Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MnOf0y-oTRIC6WwlsR4hSrfjSSE.roa
File: MnOf0y-oTRIC6WwlsR4hSrfjSSE.roa (raw, json)
Hash identifier: l/zyWc1ieR2BQldcB/JFnXu4KWuoxNTwiU51jLfVpOM=
Subject key identifier: 32:73:9F:D3:2F:A8:4D:12:02:E9:6C:25:B1:1E:21:4A:B7:E3:49:21
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018DA63587E220CA1957068E2350EF3070DF
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MnOf0y-oTRIC6WwlsR4hSrfjSSE.roa
Signing time: Wed 14 Feb 2024 06:02:22 +0000
ROA not before: Wed 14 Feb 2024 06:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
109.205.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Mar 2024 07:46:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a6:35:87:e2:20:ca:19:57:06:8e:23:50:ef:30:70:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 14 06:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32739fd32fa84d1202e96c25b11e214ab7e34921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d5:93:b3:43:9e:bb:dc:8b:36:25:f8:73:a2:
0a:a9:5e:91:64:2c:e4:da:5c:02:69:e5:85:51:42:
74:d8:2d:7d:9b:73:26:b9:0f:fa:f0:da:86:d3:06:
36:8c:63:e6:93:81:1b:1f:47:2a:4d:8e:02:72:62:
3d:a9:6b:1e:75:22:ad:d8:4c:d9:31:f6:a1:57:54:
c4:c0:74:db:ab:26:d4:6a:a5:ee:5b:e8:c7:44:1a:
e3:04:c1:e6:f3:fd:e2:c0:4f:6f:d9:78:d2:af:9a:
97:71:c3:28:bd:90:4b:d9:cf:cb:96:75:5d:4b:67:
d9:4a:87:13:84:87:98:b6:ed:5e:c1:88:8a:82:42:
6f:e7:ac:96:ce:1c:a8:7a:96:2d:a3:80:7a:35:3c:
78:6f:45:92:b0:92:fb:33:5d:8c:34:7a:35:18:66:
9c:e9:a9:b8:18:b3:2f:8f:0c:78:f7:f0:0a:eb:94:
c4:14:fd:5a:92:f0:e0:b0:6e:20:40:a3:b4:7d:bd:
68:50:d1:18:5c:52:4d:33:91:98:7b:fe:7c:37:c9:
f5:81:14:16:e5:2f:e9:21:db:4f:84:24:44:33:ed:
ad:49:86:dd:e8:4a:04:66:5f:b5:9e:c9:e4:2b:5d:
1a:38:15:dc:bb:66:77:52:97:e6:e4:8b:18:5c:35:
c6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:73:9F:D3:2F:A8:4D:12:02:E9:6C:25:B1:1E:21:4A:B7:E3:49:21
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MnOf0y-oTRIC6WwlsR4hSrfjSSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.100.0/22
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
77:24:55:b1:ef:87:c6:4c:0b:78:84:7c:eb:6d:58:ed:29:4a:
5f:da:ff:54:9a:14:76:d6:51:25:7d:a5:8e:8f:39:ad:c4:37:
04:c2:a4:1d:8b:f9:17:3b:20:29:4e:7d:90:9c:14:e7:60:54:
7c:47:4e:ad:c6:df:19:bc:a6:43:df:93:76:b3:fb:cc:d8:fe:
b6:5c:0e:f9:c5:de:0f:36:2e:a1:cd:88:2e:2e:fd:b1:29:9c:
48:4d:08:14:fe:25:5c:74:ce:56:b9:40:bc:3a:84:da:45:65:
c1:c9:b6:f7:d4:18:57:d7:41:90:39:ad:98:32:2e:96:28:ce:
df:14:44:50:b1:81:90:8d:41:b8:90:ba:f9:03:59:b6:83:ab:
39:d0:48:dd:7f:00:e2:78:68:78:e6:61:aa:16:74:af:5f:e5:
3c:b8:2f:6e:14:1f:b0:36:6c:ff:c7:d7:35:70:69:4b:2d:58:
ea:d1:6c:9b:f9:9a:1a:14:19:5c:a2:1d:a8:ac:cb:f1:91:1e:
5d:51:62:f6:38:e6:e4:14:70:03:ec:ac:ac:e3:4f:d5:30:79:
b7:79:ab:c3:7d:70:0f:b4:81:c6:87:e5:ca:64:d0:a1:a5:5e:
a4:18:ab:0a:1a:45:fe:87:88:55:cb:fd:25:a3:72:e5:49:ef:
15:2b:a4:d4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2mNYfiIMoZVwaOI1DvMHDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMjE0MDYwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjczOWZkMzJmYTg0ZDEyMDJlOTZjMjViMTFlMjE0YWI3ZTM0OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9WTs0Oeu9yLNiX4c6IKqV6RZCzk
2lwCaeWFUUJ02C19m3MmuQ/68NqG0wY2jGPmk4EbH0cqTY4CcmI9qWsedSKt2EzZ
MfahV1TEwHTbqybUaqXuW+jHRBrjBMHm8/3iwE9v2XjSr5qXccMovZBL2c/LlnVd
S2fZSocThIeYtu1ewYiKgkJv56yWzhyoepYto4B6NTx4b0WSsJL7M12MNHo1GGac
6am4GLMvjwx49/AK65TEFP1akvDgsG4gQKO0fb1oUNEYXFJNM5GYe/58N8n1gRQW
5S/pIdtPhCREM+2tSYbd6EoEZl+1nsnkK10aOBXcu2Z3Upfm5IsYXDXGiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDJzn9MvqE0SAulsJbEeIUq340khMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTW5PZjB5LW9UUklDNld3bHNSNGhTcmZqU1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbIDAwQA
LhdgAwQALhdiAwQCLhdkAwQAbc3UMA0GCSqGSIb3DQEBCwUAA4IBAQB3JFWx74fG
TAt4hHzrbVjtKUpf2v9UmhR21lElfaWOjzmtxDcEwqQdi/kXOyApTn2QnBTnYFR8
R06txt8ZvKZD35N2s/vM2P62XA75xd4PNi6hzYguLv2xKZxITQgU/iVcdM5WuUC8
OoTaRWXBybb31BhX10GQOa2YMi6WKM7fFERQsYGQjUG4kLr5A1m2g6s50EjdfwDi
eGh45mGqFnSvX+U8uC9uFB+wNmz/x9c1cGlLLVjq0Wyb+ZoaFBlcoh2orMvxkR5d
UWL2OObkFHAD7Kys40/VMHm3eavDfXAPtIHGh+XKZNChpV6kGKsKGkX+h4hVy/0l
o3LlSe8VK6TU
Generated at Fri Mar 15 10:42:52 2024 by rpki-client on console-fra.rpki-client.org