Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/M-l6TPTS7r6pVma7VzO55UCKrHQ.roa
File: M-l6TPTS7r6pVma7VzO55UCKrHQ.roa (raw, json)
Hash identifier: XfJ7Q5znYR/lSbwduMiCI/N7atb1NDBecdqYS9X99EU=
Subject key identifier: 33:E9:7A:4C:F4:D2:EE:BE:A9:56:66:BB:57:33:B9:E5:40:8A:AC:74
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018A02EDAA9D37EFE3AEFC4E777E158E66EB
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/M-l6TPTS7r6pVma7VzO55UCKrHQ.roa
Signing time: Thu 17 Aug 2023 09:57:24 +0000
ROA not before: Thu 17 Aug 2023 09:57:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25255
IP address blocks: 46.220.0.0/16 maxlen: 16
91.141.0.0/20 maxlen: 20
91.141.0.0/17 maxlen: 17
194.24.128.0/19 maxlen: 19
178.112.0.0/14 maxlen: 14
178.115.128.0/20 maxlen: 20
94.245.192.0/24 maxlen: 24
94.245.192.0/18 maxlen: 18
77.116.0.0/14 maxlen: 14
77.119.128.0/20 maxlen: 20
213.94.64.0/21 maxlen: 21
109.126.64.0/18 maxlen: 18
213.94.64.0/18 maxlen: 18
213.94.78.0/24 maxlen: 24
213.94.76.0/24 maxlen: 24
213.94.77.0/24 maxlen: 24
91.141.32.0/19 maxlen: 19
91.141.64.0/20 maxlen: 20
81.3.192.0/24 maxlen: 24
81.3.192.0/18 maxlen: 18
213.94.79.0/24 maxlen: 24
213.94.80.0/22 maxlen: 22
77.119.160.0/20 maxlen: 20
213.94.96.0/21 maxlen: 21
213.94.95.0/24 maxlen: 24
77.119.192.0/19 maxlen: 19
178.165.192.0/20 maxlen: 20
178.115.64.0/20 maxlen: 20
81.3.201.0/24 maxlen: 24
178.165.128.0/17 maxlen: 17
178.165.128.0/20 maxlen: 20
178.165.160.0/19 maxlen: 19
178.115.32.0/19 maxlen: 19
2a02:2861:d::/48 maxlen: 48
2a02:2861::/32 maxlen: 32
2a02:2864::/30 maxlen: 30
2a02:2861:e::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Aug 2023 04:21:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:ed:aa:9d:37:ef:e3:ae:fc:4e:77:7e:15:8e:66:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Aug 17 09:57:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33e97a4cf4d2eebea95666bb5733b9e5408aac74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:77:8c:68:7a:6d:fc:c9:cb:ca:88:7e:f1:99:
d3:67:a7:8c:9a:3f:d6:e8:58:e0:02:2b:a2:b1:81:
f2:ec:a0:e0:87:55:90:e7:06:24:83:d4:8a:00:8d:
d7:5e:6e:af:b8:6d:be:71:e6:ab:19:15:9a:db:9f:
0a:6f:89:dc:06:0e:0b:f3:83:bf:b6:d6:e0:aa:54:
e1:1f:53:fa:c0:d3:e6:01:d4:6e:40:70:c9:c1:36:
04:db:74:6d:bc:3c:5a:f8:70:d5:5e:fe:a3:b0:56:
da:29:a6:df:47:2b:e7:35:ac:eb:ec:43:29:0c:28:
f2:ea:44:f7:e4:8f:16:69:cb:92:12:94:6e:58:86:
e4:36:82:01:a3:e4:41:92:b2:83:fa:58:98:63:8a:
34:d1:80:11:26:a3:b0:41:fe:29:aa:af:96:76:33:
e4:cb:ee:5e:63:04:ed:f4:79:61:26:ad:1c:20:1c:
45:15:2e:56:2f:96:8c:6a:43:06:33:c0:73:83:f9:
e8:b5:b9:25:f3:52:a1:5b:56:a1:85:0d:e4:81:0e:
ee:8e:32:4c:03:7a:75:ef:e1:fe:14:1c:25:3e:1f:
17:ca:9d:8c:64:36:3d:5b:72:b2:c3:e8:5b:55:7c:
d6:87:80:75:5d:de:f0:23:b5:e6:cb:35:6c:04:2f:
ca:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E9:7A:4C:F4:D2:EE:BE:A9:56:66:BB:57:33:B9:E5:40:8A:AC:74
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/M-l6TPTS7r6pVma7VzO55UCKrHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.220.0.0/16
77.116.0.0/14
81.3.192.0/18
91.141.0.0/17
94.245.192.0/18
109.126.64.0/18
178.112.0.0/14
178.165.128.0/17
194.24.128.0/19
213.94.64.0/18
IPv6:
2a02:2861::/32
2a02:2864::/30
Signature Algorithm: sha256WithRSAEncryption
65:b9:b6:21:38:4c:34:e6:cb:56:1c:c7:60:ae:b4:09:ab:21:
ee:2e:dd:ca:2e:74:75:3e:24:71:62:c0:66:b7:0c:20:e4:d3:
07:6d:e7:30:f7:5c:ec:bd:c1:ed:9e:f4:39:d4:9a:20:cf:a2:
8e:c6:39:1f:41:bd:e9:9e:98:22:c7:e5:dc:b9:44:c0:e1:b7:
89:f5:71:d7:68:82:20:08:f1:39:92:7b:f6:27:f2:db:1b:cf:
cd:e5:46:a7:ec:50:5c:d4:cd:af:6a:e6:be:be:2a:0b:2e:87:
72:39:ee:c7:11:1b:6f:be:4e:a5:64:75:83:b2:27:17:b0:92:
1f:6a:41:9b:28:48:3a:e5:f2:ee:60:b2:08:05:f9:39:42:a3:
52:26:ac:7a:69:f2:6d:70:64:5b:e3:a5:cd:7f:b7:7b:13:40:
59:51:e3:9b:6c:16:61:dd:c2:a1:92:9b:0e:c2:7b:af:dd:39:
c1:b2:65:9e:d0:51:51:b0:2d:01:09:f6:9e:1e:94:c7:f3:9c:
50:58:52:e3:a0:0a:36:8a:c2:ce:6c:ac:2b:1e:df:4e:fc:45:
91:50:6f:65:21:a9:82:27:bb:a4:bf:60:05:0e:50:ae:bd:7a:
ad:5a:d8:43:ea:07:b5:22:8f:d7:98:fc:5f:ea:ef:b0:e8:ea:
dd:e4:b7:56
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYoC7aqdN+/jrvxOd34VjmbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjMwODE3MDk1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U5N2E0Y2Y0ZDJlZWJlYTk1NjY2YmI1NzMzYjllNTQwOGFhYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHeMaHpt/MnLyoh+8ZnTZ6eMmj/W
6FjgAiuisYHy7KDgh1WQ5wYkg9SKAI3XXm6vuG2+cearGRWa258Kb4ncBg4L84O/
ttbgqlThH1P6wNPmAdRuQHDJwTYE23RtvDxa+HDVXv6jsFbaKabfRyvnNazr7EMp
DCjy6kT35I8WacuSEpRuWIbkNoIBo+RBkrKD+liYY4o00YARJqOwQf4pqq+WdjPk
y+5eYwTt9HlhJq0cIBxFFS5WL5aMakMGM8Bzg/notbkl81KhW1ahhQ3kgQ7ujjJM
A3p17+H+FBwlPh8Xyp2MZDY9W3Kyw+hbVXzWh4B1Xd7wI7XmyzVsBC/KqwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFDPpekz00u6+qVZmu1czueVAiqx0MB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvTS1sNlRQVFM3cjZwVm1hN1Z6TzU1VUNLckhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzA/BAIAATA5AwMALtwDAwJN
dAMEBlEDwAMEB1uNAAMEBl71wAMEBm1+QAMDArJwAwQHsqWAAwQFwhiAAwQG1V5A
MBQEAgACMA4DBQAqAihhAwUCKgIoZDANBgkqhkiG9w0BAQsFAAOCAQEAZbm2IThM
NObLVhzHYK60Cash7i7dyi50dT4kcWLAZrcMIOTTB23nMPdc7L3B7Z70OdSaIM+i
jsY5H0G96Z6YIsfl3LlEwOG3ifVx12iCIAjxOZJ79ify2xvPzeVGp+xQXNTNr2rm
vr4qCy6HcjnuxxEbb75OpWR1g7InF7CSH2pBmyhIOuXy7mCyCAX5OUKjUiasemny
bXBkW+OlzX+3exNAWVHjm2wWYd3CoZKbDsJ7r905wbJlntBRUbAtAQn2nh6Ux/Oc
UFhS46AKNorCzmysKx7fTvxFkVBvZSGpgie7pL9gBQ5Qrr16rVrYQ+oHtSKP15j8
X+rvsOjq3eS3Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:39 2024 by rpki-client on console-ams.rpki-client.org