Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/mTdQnsaGLrMycf1ZXhOFn5iQUPo.roa
File: mTdQnsaGLrMycf1ZXhOFn5iQUPo.roa (raw, json)
Hash identifier: EQYTwqr7eqA+bb3imLHTYCDt6bOFCo/rdo5FVLF6uTw=
Subject key identifier: 99:37:50:9E:C6:86:2E:B3:32:71:FD:59:5E:13:85:9F:98:90:50:FA
Certificate issuer: /CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Certificate serial: 01942521AF6A1DCA1DF6640348404BFE9593
Authority key identifier: FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/mTdQnsaGLrMycf1ZXhOFn5iQUPo.roa
Signing time: Thu 02 Jan 2025 03:49:12 +0000
ROA not before: Thu 02 Jan 2025 03:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35612
IP address blocks: 5.157.96.0/19 maxlen: 19
49.236.0.0/18 maxlen: 21
77.32.0.0/17 maxlen: 21
78.134.0.0/17 maxlen: 17
81.174.0.0/18 maxlen: 18
84.33.64.0/18 maxlen: 21
84.33.128.0/18 maxlen: 21
88.147.0.0/17 maxlen: 21
88.149.128.0/17 maxlen: 17
128.116.128.0/17 maxlen: 17
146.241.0.0/16 maxlen: 21
147.53.128.0/17 maxlen: 17
185.11.20.0/22 maxlen: 22
212.124.160.0/19 maxlen: 19
216.247.128.0/18 maxlen: 18
2001:4c90::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 21 Jan 2025 07:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:af:6a:1d:ca:1d:f6:64:03:48:40:4b:fe:95:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Validity
Not Before: Jan 2 03:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9937509ec6862eb33271fd595e13859f989050fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c6:03:31:23:a0:f9:78:b8:cb:c9:e9:3a:95:
64:5f:da:8d:4f:f4:ee:1d:c0:09:11:a1:14:c5:99:
99:0f:77:97:09:cc:ad:1d:2b:56:df:46:76:ff:d6:
18:98:a3:4f:6a:a3:46:c1:23:6c:e9:80:0a:d8:0d:
59:d3:25:28:b7:62:23:ff:a2:f8:b3:6f:de:4e:58:
c3:5a:64:72:74:d3:b8:e3:5e:73:97:aa:be:7b:4e:
e6:a5:ad:b8:21:6d:e9:d9:6c:82:42:74:8c:46:ec:
78:c9:59:c3:fe:3d:3b:b4:df:b1:71:97:50:68:a0:
b7:e7:7c:f3:55:b9:77:d1:36:8f:24:14:cd:52:5d:
0d:58:ac:e3:8e:a3:0c:d5:0b:6b:4e:c9:e2:1d:9a:
d7:d8:ed:28:6e:43:4a:22:83:ae:bb:97:89:7e:81:
28:35:b6:c7:c6:d5:eb:01:e7:0b:0a:19:24:f7:0d:
d3:9e:67:3b:1a:24:2f:db:33:db:0b:10:da:f1:e0:
46:eb:bf:f2:3d:54:8c:26:eb:90:8d:17:07:4f:dd:
eb:7f:46:22:2e:66:fa:af:5d:e5:58:97:42:01:b6:
64:1f:0b:8d:4d:ef:1d:82:08:a2:c8:2e:d2:d3:1e:
cf:a5:00:23:13:ea:e1:df:b5:00:c9:ba:f2:9e:41:
27:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:37:50:9E:C6:86:2E:B3:32:71:FD:59:5E:13:85:9F:98:90:50:FA
X509v3 Authority Key Identifier:
keyid:FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/mTdQnsaGLrMycf1ZXhOFn5iQUPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.96.0/19
49.236.0.0/18
77.32.0.0/17
78.134.0.0/17
81.174.0.0/18
84.33.64.0-84.33.191.255
88.147.0.0/17
88.149.128.0/17
