Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mbongiLOt1gWKJNaJXIcY2fNgbk.roa
File: mbongiLOt1gWKJNaJXIcY2fNgbk.roa (raw, json)
Hash identifier: Q7K3DtNIBPFGAr00UzrkhD+MtyjJTHYLsya5lnOJQuo=
Subject key identifier: 99:BA:27:82:22:CE:B7:58:16:28:93:5A:25:72:1C:63:67:CD:81:B9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019034E5D16B6C3B0C81989060335EAAD7CC
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mbongiLOt1gWKJNaJXIcY2fNgbk.roa
Signing time: Thu 20 Jun 2024 09:06:34 +0000
ROA not before: Thu 20 Jun 2024 09:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.36.37.0/24 maxlen: 24
192.71.97.0/24 maxlen: 24
192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.181.0.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.220.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.68.194.0/23 maxlen: 23
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.168.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
194.132.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 15:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:34:e5:d1:6b:6c:3b:0c:81:98:90:60:33:5e:aa:d7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 20 09:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99ba278222ceb7581628935a25721c6367cd81b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ca:81:fc:57:36:4e:84:6e:59:2e:02:a9:1b:
21:69:b8:90:a8:78:f6:0a:96:42:ba:03:35:66:fd:
b3:e6:2c:91:f5:22:8d:d1:99:0b:13:4f:56:66:98:
75:5f:eb:77:be:62:2d:d3:75:1b:09:74:26:24:60:
d2:49:64:18:08:c9:8d:89:a8:b0:42:84:77:07:71:
c5:7a:9f:c5:32:a7:41:bf:8b:49:5c:5f:1e:45:7e:
c7:21:62:a6:11:d4:60:9e:6c:52:35:29:d2:3f:c5:
57:b9:4d:44:da:a2:a9:0f:14:7d:c5:53:dc:0a:02:
f0:6c:8e:7e:97:8c:d4:59:ab:08:86:a6:fa:3f:f8:
d4:2c:d4:34:39:de:11:80:e6:64:78:ce:07:4c:5d:
60:5a:50:3c:65:f9:0f:34:86:20:17:5a:6f:55:20:
df:1b:26:f5:67:85:ae:ee:a0:5a:a2:8a:42:96:38:
7c:d5:66:6f:28:c7:af:76:ff:36:06:1d:c4:2f:95:
ad:c7:f8:da:61:8b:76:75:69:26:d0:36:22:a5:46:
fc:31:77:36:5b:fe:17:f7:c8:c1:40:e3:27:5f:e0:
29:28:7e:4e:a4:82:d2:4d:01:5a:8d:29:50:26:84:
03:a8:bf:d7:7a:14:c0:36:82:f3:31:2a:4d:e7:1b:
bf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BA:27:82:22:CE:B7:58:16:28:93:5A:25:72:1C:63:67:CD:81:B9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/mbongiLOt1gWKJNaJXIcY2fNgbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.97.0/24
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.181.0.0/24
193.181.187.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.68.194.0/23
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.168.0/24
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/23
Signature Algorithm: sha256WithRSAEncryption
78:57:cf:f6:8e:ed:c4:9e:02:61:9f:91:42:3a:9d:3f:c0:41:
51:c2:f6:2b:e0:42:49:95:03:e3:61:72:5f:d4:ab:99:ca:3b:
03:3c:b9:18:dc:88:f1:c6:73:87:1e:0e:e3:73:47:4b:bb:ab:
f5:8e:aa:0b:b4:e3:26:79:cf:4a:c9:a7:ac:11:5b:d6:ea:60:
97:6f:3a:03:d7:dd:67:bb:67:7f:19:de:f2:7d:a7:96:e3:a7:
6c:6f:1b:0f:33:cc:1a:61:a1:eb:3c:54:0a:ff:d7:da:e2:55:
5a:92:88:e7:d1:72:da:a8:35:b0:f9:93:13:29:1d:d5:ca:61:
01:a3:c8:b6:1e:6c:fe:bf:7f:44:7f:1c:2e:15:4a:50:ea:88:
ab:61:18:c7:1a:16:69:19:0f:4e:8e:ae:25:20:0b:1a:b6:03:
90:9a:7d:57:c3:d0:04:26:9b:48:e4:c6:fa:ba:c2:c9:5a:2b:
7a:23:ee:33:51:11:2a:63:23:00:ea:5a:86:6b:a5:c0:5a:7e:
2b:a5:96:9b:d7:c8:c7:f0:a6:a8:72:be:41:43:9d:85:8a:d2:
b3:d3:e5:41:10:8d:41:41:87:6d:91:99:12:f7:4c:ee:13:96:
83:a5:cb:0e:0c:75:79:9d:49:46:ea:8c:72:ea:85:d7:75:47:
3f:1c:a4:1d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZA05dFrbDsMgZiQYDNeqtfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNjIwMDkwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJhMjc4MjIyY2ViNzU4MTYyODkzNWEyNTcyMWM2MzY3Y2Q4MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58qB/Fc2ToRuWS4CqRshabiQqHj2
CpZCugM1Zv2z5iyR9SKN0ZkLE09WZph1X+t3vmIt03UbCXQmJGDSSWQYCMmNiaiw
QoR3B3HFep/FMqdBv4tJXF8eRX7HIWKmEdRgnmxSNSnSP8VXuU1E2qKpDxR9xVPc
CgLwbI5+l4zUWasIhqb6P/jULNQ0Od4RgOZkeM4HTF1gWlA8ZfkPNIYgF1pvVSDf
Gyb1Z4Wu7qBaoopCljh81WZvKMevdv82Bh3EL5Wtx/jaYYt2dWkm0DYipUb8MXc2
W/4X98jBQOMnX+ApKH5OpILSTQFajSlQJoQDqL/XehTANoLzMSpN5xu/KwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFJm6J4IizrdYFiiTWiVyHGNnzYG5MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbWJvbmdpTE90MWdXS0pOYUpYSWNZMmZOZ2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBADA
JCUDBADAR2EDBADAR54DBADAeawDBADAecADBADBtD0DBADBtQADBADBtbsDBADB
t3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBADCDtQDBAHCRDgDBADCRGMDBADC
RH4DBAHCRMIDBADCRxsDBADCR1MDBAHCR4wDBADCR6gDBAPCR/gDBADCZzIDBAHC
hGwDBAHChK4wDQYJKoZIhvcNAQELBQADggEBAHhXz/aO7cSeAmGfkUI6nT/AQVHC
9ivgQkmVA+Nhcl/Uq5nKOwM8uRjciPHGc4ceDuNzR0u7q/WOqgu04yZ5z0rJp6wR
W9bqYJdvOgPX3We7Z38Z3vJ9p5bjp2xvGw8zzBphoes8VAr/19riVVqSiOfRctqo
NbD5kxMpHdXKYQGjyLYebP6/f0R/HC4VSlDqiKthGMcaFmkZD06OriUgCxq2A5Ca
fVfD0AQmm0jkxvq6wslaK3oj7jNRESpjIwDqWoZrpcBafiullpvXyMfwpqhyvkFD
nYWK0rPT5UEQjUFBh22RmRL3TO4TloOlyw4MdXmdSUbqjHLqhdd1Rz8cpB0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:41 2025 by rpki-client