Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0mzg8xTalnEPOrdpSeYtOe3QXac.roa
File: 0mzg8xTalnEPOrdpSeYtOe3QXac.roa (raw, json)
Hash identifier: MoiRk9tnIRZXx+xX++NnFU4Sl8ecKf+T7LGHHv4QsF8=
Subject key identifier: D2:6C:E0:F3:14:DA:96:71:0F:3A:B7:69:49:E6:2D:39:ED:D0:5D:A7
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01874B6134B065156D12E2D1C1E1F8D78A39
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0mzg8xTalnEPOrdpSeYtOe3QXac.roa
Signing time: Tue 04 Apr 2023 08:27:54 +0000
ROA not before: Tue 04 Apr 2023 08:27:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39486
IP address blocks: 193.161.128.0/22 maxlen: 24
171.22.252.0/24 maxlen: 32
194.104.104.0/22 maxlen: 24
45.134.79.0/24 maxlen: 32
87.239.254.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
36.255.188.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4b:61:34:b0:65:15:6d:12:e2:d1:c1:e1:f8:d7:8a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Apr 4 08:27:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d26ce0f314da96710f3ab76949e62d39edd05da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:46:16:89:ae:74:20:53:39:30:ab:c1:0c:b6:
42:86:ad:86:4e:c3:ce:19:47:16:13:71:4e:9e:c2:
10:ab:72:01:be:91:a8:43:48:c9:52:b3:0a:33:ec:
db:f3:0c:91:9f:5b:a2:89:ef:ca:8d:11:b9:d0:02:
dd:4e:da:26:59:0e:db:0b:24:b3:5c:8c:ea:0a:be:
46:6e:ac:d4:bc:ed:5f:df:a7:34:cb:d6:85:e0:8a:
c4:7b:44:03:24:1d:e7:b5:c0:7f:73:1c:89:40:77:
5a:36:7e:9f:9a:42:94:63:6c:d8:9b:04:88:30:17:
c2:20:a9:88:b1:8d:26:05:ae:98:27:f0:b6:e0:a1:
ae:7e:a1:ed:8c:0c:d3:97:c1:53:6f:2e:a3:7a:25:
f0:e5:b1:a0:12:9b:7f:53:23:18:7d:33:ee:0f:7f:
64:d4:ec:34:b7:de:8f:cd:36:58:a9:06:1c:a2:26:
2c:0a:e9:50:cf:b1:f5:f5:f1:51:30:00:d3:f3:e9:
43:ea:8f:da:23:f4:6c:d9:1d:c1:6a:75:b5:17:36:
f7:fb:c3:58:0e:d3:f7:e4:6b:07:81:38:db:c6:6b:
91:44:34:1f:2d:54:b0:05:08:68:bc:f7:92:54:e1:
5f:92:87:0f:1b:45:94:eb:99:98:3d:bf:88:04:73:
ca:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6C:E0:F3:14:DA:96:71:0F:3A:B7:69:49:E6:2D:39:ED:D0:5D:A7
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/0mzg8xTalnEPOrdpSeYtOe3QXac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.188.0/22
45.134.79.0/24
87.239.254.0/24
171.22.252.0/24
185.184.228.0/24
193.161.128.0/22
194.104.104.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:21:d5:8c:b2:39:cc:50:86:bc:2f:1a:6e:d1:f8:a8:2b:d6:
f3:f1:c6:70:a5:6d:0b:74:00:42:31:33:d1:48:67:b1:28:d9:
90:43:7e:27:6d:25:f5:e4:81:bf:17:88:9d:4d:f0:b2:01:9d:
3a:85:b0:36:17:38:54:11:cc:8d:cf:a0:cb:6c:2d:15:4c:3e:
eb:6d:8c:7a:07:39:78:31:ad:d6:60:7a:ed:4e:c0:d3:85:5d:
e3:01:39:5e:ec:60:ef:9f:29:81:a2:a1:6d:ed:72:d9:ef:1b:
2a:52:ea:28:c4:ee:7e:84:06:b0:a5:ff:e4:a9:3c:0f:a5:ba:
a6:6a:95:54:29:f2:40:b5:34:ff:ef:f0:f6:cc:25:21:ad:88:
06:aa:ff:79:eb:07:85:61:c5:9e:39:3a:b4:34:ad:ee:c6:2d:
ed:f3:5b:c7:63:29:18:8f:c0:79:78:6c:79:5a:57:27:6d:53:
97:55:93:d0:61:c8:9e:63:61:70:8f:b5:38:a5:07:21:95:4e:
72:21:05:82:7d:85:7d:0c:c2:25:39:58:59:d8:4f:32:99:5a:
22:38:ba:3f:75:74:9e:e8:8f:ee:f7:d3:ab:c5:a2:64:a9:97:
c3:de:f5:8d:38:a2:0c:b5:1d:c4:76:d0:80:3b:56:80:7a:13:
c0:63:95:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdLYTSwZRVtEuLRweH414o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwNDA0MDgyNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZjZTBmMzE0ZGE5NjcxMGYzYWI3Njk0OWU2MmQzOWVkZDA1ZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkYWia50IFM5MKvBDLZChq2GTsPO
GUcWE3FOnsIQq3IBvpGoQ0jJUrMKM+zb8wyRn1uiie/KjRG50ALdTtomWQ7bCySz
XIzqCr5GbqzUvO1f36c0y9aF4IrEe0QDJB3ntcB/cxyJQHdaNn6fmkKUY2zYmwSI
MBfCIKmIsY0mBa6YJ/C24KGufqHtjAzTl8FTby6jeiXw5bGgEpt/UyMYfTPuD39k
1Ow0t96PzTZYqQYcoiYsCulQz7H19fFRMADT8+lD6o/aI/Rs2R3BanW1Fzb3+8NY
DtP35GsHgTjbxmuRRDQfLVSwBQhovPeSVOFfkocPG0WU65mYPb+IBHPK4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNJs4PMU2pZxDzq3aUnmLTnt0F2nMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMG16Zzh4VGFsbkVQT3JkcFNlWXRPZTNRWGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJP+8AwQA
LYZPAwQAV+/+AwQAqxb8AwQAubjkAwQCwaGAAwQCwmhoMA0GCSqGSIb3DQEBCwUA
A4IBAQB6IdWMsjnMUIa8Lxpu0fioK9bz8cZwpW0LdABCMTPRSGexKNmQQ34nbSX1
5IG/F4idTfCyAZ06hbA2FzhUEcyNz6DLbC0VTD7rbYx6Bzl4Ma3WYHrtTsDThV3j
ATle7GDvnymBoqFt7XLZ7xsqUuooxO5+hAawpf/kqTwPpbqmapVUKfJAtTT/7/D2
zCUhrYgGqv956weFYcWeOTq0NK3uxi3t81vHYykYj8B5eGx5WlcnbVOXVZPQYcie
Y2Fwj7U4pQchlU5yIQWCfYV9DMIlOVhZ2E8ymVoiOLo/dXSe6I/u99OrxaJkqZfD
3vWNOKIMtR3EdtCAO1aAehPAY5WA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org