Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/M4cKFHPMcYNss4MIW-R2EGrw7RQ.roa
File: M4cKFHPMcYNss4MIW-R2EGrw7RQ.roa (raw, json)
Hash identifier: +F8w99jDTtNLigyHGJgqPGOXeKzT+wl7XtpBXsO1StI=
Subject key identifier: 33:87:0A:14:73:CC:71:83:6C:B3:83:08:5B:E4:76:10:6A:F0:ED:14
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 018CC6B7826E9553DBBEF0E8C4A5428D9465
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/M4cKFHPMcYNss4MIW-R2EGrw7RQ.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6848
IP address blocks: 195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
188.188.0.0/15 maxlen: 15
78.29.192.0/18 maxlen: 18
213.132.128.0/19 maxlen: 19
81.82.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
141.134.0.0/15 maxlen: 15
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
185.30.52.0/22 maxlen: 22
78.20.0.0/14 maxlen: 14
178.116.0.0/14 maxlen: 14
5.23.128.0/17 maxlen: 17
188.95.146.0/23 maxlen: 23
212.88.224.0/19 maxlen: 19
85.28.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
83.217.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.251.64.0/18 maxlen: 18
185.23.244.0/22 maxlen: 22
213.224.0.0/16 maxlen: 16
157.173.128.0/18 maxlen: 18
217.168.120.0/21 maxlen: 21
212.123.0.0/19 maxlen: 19
82.143.64.0/18 maxlen: 18
94.224.0.0/14 maxlen: 14
213.118.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
195.130.128.0/19 maxlen: 19
217.72.224.0/20 maxlen: 20
188.44.64.0/19 maxlen: 19
185.248.41.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
2a02:1800::/24 maxlen: 24
2a00:1cf8::/32 maxlen: 32
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Mar 2024 13:03:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:82:6e:95:53:db:be:f0:e8:c4:a5:42:8d:94:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33870a1473cc71836cb383085be476106af0ed14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2e:a8:05:e7:57:64:55:d1:7e:da:b1:ea:02:
46:76:52:b4:54:fb:87:af:5f:65:7b:df:89:6b:60:
92:e6:11:3a:6f:9d:ad:e1:ef:cc:dd:4c:4f:2a:23:
10:49:8b:6e:77:53:0b:d9:75:91:7e:63:3a:97:4d:
db:47:27:a7:c4:43:60:a0:3d:68:0b:57:ca:87:dc:
52:b2:49:8f:03:81:36:e9:7d:5b:01:01:87:f0:99:
b0:8e:94:63:30:c9:3c:62:ce:23:58:ae:a3:be:3e:
dc:f8:69:b2:7e:7b:04:88:8d:3c:5e:64:47:f8:62:
99:df:42:d8:5d:72:24:ff:86:0e:5d:be:a4:63:6b:
27:00:9b:d3:f7:75:05:72:03:46:a4:e7:c8:99:b1:
ac:94:f7:38:56:60:59:82:0a:60:e6:22:f2:ae:76:
c4:22:f6:fb:dd:49:ba:9d:a9:a6:14:68:2a:64:53:
c4:52:a8:9d:6e:d1:7f:18:ff:e1:da:ce:60:e7:af:
63:b4:3a:17:8b:e0:bb:ce:cb:29:6f:f5:f9:df:d8:
b0:19:2c:57:34:e9:7b:8d:ad:31:b2:69:89:68:a1:
3a:cb:ea:c7:2a:4e:bc:ec:29:1a:76:a3:28:65:ea:
4f:83:38:da:25:c6:07:3d:f2:46:0f:19:b6:d1:ff:
