Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MU6_pe5s8zG27Qpgyozfykk0Z24.roa
File: MU6_pe5s8zG27Qpgyozfykk0Z24.roa (raw, json)
Hash identifier: HOhfP98usEDLBe62FfyyrM81lzotN+K+qEHdJJAsmtw=
Subject key identifier: 31:4E:BF:A5:EE:6C:F3:31:B6:ED:0A:60:CA:8C:DF:CA:49:34:67:6E
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 018572311936DED6F7B376E4C6FE45C4AC5C
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MU6_pe5s8zG27Qpgyozfykk0Z24.roa
Signing time: Mon 02 Jan 2023 11:14:58 +0000
ROA not before: Mon 02 Jan 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28717
IP address blocks: 195.93.176.0/23 maxlen: 23
195.93.182.0/23 maxlen: 23
188.120.64.0/19 maxlen: 19
91.143.112.0/20 maxlen: 20
94.18.0.0/16 maxlen: 16
109.202.128.0/19 maxlen: 19
88.212.64.0/18 maxlen: 18
78.111.160.0/20 maxlen: 20
5.83.24.0/21 maxlen: 21
176.222.232.0/21 maxlen: 21
212.60.96.0/19 maxlen: 19
2a01:4f0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:19:36:de:d6:f7:b3:76:e4:c6:fe:45:c4:ac:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jan 2 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=314ebfa5ee6cf331b6ed0a60ca8cdfca4934676e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:03:5c:3d:4c:59:2d:51:b4:57:22:34:34:89:
31:8b:1c:c0:60:27:2c:dc:49:87:ff:79:64:c8:f7:
24:b8:71:a0:07:cb:a4:94:2e:fe:8f:7f:40:5f:44:
70:55:0e:86:c1:32:b9:84:ce:0a:60:0d:d7:65:5f:
1a:fe:6b:23:a1:8f:ce:da:6d:41:46:9a:dc:c1:59:
d9:a2:89:1d:4f:83:40:46:b6:04:7f:cb:cd:30:94:
01:82:c9:eb:b7:9e:63:68:8c:ac:27:ee:b2:c9:8c:
08:6e:92:54:8a:a6:e1:6d:a8:a4:68:e1:ce:05:79:
32:bf:22:3c:26:b4:90:38:39:f0:1a:23:d9:90:60:
23:4e:84:c6:b5:aa:74:95:ce:df:a5:1e:d6:39:e1:
b2:ae:c3:df:4c:32:75:f6:c3:21:55:a1:52:ff:b2:
d8:c3:46:8a:b5:a2:6a:7b:1a:7d:25:e1:d9:1f:d9:
a1:d1:a1:48:36:6c:b6:6b:08:d0:c3:eb:66:50:42:
39:27:fa:8f:72:e1:ba:d5:69:20:ce:d2:b4:7a:09:
65:c0:ef:c9:c5:e2:b6:a5:5a:a0:18:82:b6:05:c2:
00:0d:fa:1f:be:12:e9:ec:6d:89:34:7c:4e:cd:fb:
9f:3e:6c:07:52:1b:26:91:18:59:98:7c:4b:e1:03:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4E:BF:A5:EE:6C:F3:31:B6:ED:0A:60:CA:8C:DF:CA:49:34:67:6E
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MU6_pe5s8zG27Qpgyozfykk0Z24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.24.0/21
78.111.160.0/20
88.212.64.0/18
91.143.112.0/20
94.18.0.0/16
109.202.128.0/19
176.222.232.0/21
188.120.64.0/19
