Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mTlBzQNAe9-mZFrAYhzJpfKUM04.roa
File: mTlBzQNAe9-mZFrAYhzJpfKUM04.roa (raw, json)
Hash identifier: MCm8C3snG/TwawGAN8qi54yRR2O2C7HVGpSb0CaQA50=
Subject key identifier: 99:39:41:CD:03:40:7B:DF:A6:64:5A:C0:62:1C:C9:A5:F2:94:33:4E
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0189AC7357B9907C0850A174413758193212
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mTlBzQNAe9-mZFrAYhzJpfKUM04.roa
Signing time: Mon 31 Jul 2023 14:56:27 +0000
ROA not before: Mon 31 Jul 2023 14:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 94.26.90.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 16:38:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:73:57:b9:90:7c:08:50:a1:74:41:37:58:19:32:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 31 14:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=993941cd03407bdfa6645ac0621cc9a5f294334e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:24:da:c6:4f:b4:3d:6c:d9:74:65:b0:7d:21:
dc:50:99:57:6a:47:7c:65:71:3c:54:42:5c:29:a0:
bf:9a:57:93:25:91:a5:bc:0c:a5:4a:00:4b:a6:eb:
7a:bb:3e:e5:a3:83:7c:25:c6:c4:99:87:50:31:67:
36:06:e5:c4:3b:d5:27:45:02:ff:15:c4:72:fb:10:
1e:7a:7b:63:17:75:bc:b1:90:02:6b:0f:65:39:b8:
18:a6:d9:a6:e2:c7:74:2f:65:bb:30:4d:84:9d:b8:
03:21:d8:45:86:cb:04:a0:41:1a:5f:2d:15:ad:25:
e1:27:f6:05:02:98:b9:05:8b:f0:68:7b:d1:29:6f:
3c:ea:db:ee:b1:a6:ec:dd:97:21:15:09:6c:f4:cf:
8a:e4:33:94:78:c4:c9:af:bf:16:6d:78:29:a2:9f:
db:4e:2b:6c:d4:6a:39:e9:b9:b2:09:f5:42:43:16:
c5:eb:47:c0:9a:0e:36:97:af:0c:58:42:eb:bb:72:
d1:f5:8d:b7:2c:6f:02:85:3b:cc:5e:20:ca:82:bf:
77:b7:6f:d1:3f:48:4d:42:eb:33:a3:79:24:40:f0:
6b:ab:87:d5:ec:02:35:4a:76:3d:87:27:d8:a7:95:
e6:26:ad:38:9e:55:29:f3:e8:d6:04:db:d3:13:d8:
7f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:39:41:CD:03:40:7B:DF:A6:64:5A:C0:62:1C:C9:A5:F2:94:33:4E
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/mTlBzQNAe9-mZFrAYhzJpfKUM04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
91.92.33.0/24
91.92.49.0/24
93.152.205.0-93.152.206.255
93.152.209.0/24
93.152.217.0/24
93.152.221.0/24
93.152.225.0/24
94.26.90.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:49:68:16:87:31:b4:e1:0d:fa:65:99:a9:46:86:72:a3:c5:
6f:b3:f5:a5:2c:b0:8d:46:35:ef:06:0f:e7:dc:0c:31:95:95:
5a:5b:90:6d:18:1e:b9:a5:79:13:d4:0f:ce:3f:54:1d:00:06:
36:87:44:d5:88:64:72:6c:3f:68:2b:ea:cf:8a:6a:03:25:36:
0d:1b:3f:79:3d:7b:7a:ef:de:ea:62:66:2a:c3:95:c4:8b:86:
c9:08:16:92:db:d1:87:a7:87:df:ea:95:45:da:8d:5b:c0:4e:
1c:df:02:2a:5e:73:fe:99:c3:96:b1:52:71:fa:98:7e:2d:d1:
a6:77:c5:40:15:85:b9:98:c3:f8:4d:a5:ca:0e:dc:ab:0f:77:
48:13:9f:05:b1:7a:53:a0:37:81:8c:06:29:22:54:7d:d6:19:
8a:70:80:42:c6:fa:d1:e8:c9:cd:83:50:46:4c:a7:9b:70:3d:
d3:64:18:9f:12:2f:41:a1:e5:fa:3b:1b:c9:31:7a:1f:71:73:
37:92:39:30:dc:5b:bf:f9:ba:26:3b:14:16:85:e0:f3:2a:80:
99:51:d4:11:1f:0f:80:5b:a3:be:37:97:9c:15:67:64:93:b0:
ba:6d:d4:11:6a:58:01:42:f9:ab:89:28:16:d2:c6:39:cc:52:
e7:89:f2:e7
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYmsc1e5kHwIUKF0QTdYGTISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzMxMTQ1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM5NDFjZDAzNDA3YmRmYTY2NDVhYzA2MjFjYzlhNWYyOTQzMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyTaxk+0PWzZdGWwfSHcUJlXakd8
ZXE8VEJcKaC/mleTJZGlvAylSgBLput6uz7lo4N8JcbEmYdQMWc2BuXEO9UnRQL/
FcRy+xAeentjF3W8sZACaw9lObgYptmm4sd0L2W7ME2EnbgDIdhFhssEoEEaXy0V
rSXhJ/YFApi5BYvwaHvRKW886tvusabs3ZchFQls9M+K5DOUeMTJr78WbXgpop/b
Tits1Go56bmyCfVCQxbF60fAmg42l68MWELru3LR9Y23LG8ChTvMXiDKgr93t2/R
P0hNQuszo3kkQPBrq4fV7AI1SnY9hyfYp5XmJq04nlUp8+jWBNvTE9h/GQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJk5Qc0DQHvfpmRawGIcyaXylDNOMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvbVRsQnpRTkFlOS1tWkZyQVloekpwZktVTTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQATp+DAwQA
W1whAwQAW1wxMAwDBABdmM0DBABdmM4DBABdmNEDBABdmNkDBABdmN0DBABdmOED
BABeGloDBADUZmswDQYJKoZIhvcNAQELBQADggEBAKZJaBaHMbThDfplmalGhnKj
xW+z9aUssI1GNe8GD+fcDDGVlVpbkG0YHrmleRPUD84/VB0ABjaHRNWIZHJsP2gr
6s+KagMlNg0bP3k9e3rv3upiZirDlcSLhskIFpLb0Yenh9/qlUXajVvAThzfAipe
c/6Zw5axUnH6mH4t0aZ3xUAVhbmYw/hNpcoO3KsPd0gTnwWxelOgN4GMBikiVH3W
GYpwgELG+tHoyc2DUEZMp5twPdNkGJ8SL0Gh5fo7G8kxeh9xczeSOTDcW7/5uiY7
FBaF4PMqgJlR1BEfD4Bbo743l5wVZ2STsLpt1BFqWAFC+auJKBbSxjnMUueJ8uc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:26 2024 by rpki-client on console-ams.rpki-client.org