1e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:87:0A:14:73:CC:71:83:6C:B3:83:08:5B:E4:76:10:6A:F0:ED:14
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/M4cKFHPMcYNss4MIW-R2EGrw7RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
73:1a:59:8f:af:2c:af:d9:df:ea:9b:c0:a0:88:88:98:6c:96:
d3:34:3c:7b:2d:53:22:9f:08:39:58:c6:22:48:45:2a:8c:75:
36:4d:cb:98:a6:b7:f1:87:b0:30:ca:ea:96:53:08:cf:4f:91:
60:4e:ec:0b:df:95:cd:fb:8e:51:e3:2d:4d:02:bd:99:84:1b:
4f:53:94:56:42:2a:d6:9a:7b:e6:94:02:3c:fb:b0:a6:94:e9:
54:ed:46:6c:bf:8d:78:6b:c0:30:50:70:4c:9e:02:02:1b:89:
4b:4e:31:98:88:f6:8e:fb:65:65:16:49:4b:c3:e1:b7:11:62:
b6:dd:96:1d:94:75:7b:da:c0:e6:ca:ca:87:87:92:ec:6f:65:
8b:4f:1d:ff:6f:cb:d9:3e:8a:80:96:03:78:f0:af:68:49:fe:
95:df:8f:af:57:15:82:c7:c6:fa:cf:ec:28:19:18:18:29:f6:
81:94:3d:da:25:b1:54:bf:fb:32:b3:cb:6c:c4:74:84:5f:6a:
be:6d:f9:bd:9a:4f:07:cf:cb:41:c3:53:18:28:0c:c8:95:34:
ab:47:92:64:79:f2:f3:60:f5:15:46:fb:9a:98:16:43:1a:ed:
f8:14:fc:a6:0e:b5:12:85:08:0b:51:46:df:b6:45:3c:fe:35:
a1:db:a6:56
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAYzGt4JulVPbvvDoxKVCjZRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzg3MGExNDczY2M3MTgzNmNiMzgzMDg1YmU0NzYxMDZhZjBlZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS6oBedXZFXRftqx6gJGdlK0VPuH
r19le9+Ja2CS5hE6b52t4e/M3UxPKiMQSYtud1ML2XWRfmM6l03bRyenxENgoD1o
C1fKh9xSskmPA4E26X1bAQGH8JmwjpRjMMk8Ys4jWK6jvj7c+GmyfnsEiI08XmRH
+GKZ30LYXXIk/4YOXb6kY2snAJvT93UFcgNGpOfImbGslPc4VmBZggpg5iLyrnbE
Ivb73Um6nammFGgqZFPEUqidbtF/GP/h2s5g569jtDoXi+C7zsspb/X539iwGSxX
NOl7ja0xsmmJaKE6y+rHKk687CkadqMoZepPgzjaJcYHPfJGDxm20f8eewIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFDOHChRzzHGDbLODCFvkdhBq8O0UMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvTTRjS0ZIUE1jWU5zczRNSVctUjJFR3J3N1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCBzwQCAAEwgcgDBAcF
F4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS0kAD
BAVT2YADAwNUwAMEBlUcQAMDAl7gAwMBjYYDBAadrYADAwKydAMEArkX9AMEArke
NAMEArn4KAMEBbwsQAMEAbxfkgMDAby8AwQFwxAAAwQFw4KAAwQFw6LAAwQF1Ezg
AwQF1FjgAwQF1HsAAwMB1XYDBAXVhIADBAXV1iADAwDV4AMEBtX7QAMEBNlI4AME
A9moeDATBAIAAjANAwUAKgAc+AMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEAcxpZ
j68sr9nf6pvAoIiImGyW0zQ8ey1TIp8IOVjGIkhFKox1Nk3LmKa38YewMMrqllMI
z0+RYE7sC9+VzfuOUeMtTQK9mYQbT1OUVkIq1pp75pQCPPuwppTpVO1GbL+NeGvA
MFBwTJ4CAhuJS04xmIj2jvtlZRZJS8PhtxFitt2WHZR1e9rA5srKh4eS7G9li08d
/2/L2T6KgJYDePCvaEn+ld+Pr1cVgsfG+s/sKBkYGCn2gZQ92iWxVL/7MrPLbMR0
hF9qvm35vZpPB8/LQcNTGCgMyJU0q0eSZHny82D1FUb7mpgWQxrt+BT8pg61EoUI
C1FG37ZFPP41odumVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:30 2024 by rpki-client on console-ams.rpki-client.org