Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Mf8Gi5e6rxtCh42l9Wevq84f9QU.roa
File: Mf8Gi5e6rxtCh42l9Wevq84f9QU.roa (raw, json)
Hash identifier: sTYJBw5SowxV9J6ivekib58hjwGeRwmMfmHfR7pEZmg=
Subject key identifier: 31:FF:06:8B:97:BA:AF:1B:42:87:8D:A5:F5:67:AF:AB:CE:1F:F5:05
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018FF4854E24DF607C187AD85472C3EBB303
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Mf8Gi5e6rxtCh42l9Wevq84f9QU.roa
Signing time: Fri 07 Jun 2024 21:05:27 +0000
ROA not before: Fri 07 Jun 2024 21:05:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:f900::/29 maxlen: 29
2a13:a440::/32 maxlen: 32
2a13:a441::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 08 Jun 2024 20:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f4:85:4e:24:df:60:7c:18:7a:d8:54:72:c3:eb:b3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 7 21:05:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ff068b97baaf1b42878da5f567afabce1ff505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9f:b0:b3:5b:da:ac:98:52:f2:06:17:7b:cf:
66:13:ee:40:ca:45:9c:a7:77:e6:9a:a2:48:1b:fb:
f7:f0:fc:df:fd:a1:a2:95:54:d8:aa:22:bb:bd:69:
23:ea:e0:e3:d0:5d:3b:fe:2f:9e:51:4b:ab:39:2e:
ea:86:a8:18:c7:57:1b:ba:ae:6d:72:ca:63:fc:ce:
98:2a:5f:09:c5:aa:67:5d:98:e0:d9:ef:8a:9a:92:
23:cf:46:e7:06:3a:47:63:a0:33:ca:68:b5:6b:bf:
2b:7c:08:cd:7d:12:94:6b:d5:9c:04:19:a5:9f:f2:
46:3e:5f:b0:53:c9:95:a1:4b:83:86:01:c0:b8:45:
28:c1:39:b3:9e:14:be:6b:e5:80:00:50:cd:95:b6:
d5:50:f3:84:1a:b2:1d:74:fe:ad:05:6e:2b:04:04:
f6:c3:91:ae:02:65:8e:c4:71:6e:4f:17:21:20:e1:
c3:e8:de:00:1f:c8:b1:ca:db:95:09:0f:9a:6e:77:
a9:6a:95:23:05:af:04:ed:14:66:f7:31:c6:f1:5d:
91:8b:09:7d:db:54:46:af:09:0b:67:72:a2:4a:25:
4a:ff:0d:7d:6c:fe:15:76:d9:94:08:6e:30:c8:54:
c5:ca:ae:01:75:c0:4d:83:37:aa:0d:7d:58:eb:6f:
4c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FF:06:8B:97:BA:AF:1B:42:87:8D:A5:F5:67:AF:AB:CE:1F:F5:05
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/Mf8Gi5e6rxtCh42l9Wevq84f9QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.107.0/24
45.131.0.0/23
45.141.148.0/24
45.147.44.0/24
77.83.200.0/22
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440::/31
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
10:9c:9f:d0:3e:82:40:cc:96:90:bd:21:8d:cf:71:a7:27:73:
3a:b9:bc:f8:a0:b7:6d:39:e8:3c:0c:6d:06:5a:3b:e1:8d:6e:
b6:f1:f4:f9:e5:bb:74:33:5c:de:30:b2:d8:44:ab:2c:1b:0c:
58:0f:e1:4b:83:a7:cb:9c:9f:c3:ed:59:90:ae:08:78:18:de:
c8:35:27:5f:2c:88:81:43:23:5d:00:b5:8e:05:bd:2f:a5:fb:
34:67:f0:64:3d:58:47:d3:09:09:fc:b9:5a:e0:d7:20:ce:26:
d8:95:d6:58:ef:0d:e0:44:3a:0b:23:d0:ea:78:7c:f4:80:f6:
2e:13:4d:ec:61:05:99:13:06:79:1d:9e:33:d9:11:e9:2e:fb:
1d:6a:df:f2:80:c1:87:34:ce:64:ab:2d:ca:0e:57:ab:04:51:
b4:f6:f8:86:1c:37:90:35:24:75:f6:2e:6f:64:bb:b1:ec:a2:
8c:75:25:38:fe:4d:39:30:43:02:40:bf:06:49:11:58:c2:ca:
65:cc:5f:9d:a4:88:52:66:03:1d:8e:38:83:e5:26:f4:f1:6d:
63:f3:eb:51:78:db:3c:d4:1b:d3:1c:5b:6e:f1:73:f8:97:11:
77:23:b0:60:d2:ec:34:68:de:15:bf:34:f6:5f:c4:cb:90:45:
d1:8f:2d:af
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAY/0hU4k32B8GHrYVHLD67MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNjA3MjEwNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZmMDY4Yjk3YmFhZjFiNDI4NzhkYTVmNTY3YWZhYmNlMWZmNTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ+ws1varJhS8gYXe89mE+5AykWc
p3fmmqJIG/v38Pzf/aGilVTYqiK7vWkj6uDj0F07/i+eUUurOS7qhqgYx1cbuq5t
cspj/M6YKl8JxapnXZjg2e+KmpIjz0bnBjpHY6Azymi1a78rfAjNfRKUa9WcBBml
n/JGPl+wU8mVoUuDhgHAuEUowTmznhS+a+WAAFDNlbbVUPOEGrIddP6tBW4rBAT2
w5GuAmWOxHFuTxchIOHD6N4AH8ixytuVCQ+abnepapUjBa8E7RRm9zHG8V2Riwl9
21RGrwkLZ3KiSiVK/w19bP4VdtmUCG4wyFTFyq4BdcBNgzeqDX1Y629MSQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFDH/BouXuq8bQoeNpfVnr6vOH/UFMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvTWY4R2k1ZTZyeHRDaDQybDlXZXZxODRmOVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBCBAIAATA8AwQABbRr
AwQBLYMAAwQALY2UAwQALZMsAwQCTVPIAwQAwnTkAwQBwnTsAwQAwpIaAwQAwpIk
AwQAwpIvMD4EAgACMDgDBQMqCYeAAwUDKg+3AAMFAyoP6QADBQMqD+sAAwUDKg/t
AAMFAyoP+QADBQEqE6RAAwUAKhOkRzANBgkqhkiG9w0BAQsFAAOCAQEAEJyf0D6C
QMyWkL0hjc9xpydzOrm8+KC3bTnoPAxtBlo74Y1utvH0+eW7dDNc3jCy2ESrLBsM
WA/hS4Ony5yfw+1ZkK4IeBjeyDUnXyyIgUMjXQC1jgW9L6X7NGfwZD1YR9MJCfy5
WuDXIM4m2JXWWO8N4EQ6CyPQ6nh89ID2LhNN7GEFmRMGeR2eM9kR6S77HWrf8oDB
hzTOZKstyg5XqwRRtPb4hhw3kDUkdfYub2S7seyijHUlOP5NOTBDAkC/BkkRWMLK
ZcxfnaSIUmYDHY44g+Um9PFtY/PrUXjbPNQb0xxbbvFz+JcRdyOwYNLsNGjeFb80
9l/Ey5BF0Y8trw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:49 2025 by rpki-client