Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/M82W7ExAz-2Gr9yIZ0mXHvuveBM.roa
File: M82W7ExAz-2Gr9yIZ0mXHvuveBM.roa (raw, json)
Hash identifier: gVWmM6xnDSLbOU1VtYw7gQvlOeIuTpdTyv0rpALcmQc=
Subject key identifier: 33:CD:96:EC:4C:40:CF:ED:86:AF:DC:88:67:49:97:1E:FB:AF:78:13
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0193466870F18BF90F928AE1BA7ACDFD52BF
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/M82W7ExAz-2Gr9yIZ0mXHvuveBM.roa
Signing time: Tue 19 Nov 2024 21:51:10 +0000
ROA not before: Tue 19 Nov 2024 21:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
89.106.0.0/19 maxlen: 24
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:68:70:f1:8b:f9:0f:92:8a:e1:ba:7a:cd:fd:52:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 19 21:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33cd96ec4c40cfed86afdc886749971efbaf7813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:ed:18:45:b7:06:2e:d4:0d:4a:7e:db:d3:
cf:62:98:41:f4:d2:12:d5:4a:a0:ef:c1:4d:f6:c9:
7b:2a:9d:74:17:19:72:a6:10:2e:92:80:7a:f1:24:
8d:04:57:d3:59:dd:2c:21:4b:c5:a8:2d:c5:e3:a5:
b5:78:17:6e:fb:56:65:c8:91:d5:a0:f2:e8:aa:af:
f7:25:9c:d1:b3:95:5c:62:d7:57:ed:5c:a9:47:c2:
79:85:15:df:3c:b7:f7:c1:03:fd:c4:6a:77:4c:87:
ee:85:63:5c:06:4b:08:7f:5e:78:13:4e:17:9e:36:
07:3a:de:0a:0a:0f:ca:22:11:72:9b:22:1c:5d:6f:
ac:64:2e:e8:ad:57:12:4e:a8:ca:17:44:4e:48:7b:
6d:02:44:a9:d1:ef:e5:81:b9:0f:90:d8:c0:a4:80:
7f:80:e6:07:16:1e:95:df:d9:27:39:f1:41:57:fa:
cb:92:f6:82:70:f5:6b:67:81:05:e8:66:e7:20:f6:
47:47:f1:2e:0e:5e:86:c3:f2:88:61:1c:d2:65:8d:
b7:e7:e3:d3:bb:ae:a8:f2:ef:e4:2c:38:ed:e6:79:
9f:d2:f0:26:df:ab:3c:41:fa:90:ec:2d:f4:d8:d3:
ab:40:d7:92:0b:fa:4f:8f:1d:a6:28:74:c5:84:95:
1c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CD:96:EC:4C:40:CF:ED:86:AF:DC:88:67:49:97:1E:FB:AF:78:13
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/M82W7ExAz-2Gr9yIZ0mXHvuveBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
89.106.0.0/19
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
86:16:f6:fe:2d:a2:06:2e:a1:b7:87:62:3b:e6:9c:20:6d:10:
32:4f:78:d0:0f:57:e9:5b:21:1d:70:c8:5f:4d:e5:91:7c:69:
68:13:d8:58:a7:83:c2:37:23:64:f4:d6:81:f7:e3:8f:92:10:
dc:4f:d1:c5:01:7a:ad:cd:b6:be:02:37:9f:68:42:8f:19:25:
33:bc:4f:ce:7e:73:5b:fa:53:94:88:32:b1:b1:d5:30:c8:f5:
39:31:2d:8a:2e:3f:9e:85:04:ac:d1:d4:24:17:78:db:ec:64:
8c:fd:39:86:4c:ef:8c:1f:d5:05:99:31:cf:e1:9e:96:4b:c3:
f8:a2:67:0c:79:63:3a:ad:77:55:35:4b:e7:be:94:be:11:f4:
5f:21:55:dc:5b:1a:85:f3:0b:a4:ea:d5:23:66:e5:f5:56:43:
ef:6e:6c:13:b7:0e:be:ef:96:54:dc:0e:8e:75:59:fb:c5:28:
b0:9e:02:c3:67:a9:8c:dd:4f:80:95:f9:27:73:9c:21:61:a5:
d8:b5:8d:51:27:20:77:ab:99:98:52:96:d3:c1:23:42:71:11:
65:0d:e0:05:08:2d:67:15:cb:ba:c1:5e:2d:2e:bd:1a:4b:bc:
d5:19:48:26:1a:dc:aa:7b:67:ca:66:34:81:a5:87:54:5d:76:
39:c9:d2:c3
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZNGaHDxi/kPkorhunrN/VK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMTE5MjE1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2NkOTZlYzRjNDBjZmVkODZhZmRjODg2NzQ5OTcxZWZiYWY3ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxLtGEW3Bi7UDUp+29PPYphB9NIS
1Uqg78FN9sl7Kp10FxlyphAukoB68SSNBFfTWd0sIUvFqC3F46W1eBdu+1ZlyJHV
oPLoqq/3JZzRs5VcYtdX7VypR8J5hRXfPLf3wQP9xGp3TIfuhWNcBksIf154E04X
njYHOt4KCg/KIhFymyIcXW+sZC7orVcSTqjKF0ROSHttAkSp0e/lgbkPkNjApIB/
gOYHFh6V39knOfFBV/rLkvaCcPVrZ4EF6GbnIPZHR/EuDl6Gw/KIYRzSZY235+PT
u66o8u/kLDjt5nmf0vAm36s8QfqQ7C302NOrQNeSC/pPjx2mKHTFhJUc2QIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFDPNluxMQM/thq/ciGdJlx77r3gTMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTTgyVzdFeEF6LTJHcjl5SVowbVhIdnV2ZUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLX/4AwQF
WWoAAwQCZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQC
wl0EMA0EAgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQCGFvb+LaIGLqG3
h2I75pwgbRAyT3jQD1fpWyEdcMhfTeWRfGloE9hYp4PCNyNk9NaB9+OPkhDcT9HF
AXqtzba+AjefaEKPGSUzvE/OfnNb+lOUiDKxsdUwyPU5MS2KLj+ehQSs0dQkF3jb
7GSM/TmGTO+MH9UFmTHP4Z6WS8P4omcMeWM6rXdVNUvnvpS+EfRfIVXcWxqF8wuk
6tUjZuX1VkPvbmwTtw6+75ZU3A6OdVn7xSiwngLDZ6mM3U+Alfknc5whYaXYtY1R
JyB3q5mYUpbTwSNCcRFlDeAFCC1nFcu6wV4tLr0aS7zVGUgmGtyqe2fKZjSBpYdU
XXY5ydLD
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org