Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mgVbWl368bOTPYzyoXCVK1cB1Mk.roa
File: mgVbWl368bOTPYzyoXCVK1cB1Mk.roa (raw, json)
Hash identifier: /+ua82IPbPfBsOs6c7gMEOrOsaM7A9xa+THKrugF4tc=
Subject key identifier: 9A:05:5B:5A:5D:FA:F1:B3:93:3D:8C:F2:A1:70:95:2B:57:01:D4:C9
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC80203211403442C12355A9939DEFD74
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mgVbWl368bOTPYzyoXCVK1cB1Mk.roa
Signing time: Tue 02 Jan 2024 02:30:24 +0000
ROA not before: Tue 02 Jan 2024 02:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25490
IP address blocks: 85.174.143.0/24 maxlen: 24
85.173.4.0/22 maxlen: 22
85.172.160.0/21 maxlen: 21
85.174.128.0/18 maxlen: 18
85.174.240.0/20 maxlen: 20
85.175.0.0/19 maxlen: 19
83.239.0.0/20 maxlen: 20
83.239.0.0/18 maxlen: 18
85.175.0.0/16 maxlen: 16
83.239.16.0/20 maxlen: 20
83.239.32.0/19 maxlen: 19
85.175.32.0/21 maxlen: 21
83.239.32.0/21 maxlen: 21
85.174.224.0/20 maxlen: 20
83.239.96.0/20 maxlen: 20
85.175.96.0/22 maxlen: 22
85.172.0.0/19 maxlen: 19
85.175.100.0/23 maxlen: 23
85.172.32.0/19 maxlen: 19
83.239.40.0/22 maxlen: 22
85.175.46.0/24 maxlen: 24
83.239.48.0/20 maxlen: 20
83.239.64.0/19 maxlen: 19
85.175.62.0/23 maxlen: 23
85.173.144.0/20 maxlen: 20
85.175.66.0/23 maxlen: 23
85.175.71.0/24 maxlen: 24
85.175.65.0/24 maxlen: 24
85.175.72.0/22 maxlen: 22
85.175.82.0/23 maxlen: 23
85.175.91.0/24 maxlen: 24
83.239.200.0/21 maxlen: 21
85.175.216.0/22 maxlen: 22
83.239.224.0/20 maxlen: 20
85.175.226.0/23 maxlen: 23
83.239.240.0/22 maxlen: 22
85.175.236.0/24 maxlen: 24
83.239.244.0/22 maxlen: 22
85.175.152.0/23 maxlen: 23
85.172.64.0/21 maxlen: 21
85.175.170.0/23 maxlen: 23
85.172.72.0/22 maxlen: 22
85.172.82.0/23 maxlen: 23
85.172.84.0/22 maxlen: 22
85.172.79.0/24 maxlen: 24
85.172.96.0/20 maxlen: 20
85.175.192.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 29 Mar 2024 12:23:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:03:21:14:03:44:2c:12:35:5a:99:39:de:fd:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a055b5a5dfaf1b3933d8cf2a170952b5701d4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2f:f2:8b:7c:c7:51:c6:8f:c6:f0:be:9b:cd:
fe:3d:2e:fb:a5:22:3b:8c:f0:bc:2f:64:31:b9:22:
c3:a4:0a:58:bc:1b:56:17:c2:ee:73:cd:cf:e2:23:
30:cb:f5:e5:62:e3:bb:fd:68:21:33:16:b6:2b:17:
7a:b1:e7:f3:19:72:78:71:3e:a9:f8:e1:16:03:55:
d3:3d:72:36:51:66:86:92:72:4b:4f:1e:c1:2e:d4:
aa:38:c1:61:8d:52:50:a7:82:8a:2c:66:39:18:48:
39:7b:d4:56:35:02:88:59:45:39:3a:e3:a6:a5:78:
a0:2e:4e:c5:ea:f7:7a:92:58:33:6e:2e:b5:77:69:
78:7a:2d:cd:21:f7:47:4d:b3:6c:b0:a9:fd:5e:30:
45:10:59:42:43:a7:28:c8:98:0f:22:1f:53:ba:fa:
c2:19:7e:cf:a4:6f:e3:c9:bd:90:53:05:25:c4:f9:
61:99:99:ff:eb:ba:8a:06:23:7b:08:a1:b2:90:6e:
57:37:5e:f0:63:ec:eb:44:96:ec:e7:09:f5:29:ff:
50:d7:ff:e9:75:05:3e:a2:06:cf:f2:a8:f1:3b:f7:
