5:c0:af:93:e9:a1:44:
ad:c1:7b:0c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVv+VpVutoz/IIekWz2/RmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDU0MjMyM2MwZTMwNTFjOWM3YmI4ZWQxZDFlOGFjZmQz
ZGI4MzQwHhcNMjMwMTAyMDA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFhMTE1NWEwZjEzZDhkZTgwNTFhMzg2NDc3ZWMyMzdkYTUzOGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNMwsU0rFJ+Ddsm15Ej0zCGfAmqM
IWjV+29McfyDjN8bsbjKzvxFVNKVnSPySDrFRZARksmb+wuH6JfqZxqDBW9wKhwR
nCcg4CDKhlzmhvIOw4lfQPghYcqhN6D1SI2Q7MfLHZ453euWuYP0PyWzjUYgyD6p
jwdQLwF2vLOUICXIWItv81F/JocNiXHAtAd9khyq34Yw58iMcbTJpTVFYZv8lVgU
26z/SE7pngT4dNmCsBLZ23bBrK32nPPmzcmYJgrsGzwvg2ObR3B7dP7ep6mqKcvL
AAMvuFl37wyuQxDcwX2otdkejoCIjgAIRd03DxpI6PVLcFwo72TicW2MvQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJgaEVWg8T2N6AUaOGR37CN9pTjsMB8GA1UdIwQY
MBaAFIbVQjI8DjBRyce7jtHR6Kz9Pbg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgt
NzBkYWQ1MWU3M2ZiLzEvbUJvUlZhRHhQWTNvQlJvNFpIZnNJMzJsT093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgtNzBkYWQ1MWU3M2Zi
LzEvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQGTW7AAwQF
Td7AAwQFjQDgAwQEshBAAwQCuQocAwQCuUGYAwQDwrbgMA0GCSqGSIb3DQEBCwUA
A4IBAQBrJdMAzp8DUnfLjlbWwsPmuvMoLiWHb6H/dkDFeX1sT4WkoLyYtI2ARSUH
HhqMAKaculwQm4JcwoGsbizP1jHhfLeNfm5WsPzT7kCCReC0P5GMbETpt+vqGgbb
klZ7jxbxae8yZqExMqvxYlgJsXowjIbvMimaI38vyD4XFftDuwF1K5Ma93WuC4rn
g5u1oX7fzbtO5oX3kvsn9r8dnkqygGvWWjGljhE434rKDaUV/bn8tJCCRmrrF+sY
hjHAq4elhi+whJuCt5eatt1YCjTeHKYyQOYam3M7elWpNUaVKxQaz1TJHTz8teuD
YjxPmUVg1codG9XAr5PpoUStwXsM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org