Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/mlslr-Ns3h9Xx0-F_qSFSk0OzqY.roa
File: mlslr-Ns3h9Xx0-F_qSFSk0OzqY.roa (raw, json)
Hash identifier: OKQUDtsFPCHx7FcT6l+FuLFtDz32WDlsl/+lPmFCdEk=
Subject key identifier: 9A:5B:25:AF:E3:6C:DE:1F:57:C7:4F:85:FE:A4:85:4A:4D:0E:CE:A6
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0193B4FBD20DAB9206106B7273CE06B28456
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/mlslr-Ns3h9Xx0-F_qSFSk0OzqY.roa
Signing time: Wed 11 Dec 2024 09:10:22 +0000
ROA not before: Wed 11 Dec 2024 09:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50266
IP address blocks: 31.20.0.0/16 maxlen: 24
31.21.0.0/16 maxlen: 24
31.184.64.0/18 maxlen: 24
31.187.128.0/17 maxlen: 24
62.166.128.0/17 maxlen: 24
62.250.0.0/17 maxlen: 24
62.250.128.0/17 maxlen: 24
81.59.0.0/17 maxlen: 17
82.172.0.0/17 maxlen: 17
82.174.0.0/16 maxlen: 24
85.223.0.0/17 maxlen: 24
87.208.0.0/16 maxlen: 24
87.209.0.0/16 maxlen: 24
87.210.0.0/16 maxlen: 24
87.212.0.0/16 maxlen: 24
92.254.0.0/17 maxlen: 24
94.157.0.0/16 maxlen: 24
95.98.0.0/15 maxlen: 24
95.99.0.0/16 maxlen: 16
143.177.0.0/16 maxlen: 24
143.178.0.0/17 maxlen: 24
143.178.128.0/17 maxlen: 24
143.179.0.0/16 maxlen: 24
178.224.0.0/16 maxlen: 24
188.88.0.0/14 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 08:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b4:fb:d2:0d:ab:92:06:10:6b:72:73:ce:06:b2:84:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Dec 11 09:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a5b25afe36cde1f57c74f85fea4854a4d0ecea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:ac:64:26:6e:67:92:0f:51:84:a1:85:9a:
1b:89:7d:a5:e7:32:da:27:84:9d:55:24:b1:25:47:
f5:f1:fe:dc:07:be:a0:43:ba:e9:40:69:d8:ea:1d:
04:5a:c9:d9:49:ea:2e:7f:57:78:9a:47:ee:6c:12:
a6:69:c0:69:6c:41:29:6f:28:fc:4e:66:7d:fb:18:
bd:2e:86:21:df:47:7f:a8:ab:c5:fb:fe:5b:fa:15:
33:92:ae:6b:6d:c8:93:a8:3b:fd:30:7e:78:9e:6e:
3a:f7:c4:00:88:9e:1b:56:dc:db:f9:26:ca:ab:1f:
73:07:05:b1:52:7c:3a:d7:ce:f2:b5:84:7f:d7:59:
60:67:24:05:da:ca:43:f6:64:c3:27:48:bd:c1:69:
65:2b:b0:d9:c3:94:9f:89:56:9f:22:30:6c:e8:20:
f3:2b:15:12:5f:93:c5:25:12:25:7c:22:ab:e6:4f:
63:5f:c2:0c:c7:fc:96:02:b4:d4:3a:cd:e1:ae:c3:
34:10:4a:94:e5:e7:07:0a:20:53:71:0b:c6:ae:10:
cb:7e:52:0c:9c:a0:d7:48:01:8e:69:b2:57:33:fc:
f2:f6:8c:e2:90:6c:ca:17:a3:d0:57:cf:96:79:8e:
09:e4:f1:28:01:ce:69:ce:c2:75:83:45:e3:ce:b8:
97:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5B:25:AF:E3:6C:DE:1F:57:C7:4F:85:FE:A4:85:4A:4D:0E:CE:A6
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/mlslr-Ns3h9Xx0-F_qSFSk0OzqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.20.0.0/15
31.184.64.0/18
31.187.128.0/17
62.166.128.0/17
62.250.0.0/16
81.59.0.0/17
82.172.0.0/17
