Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/MtYOhA8Eazl0XBOaPf7HyAW_GpE.roa
File: MtYOhA8Eazl0XBOaPf7HyAW_GpE.roa (raw, json)
Hash identifier: TEpkRYQEbaihnqm7psD95ilc366T8GQc7ZbG27uYem0=
Subject key identifier: 32:D6:0E:84:0F:04:6B:39:74:5C:13:9A:3D:FE:C7:C8:05:BF:1A:91
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 018CEB188090CE555761DAD9B650556C5739
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/MtYOhA8Eazl0XBOaPf7HyAW_GpE.roa
Signing time: Mon 08 Jan 2024 22:01:40 +0000
ROA not before: Mon 08 Jan 2024 22:01:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 46.236.0.0/18 maxlen: 24
185.68.112.0/23 maxlen: 24
185.68.114.0/23 maxlen: 24
178.236.144.0/20 maxlen: 24
89.151.64.0/18 maxlen: 24
81.29.64.0/19 maxlen: 24
2a02:16f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:eb:18:80:90:ce:55:57:61:da:d9:b6:50:55:6c:57:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Jan 8 22:01:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32d60e840f046b39745c139a3dfec7c805bf1a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:49:8a:f3:65:13:b6:45:d1:87:f0:c6:89:b6:
46:10:33:29:f3:13:4b:45:b6:f9:25:fc:bc:26:b9:
47:97:9e:06:73:c4:85:c7:c4:63:51:fc:eb:a8:a5:
c1:cd:2c:7e:a3:0c:85:83:0e:02:72:6b:76:9a:82:
e1:80:2a:7b:7a:6f:62:97:51:a4:3c:62:4b:8c:f1:
01:51:ba:e8:ab:9d:18:ae:22:ce:18:ef:55:f3:fa:
95:5c:ed:ef:cf:fb:17:e1:5e:ea:0d:2a:29:64:11:
bc:9c:43:c6:33:b4:3c:f5:21:9c:6f:b3:0c:84:f2:
33:1d:04:ab:22:81:ee:7f:e5:02:7f:37:99:e6:4f:
e0:b9:77:28:47:5f:2e:05:65:1a:b1:67:56:7a:17:
2c:b0:95:6c:2d:01:37:fa:1b:b6:28:26:1c:02:eb:
f8:31:89:e4:76:7b:0e:1c:f9:42:2d:e8:69:20:84:
21:b5:48:66:97:b4:54:29:4b:bb:0a:ba:2d:06:29:
04:20:32:09:9f:87:35:d3:14:95:6a:bf:3f:7b:df:
b3:23:f9:94:61:87:ab:f4:33:01:8e:4a:c5:da:d1:
b6:1b:69:38:78:f4:a1:3a:b2:ea:03:4d:01:81:79:
b0:75:96:4a:da:0d:1a:0a:ae:6e:56:78:f2:ad:98:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D6:0E:84:0F:04:6B:39:74:5C:13:9A:3D:FE:C7:C8:05:BF:1A:91
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/MtYOhA8Eazl0XBOaPf7HyAW_GpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.0.0/18
81.29.64.0/19
89.151.64.0/18
178.236.144.0/20
185.68.112.0/22
IPv6:
2a02:16f8::/32
Signature Algorithm: sha256WithRSAEncryption
2c:02:ac:7b:68:b6:ba:f6:64:72:d0:c6:46:7d:ac:c3:51:8c:
a4:a0:0c:2d:de:59:70:d0:a0:b2:c5:bc:9e:46:66:67:40:f9:
73:cb:56:b5:58:01:f2:36:c9:57:24:03:d0:e0:b4:85:7e:d6:
ab:7d:22:69:f1:3a:6b:c0:b3:93:49:f4:40:8b:2e:be:03:70:
7c:60:81:ff:bf:93:bf:e7:8c:fc:1f:f6:d8:be:2d:aa:3b:da:
96:d1:35:96:62:1e:2f:52:74:36:6e:7d:c9:37:90:4b:e0:40:
91:3b:cf:76:4b:1e:41:38:d7:f3:d4:a0:57:5d:5e:61:ed:c0:
a9:dd:4a:86:59:bd:74:e5:c7:5d:3a:08:7f:11:0e:8c:2d:1e:
ed:8a:76:d7:21:a3:24:d0:ef:6f:e7:d5:52:f7:ed:51:c1:78:
c7:a9:21:e2:da:77:7c:3f:a6:83:29:8f:4c:e1:04:fb:b1:ce:
ff:e9:09:f7:b1:c2:a5:f8:10:84:37:52:82:d2:81:ba:07:95:
3b:7e:83:f4:dd:56:65:bb:7a:2c:6f:fc:a3:44:d1:4a:f3:14:
f4:3a:96:b3:f7:33:cd:1d:31:69:63:e3:b9:63:bc:f8:b3:d4:
86:11:18:4b:91:04:42:1c:91:f5:fa:c8:d0:94:0e:c4:c1:26:
f3:01:0e:88
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzrGICQzlVXYdrZtlBVbFc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjQwMTA4MjIwMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ2MGU4NDBmMDQ2YjM5NzQ1YzEzOWEzZGZlYzdjODA1YmYxYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUmK82UTtkXRh/DGibZGEDMp8xNL
Rbb5Jfy8JrlHl54Gc8SFx8RjUfzrqKXBzSx+owyFgw4Ccmt2moLhgCp7em9il1Gk
PGJLjPEBUbroq50YriLOGO9V8/qVXO3vz/sX4V7qDSopZBG8nEPGM7Q89SGcb7MM
hPIzHQSrIoHuf+UCfzeZ5k/guXcoR18uBWUasWdWehcssJVsLQE3+hu2KCYcAuv4
MYnkdnsOHPlCLehpIIQhtUhml7RUKUu7CrotBikEIDIJn4c10xSVar8/e9+zI/mU
YYer9DMBjkrF2tG2G2k4ePShOrLqA00BgXmwdZZK2g0aCq5uVnjyrZhfTwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDLWDoQPBGs5dFwTmj3+x8gFvxqRMB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvTXRZT2hBOEVhemwwWEJPYVBmN0h5QVdfR3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEtNzRmMGMzZTY2M2Ni
LzEvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGLuwAAwQF
UR1AAwQGWZdAAwQEsuyQAwQCuURwMA0EAgACMAcDBQAqAhb4MA0GCSqGSIb3DQEB
CwUAA4IBAQAsAqx7aLa69mRy0MZGfazDUYykoAwt3llw0KCyxbyeRmZnQPlzy1a1
WAHyNslXJAPQ4LSFftarfSJp8TprwLOTSfRAiy6+A3B8YIH/v5O/54z8H/bYvi2q
O9qW0TWWYh4vUnQ2bn3JN5BL4ECRO892Sx5BONfz1KBXXV5h7cCp3UqGWb105cdd
Ogh/EQ6MLR7tinbXIaMk0O9v59VS9+1RwXjHqSHi2nd8P6aDKY9M4QT7sc7/6Qn3
scKl+BCEN1KC0oG6B5U7foP03VZlu3osb/yjRNFK8xT0Opaz9zPNHTFpY+O5Y7z4
s9SGERhLkQRCHJH1+sjQlA7EwSbzAQ6I
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:04:26 2025 by rpki-client