195.93.176.0/23
195.93.182.0/23
212.60.96.0/19
IPv6:
2a01:4f0::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0d:29:3e:8f:ff:e7:3a:18:76:e3:e6:c2:ef:27:7d:0b:ae:
0f:16:4f:01:0f:a5:98:8d:d6:a8:00:b3:6b:e9:13:b1:82:f9:
cb:22:73:12:be:1c:47:44:bf:6a:48:ff:47:70:af:33:68:94:
06:e9:74:f5:1c:9d:df:19:21:38:83:ad:90:26:1f:47:d2:fe:
3f:5b:0f:d0:5f:2a:2e:00:1f:ea:86:8e:9e:f0:62:b7:f2:73:
31:a5:20:0d:ef:47:08:2c:fd:8d:f0:aa:e8:b8:53:25:f7:b8:
7d:35:7d:8b:97:f7:f6:62:c7:15:2f:c3:50:d2:ae:8b:86:86:
55:17:2b:c6:d8:1b:83:f1:91:e8:21:99:83:c0:14:a3:e3:4d:
a9:b3:24:d3:90:0e:f5:7d:ca:b4:eb:df:e1:78:dd:63:65:47:
df:b9:f2:97:bb:4c:e3:13:77:46:d9:dc:af:77:2c:6f:af:44:
d4:ff:c4:72:cc:ec:bb:c4:81:89:1c:20:26:e5:8f:8c:04:e9:
22:5b:22:1c:4a:b3:38:6f:5a:de:08:56:8a:47:ad:f5:b1:e0:
6a:b1:de:ad:53:7e:dd:cb:88:c9:be:d4:19:6d:7b:85:32:dc:
c1:2e:f5:8a:6a:df:64:99:34:05:7d:16:f4:e6:53:2a:65:4f:
07:73:3d:f7
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYVyMRk23tb3s3bkxv5FxKxcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjMwMTAyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTRlYmZhNWVlNmNmMzMxYjZlZDBhNjBjYThjZGZjYTQ5MzQ2NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgNcPUxZLVG0VyI0NIkxixzAYCcs
3EmH/3lkyPckuHGgB8uklC7+j39AX0RwVQ6GwTK5hM4KYA3XZV8a/msjoY/O2m1B
RprcwVnZookdT4NARrYEf8vNMJQBgsnrt55jaIysJ+6yyYwIbpJUiqbhbaikaOHO
BXkyvyI8JrSQODnwGiPZkGAjToTGtap0lc7fpR7WOeGyrsPfTDJ19sMhVaFS/7LY
w0aKtaJqexp9JeHZH9mh0aFINmy2awjQw+tmUEI5J/qPcuG61WkgztK0egllwO/J
xeK2pVqgGIK2BcIADfofvhLp7G2JNHxOzfufPmwHUhsmkRhZmHxL4QM5AQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFDFOv6XubPMxtu0KYMqM38pJNGduMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvTVU2X3BlNXM4ekcyN1FwZ3lvemZ5a2swWjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQDBVMYAwQE
Tm+gAwQGWNRAAwQEW49wAwMAXhIDBAVtyoADBAOw3ugDBAW8eEADBAHDXbADBAHD
XbYDBAXUPGAwDQQCAAIwBwMFACoBBPAwDQYJKoZIhvcNAQELBQADggEBAB0NKT6P
/+c6GHbj5sLvJ30Lrg8WTwEPpZiN1qgAs2vpE7GC+csicxK+HEdEv2pI/0dwrzNo
lAbpdPUcnd8ZITiDrZAmH0fS/j9bD9BfKi4AH+qGjp7wYrfyczGlIA3vRwgs/Y3w
qui4UyX3uH01fYuX9/ZixxUvw1DSrouGhlUXK8bYG4PxkeghmYPAFKPjTamzJNOQ
DvV9yrTr3+F43WNlR9+58pe7TOMTd0bZ3K93LG+vRNT/xHLM7LvEgYkcICblj4wE
6SJbIhxKszhvWt4IVopHrfWx4Gqx3q1Tft3LiMm+1Blte4Uy3MEu9Ypq32SZNAV9
FvTmUyplTwdzPfc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:51 2024 by rpki-client on console-fra.rpki-client.org