82.174.0.0/16
85.223.0.0/17
87.208.0.0-87.210.255.255
87.212.0.0/16
92.254.0.0/17
94.157.0.0/16
95.98.0.0/15
143.177.0.0-143.179.255.255
178.224.0.0/16
188.88.0.0/14
Signature Algorithm: sha256WithRSAEncryption
33:18:f5:66:7e:13:48:80:60:ce:5d:35:7b:4e:e8:b5:cc:70:
dc:46:9b:dd:c1:ef:2d:34:a1:56:61:d6:bb:fb:66:43:15:e9:
fd:19:9e:df:29:f2:d4:ed:fe:f3:2f:1c:59:ac:d0:f0:d8:37:
84:c3:0e:43:e3:8f:9f:93:d7:4a:31:0b:35:96:9d:24:ab:11:
39:ad:53:f5:68:cc:a4:a9:cc:a2:29:f2:1a:4f:cc:97:63:9d:
46:26:93:0d:71:55:0c:06:7b:fd:61:a0:bd:c2:7a:17:96:fb:
49:bb:04:77:66:aa:5b:b4:53:57:71:82:4d:a1:2b:24:38:22:
a0:99:51:e3:46:19:09:4a:1e:8a:db:ba:8a:9d:20:e0:64:fc:
df:b7:e4:b9:64:c5:9a:a0:a7:70:5f:cf:fb:41:b4:5e:70:1e:
72:ee:c2:c9:42:29:fe:f2:37:f1:a5:10:4c:8f:fa:57:6f:b2:
0e:ca:fe:d9:52:2a:b0:75:91:d4:32:08:34:86:29:d3:90:fe:
46:ad:ec:a5:4a:e6:40:c2:18:58:0d:5b:d2:79:86:49:0d:d3:
9f:82:81:4c:b6:f9:fe:c9:03:13:28:0e:d5:9a:5c:f7:e9:e8:
97:6d:36:7d:a8:99:37:43:cd:aa:55:4b:1d:36:55:88:4e:f1:
dc:13:5a:15
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZO0+9INq5IGEGtyc84GsoRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYjUzNDQzNzUwMzY2ODgxNWFkZDkzY2QxN2QwYWQzZTFi
MWE4NzcwHhcNMjQxMjExMDkxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTViMjVhZmUzNmNkZTFmNTdjNzRmODVmZWE0ODU0YTRkMGVjZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+esZCZuZ5IPUYShhZobiX2l5zLa
J4SdVSSxJUf18f7cB76gQ7rpQGnY6h0EWsnZSeouf1d4mkfubBKmacBpbEEpbyj8
TmZ9+xi9LoYh30d/qKvF+/5b+hUzkq5rbciTqDv9MH54nm4698QAiJ4bVtzb+SbK
qx9zBwWxUnw6187ytYR/11lgZyQF2spD9mTDJ0i9wWllK7DZw5SfiVafIjBs6CDz
KxUSX5PFJRIlfCKr5k9jX8IMx/yWArTUOs3hrsM0EEqU5ecHCiBTcQvGrhDLflIM
nKDXSAGOabJXM/zy9ozikGzKF6PQV8+WeY4J5PEoAc5pzsJ1g0XjzriXpQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJpbJa/jbN4fV8dPhf6khUpNDs6mMB8GA1UdIwQY
MBaAFGG1NEN1A2aIFa3ZPNF9CtPhsah3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYt
ZjU1NWUyZTY4YTEwLzEvbWxzbHItTnMzaDlYeDAtRl9xU0ZTazBPenFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jMWFjZDYtMjMwYS00ZTM2LWE1OGYtZjU1NWUyZTY4YTEw
LzEvWWJVMFEzVURab2dWcmRrODBYMEswLUd4cUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMDAR8UAwQG
H7hAAwQHH7uAAwQHPqaAAwMAPvoDBAdROwADBAdSrAADAwBSrgMEB1XfADAKAwME
V9ADAwBX0gMDAFfUAwQHXP4AAwMAXp0DAwFfYjAKAwMAj7EDAwKPsAMDALLgAwMC
vFgwDQYJKoZIhvcNAQELBQADggEBADMY9WZ+E0iAYM5dNXtO6LXMcNxGm93B7y00
oVZh1rv7ZkMV6f0Znt8p8tTt/vMvHFms0PDYN4TDDkPjj5+T10oxCzWWnSSrETmt
U/VozKSpzKIp8hpPzJdjnUYmkw1xVQwGe/1hoL3CeheW+0m7BHdmqlu0U1dxgk2h
KyQ4IqCZUeNGGQlKHorbuoqdIOBk/N+35LlkxZqgp3Bfz/tBtF5wHnLuwslCKf7y
N/GlEEyP+ldvsg7K/tlSKrB1kdQyCDSGKdOQ/kat7KVK5kDCGFgNW9J5hkkN05+C
gUy2+f7JAxMoDtWaXPfp6JdtNn2omTdDzapVSx02VYhO8dwTWhU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:16:36 2025 by rpki-client