54:d4:18:21:3d:a4:c0:a0:bc:28:77:31:01:cd:54:
2c:d7:76:d9:bf:77:bf:ce:d5:18:53:10:f9:0a:ca:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:05:5B:5A:5D:FA:F1:B3:93:3D:8C:F2:A1:70:95:2B:57:01:D4:C9
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mgVbWl368bOTPYzyoXCVK1cB1Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.0.0-83.239.111.255
83.239.200.0/21
83.239.224.0-83.239.247.255
85.172.0.0-85.172.75.255
85.172.79.0/24
85.172.82.0-85.172.87.255
85.172.96.0/20
85.172.160.0/21
85.173.4.0/22
85.173.144.0/20
85.174.128.0/18
85.174.224.0-85.175.255.255
Signature Algorithm: sha256WithRSAEncryption
40:c2:eb:df:91:b3:b0:35:08:4e:a0:9f:6d:89:4b:9f:a9:4b:
61:de:90:64:09:d5:4c:79:b3:f9:92:0f:77:1d:d7:ee:a2:19:
1a:e4:4b:ef:03:00:95:75:0f:5e:e8:c4:c2:84:5d:ab:64:1d:
64:4d:dc:e4:4e:03:34:70:97:d2:c0:04:11:c1:03:23:53:8e:
4d:58:a3:cc:1c:61:33:88:9f:80:d5:8f:87:b5:5d:f5:0c:90:
9e:b2:de:53:68:56:a1:64:82:ce:bf:0e:8f:cc:2c:27:1c:b8:
25:ab:b3:64:7e:82:8f:03:09:cd:8d:b3:05:01:fb:58:84:cc:
6f:50:31:c1:d8:c2:76:df:e5:da:1f:b8:bb:81:f1:5c:34:19:
a0:55:b0:6f:e6:ff:2a:31:4c:88:36:2d:c5:41:8b:a3:3f:2a:
b0:3f:64:df:d3:d6:84:fc:b2:bc:60:d2:15:97:2a:03:3b:21:
1d:3a:b3:35:83:8f:ab:30:93:30:2a:21:e4:26:f3:58:60:66:
85:4d:88:ff:a6:0d:c0:8e:5b:4b:9f:33:a7:7f:f0:e6:65:37:
92:e0:13:4a:52:f5:a1:38:17:78:1a:8b:79:37:62:f8:ac:0c:
e1:1d:86:60:2e:90:36:8f:b3:a1:94:bb:66:0e:6b:d2:ab:9b:
c3:76:79:75
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYzIAgMhFANELBI1Wpk53v10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA1NWI1YTVkZmFmMWIzOTMzZDhjZjJhMTcwOTUyYjU3MDFkNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwS/yi3zHUcaPxvC+m83+PS77pSI7
jPC8L2QxuSLDpApYvBtWF8Luc83P4iMwy/XlYuO7/WghMxa2Kxd6sefzGXJ4cT6p
+OEWA1XTPXI2UWaGknJLTx7BLtSqOMFhjVJQp4KKLGY5GEg5e9RWNQKIWUU5OuOm
pXigLk7F6vd6klgzbi61d2l4ei3NIfdHTbNssKn9XjBFEFlCQ6coyJgPIh9TuvrC
GX7PpG/jyb2QUwUlxPlhmZn/67qKBiN7CKGykG5XN17wY+zrRJbs5wn1Kf9Q1//p
dQU+ogbP8qjxO/dU1BghPaTAoLwodzEBzVQs13bZv3e/ztUYUxD5CsoM/wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFJoFW1pd+vGzkz2M8qFwlStXAdTJMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbWdWYldsMzY4Yk9UUFl6eW9YQ1ZLMWNCMU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbTALAwMAU+8D
BART72ADBANT78gwDAMEBVPv4AMEA1Pv8DALAwMCVawDBAJVrEgDBABVrE8wDAME
AVWsUgMEA1WsUAMEBFWsYAMEA1WsoAMEAlWtBAMEBFWtkAMEBlWugDALAwQFVa7g
AwMEVaAwDQYJKoZIhvcNAQELBQADggEBAEDC69+Rs7A1CE6gn22JS5+pS2HekGQJ
1Ux5s/mSD3cd1+6iGRrkS+8DAJV1D17oxMKEXatkHWRN3OROAzRwl9LABBHBAyNT
jk1Yo8wcYTOIn4DVj4e1XfUMkJ6y3lNoVqFkgs6/Do/MLCccuCWrs2R+go8DCc2N
swUB+1iEzG9QMcHYwnbf5dofuLuB8Vw0GaBVsG/m/yoxTIg2LcVBi6M/KrA/ZN/T
1oT8srxg0hWXKgM7IR06szWDj6swkzAqIeQm81hgZoVNiP+mDcCOW0ufM6d/8OZl
N5LgE0pS9aE4F3gai3k3YvisDOEdhmAukDaPs6GUu2YOa9Krm8N2eXU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:06:01 2025 by rpki-client