128.116.128.0/17
146.241.0.0/16
147.53.128.0/17
185.11.20.0/22
212.124.160.0/19
216.247.128.0/18
IPv6:
2001:4c90::/29
Signature Algorithm: sha256WithRSAEncryption
42:dc:73:d1:93:0f:bf:f6:7a:b0:70:81:98:af:b9:d5:26:c6:
f0:79:65:66:c7:b3:dd:7d:f0:bf:ac:7f:e9:0d:4a:9b:18:ad:
aa:34:73:a2:42:b3:7a:ff:a0:be:05:8b:c1:4d:c1:a1:a5:1c:
81:bc:e0:f0:f2:86:0b:df:6e:87:28:99:bc:bc:c3:65:db:78:
08:97:c1:30:09:fd:8e:a6:76:3d:2f:44:c4:7a:b6:b8:aa:de:
36:05:a2:f2:13:09:bb:80:48:c2:71:d3:16:f0:81:40:e7:18:
59:eb:3b:10:b5:bb:17:25:35:8a:76:bf:fd:b1:d1:5f:6d:37:
7d:37:c4:b1:07:73:c8:5a:ff:cf:24:df:50:52:6d:b3:06:ee:
93:30:a9:dd:c7:ff:22:e5:ca:c9:d4:ad:49:c0:bd:13:fc:0e:
0c:c4:07:6b:f8:79:18:9f:4b:31:49:ae:bf:d9:09:60:4b:2f:
b3:ce:d3:dc:df:43:2e:3e:27:55:30:6a:41:46:59:8a:3b:5b:
15:4f:d4:c4:d5:ae:97:c7:87:b1:f5:f6:50:fd:32:c0:d7:45:
03:fa:cc:c6:eb:8d:bc:0b:5b:f0:ed:0f:bb:be:f8:dc:55:de:
7d:e6:19:a6:38:34:ad:32:98:d0:0a:c5:07:1e:22:da:b5:59:
eb:b0:b1:f4
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZQlIa9qHcod9mQDSEBL/pWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDBkOGEyZWE5Njc2MzY5ZTZlODE3Njc5NDkwZTRlNTA1
Yzg5ZjMwHhcNMjUwMTAyMDM0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM3NTA5ZWM2ODYyZWIzMzI3MWZkNTk1ZTEzODU5Zjk4OTA1MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8YDMSOg+Xi4y8npOpVkX9qNT/Tu
HcAJEaEUxZmZD3eXCcytHStW30Z2/9YYmKNPaqNGwSNs6YAK2A1Z0yUot2Ij/6L4
s2/eTljDWmRydNO4415zl6q+e07mpa24IW3p2WyCQnSMRux4yVnD/j07tN+xcZdQ
aKC353zzVbl30TaPJBTNUl0NWKzjjqMM1QtrTsniHZrX2O0obkNKIoOuu5eJfoEo
NbbHxtXrAecLChkk9w3Tnmc7GiQv2zPbCxDa8eBG67/yPVSMJuuQjRcHT93rf0Yi
Lmb6r13lWJdCAbZkHwuNTe8dggiiyC7S0x7PpQAjE+rh37UAybrynkEnGQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJk3UJ7Ghi6zMnH9WV4ThZ+YkFD6MB8GA1UdIwQY
MBaAFP9A2KLqlnY2nm6BdnlJDk5QXInzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUt
YjA1MGMxMTI5MTI2LzEvbVRkUW5zYUdMck15Y2YxWlhoT0ZuNWlRVVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83YWJmM2MtMjlmMy00M2M4LTk3OGUtYjA1MGMxMTI5MTI2
LzEvXzBEWW91cVdkamFlYm9GMmVVa09UbEJjaWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwYQQCAAEwWwMEBQWdYAME
BjHsAAMEB00gAAMEB06GAAMEBlGuADAMAwQGVCFAAwQGVCGAAwQHWJMAAwQHWJWA
AwQHgHSAAwMAkvEDBAeTNYADBAK5CxQDBAXUfKADBAbY94AwDQQCAAIwBwMFAyAB
TJAwDQYJKoZIhvcNAQELBQADggEBAELcc9GTD7/2erBwgZivudUmxvB5ZWbHs919
8L+sf+kNSpsYrao0c6JCs3r/oL4Fi8FNwaGlHIG84PDyhgvfbocomby8w2XbeAiX
wTAJ/Y6mdj0vRMR6triq3jYFovITCbuASMJx0xbwgUDnGFnrOxC1uxclNYp2v/2x
0V9tN303xLEHc8ha/88k31BSbbMG7pMwqd3H/yLlysnUrUnAvRP8DgzEB2v4eRif
SzFJrr/ZCWBLL7PO09zfQy4+J1UwakFGWYo7WxVP1MTVrpfHh7H19lD9MsDXRQP6
zMbrjbwLW/DtD7u++NxV3n3mGaY4NK0ymNAKxQceItq1WeuwsfQ=
-----END CERTIFICATE-----
Generated at Thu May 8 08:51:38 2025 by rpki-client