Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/MkTwmR1eg3VbzEx3yUOJO05xebo.roa
File: MkTwmR1eg3VbzEx3yUOJO05xebo.roa (raw, json)
Hash identifier: Pl1AmfWWi8Ep6R6koTtqFTYVd8FTA1bfxNjPGq/Erxo=
Subject key identifier: 32:44:F0:99:1D:5E:83:75:5B:CC:4C:77:C9:43:89:3B:4E:71:79:BA
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 018E36C8FC48B897964CA80F65D49100B846
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/MkTwmR1eg3VbzEx3yUOJO05xebo.roa
Signing time: Wed 13 Mar 2024 07:48:45 +0000
ROA not before: Wed 13 Mar 2024 07:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205585
IP address blocks: 185.143.232.0/22 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.234.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c6:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 03 Apr 2024 12:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:c8:fc:48:b8:97:96:4c:a8:0f:65:d4:91:00:b8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Mar 13 07:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3244f0991d5e83755bcc4c77c943893b4e7179ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7a:9c:d4:d3:2d:b1:3b:49:f9:2f:86:25:50:
a3:08:80:0d:37:73:2e:e8:56:12:f6:e2:be:9c:04:
5b:44:fc:26:91:f8:d7:08:dd:3a:e3:b8:4a:93:b5:
0c:ec:71:f0:46:44:5c:d9:81:83:dc:15:de:89:4d:
2e:1a:f9:12:c5:bf:db:09:25:f4:3c:95:8a:97:a2:
ff:53:7f:99:14:e2:9d:25:24:f1:f5:d4:aa:a8:97:
ce:5d:eb:ae:80:c6:d6:7e:9b:b4:e6:ce:67:4a:26:
d1:8a:c0:16:23:1f:d2:fa:5d:9b:ff:fb:f3:94:41:
27:42:9d:27:8a:19:a8:7f:37:52:8e:00:dc:c2:8e:
f0:51:46:a6:53:ed:94:16:b2:8d:a9:ee:01:4b:a3:
b4:99:00:47:30:b7:a8:a1:f3:f3:fc:8b:02:e9:73:
50:dc:e4:97:8a:8b:4b:6f:1b:a4:41:ff:b5:99:74:
a3:86:3d:ef:f9:91:5c:81:3d:24:7b:d2:e6:77:63:
e3:63:50:14:53:a5:53:65:00:fc:44:e6:13:e5:d1:
08:e0:45:ff:70:7c:8b:20:02:2a:b2:99:ea:a9:ef:
b0:10:7b:c2:db:56:73:06:b7:01:f5:35:f8:0b:13:
2f:ad:70:84:70:83:8b:9a:ca:45:37:16:09:87:50:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:44:F0:99:1D:5E:83:75:5B:CC:4C:77:C9:43:89:3B:4E:71:79:BA
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/MkTwmR1eg3VbzEx3yUOJO05xebo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/46
2a0c:a7c6:4::/48
Signature Algorithm: sha256WithRSAEncryption
69:58:c3:bb:92:38:55:7f:8e:55:3f:39:fc:59:35:f4:48:7c:
ac:46:79:d2:d7:7d:c9:90:61:08:04:16:84:f1:70:db:45:bf:
71:50:f8:2e:7a:89:f3:57:bd:dc:2a:3d:dd:f3:80:ff:1e:c2:
70:6c:6a:12:99:e3:90:90:f3:eb:89:cf:3b:1d:a2:18:96:a4:
47:c5:8c:8e:2b:c3:78:78:69:a6:ed:6d:56:7e:68:c4:df:05:
84:48:2f:0a:b7:37:e8:7f:9d:84:06:b8:a9:38:46:c3:c2:a5:
41:cb:e0:15:a8:90:98:25:9c:1e:33:02:6c:95:22:bd:86:82:
df:8e:be:99:14:1f:94:cf:43:a3:40:bb:0f:9a:0a:f3:26:7f:
85:75:5a:03:e4:b7:d4:aa:b4:87:d7:00:60:b4:96:d6:8b:82:
86:19:dd:d7:6e:13:cf:1b:ad:0b:c4:7a:a2:d1:40:b2:80:8e:
3f:be:35:80:0b:65:54:da:4b:b7:96:76:8c:39:2f:58:13:aa:
05:f0:19:18:16:bc:32:8b:f9:68:3f:39:79:4f:9d:58:0d:07:
b0:4c:be:76:8f:5f:ec:43:11:a8:2f:75:e2:7a:7d:fb:5d:53:
7c:81:0d:e7:27:bf:85:22:01:4b:98:8c:10:1b:e8:85:cc:1f:
53:df:57:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY42yPxIuJeWTKgPZdSRALhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQwMzEzMDc0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ0ZjA5OTFkNWU4Mzc1NWJjYzRjNzdjOTQzODkzYjRlNzE3OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nqc1NMtsTtJ+S+GJVCjCIANN3Mu
6FYS9uK+nARbRPwmkfjXCN0647hKk7UM7HHwRkRc2YGD3BXeiU0uGvkSxb/bCSX0
PJWKl6L/U3+ZFOKdJSTx9dSqqJfOXeuugMbWfpu05s5nSibRisAWIx/S+l2b//vz
lEEnQp0nihmofzdSjgDcwo7wUUamU+2UFrKNqe4BS6O0mQBHMLeoofPz/IsC6XNQ
3OSXiotLbxukQf+1mXSjhj3v+ZFcgT0ke9Lmd2PjY1AUU6VTZQD8ROYT5dEI4EX/
cHyLIAIqspnqqe+wEHvC21ZzBrcB9TX4CxMvrXCEcIOLmspFNxYJh1AbDwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDJE8JkdXoN1W8xMd8lDiTtOcXm6MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvTWtUd21SMWVnM1ZiekV4M3lVT0pPMDV4ZWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCuY/oAwQA
udziMBgEAgACMBIDBwIqDKfAAAADBwAqDKfGAAQwDQYJKoZIhvcNAQELBQADggEB
AGlYw7uSOFV/jlU/OfxZNfRIfKxGedLXfcmQYQgEFoTxcNtFv3FQ+C56ifNXvdwq
Pd3zgP8ewnBsahKZ45CQ8+uJzzsdohiWpEfFjI4rw3h4aabtbVZ+aMTfBYRILwq3
N+h/nYQGuKk4RsPCpUHL4BWokJglnB4zAmyVIr2Ggt+OvpkUH5TPQ6NAuw+aCvMm
f4V1WgPkt9SqtIfXAGC0ltaLgoYZ3dduE88brQvEeqLRQLKAjj++NYALZVTaS7eW
dow5L1gTqgXwGRgWvDKL+Wg/OXlPnVgNB7BMvnaPX+xDEagvdeJ6fftdU3yBDecn
v4UiAUuYjBAb6IXMH1PfVwc=
-----END CERTIFICATE-----
Generated at Wed Apr 3 16:48:16 2024 by rpki-client on console-ams.rpki-client.org