Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mrQLOhAbTe0e0u_hWXIrk2XGEtQ.roa
File: mrQLOhAbTe0e0u_hWXIrk2XGEtQ.roa (raw, json)
Hash identifier: wmDzz6SLVoGxnz3kfbZmVEcsx5HtNx9yK0sxxxw7DpY=
Subject key identifier: 9A:B4:0B:3A:10:1B:4D:ED:1E:D2:EF:E1:59:72:2B:93:65:C6:12:D4
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018E7FEC6F65C05F2B8D26D745586B732C4A
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mrQLOhAbTe0e0u_hWXIrk2XGEtQ.roa
Signing time: Wed 27 Mar 2024 12:39:45 +0000
ROA not before: Wed 27 Mar 2024 12:39:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.180.104.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.5.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.141.150.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.26.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a0f:ed00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 27 Mar 2024 13:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:ec:6f:65:c0:5f:2b:8d:26:d7:45:58:6b:73:2c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Mar 27 12:39:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ab40b3a101b4ded1ed2efe159722b9365c612d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:83:a5:3c:de:3e:64:cc:11:95:2a:54:04:4b:
fd:09:51:fc:6c:2b:7a:0e:8e:4b:77:e5:de:72:9f:
35:b2:03:c9:16:27:69:86:40:ca:33:1d:0c:88:fa:
22:af:56:4b:b5:22:7c:12:57:59:f5:78:3a:a0:1a:
56:56:7e:c6:e5:8f:9a:89:65:6d:de:f1:eb:31:fe:
46:22:56:82:7b:95:e9:42:2e:e6:dc:32:bc:65:e9:
2a:69:f4:c4:56:74:bc:32:c9:b9:1d:3f:2e:d8:3c:
0c:91:38:6e:0d:df:70:92:5c:b4:66:86:2a:8b:47:
f7:3a:51:54:87:18:e8:f2:1e:5e:1e:77:2f:bd:61:
b2:08:76:2a:2f:ed:50:c3:64:7b:ea:67:8b:dd:44:
12:1a:b6:17:cf:ea:25:13:13:53:14:3a:47:77:e9:
a0:5c:38:7b:25:db:c2:ab:c7:05:ad:e5:1a:55:c6:
5d:0b:ad:5a:05:e7:2e:a9:00:2d:f1:ca:db:b4:a7:
db:e4:9f:31:36:ea:57:ce:cf:69:94:a4:2e:4e:27:
2c:0e:e8:ca:d5:da:cc:6f:24:27:0c:97:e4:51:3e:
b5:e7:1b:26:62:e1:6c:cc:f4:aa:4b:73:70:40:95:
d3:1a:08:31:37:03:1f:5a:a6:fc:c7:6c:9d:73:48:
25:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B4:0B:3A:10:1B:4D:ED:1E:D2:EF:E1:59:72:2B:93:65:C6:12:D4
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/mrQLOhAbTe0e0u_hWXIrk2XGEtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.104.0/24
5.180.107.0/24
45.131.0.0/23
45.131.3.0/24
45.136.5.0/24
45.141.148.0/24
45.141.150.0/24
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.228.0/24
194.116.236.0/23
194.146.26.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a0f:ed00::/29
Signature Algorithm: sha256WithRSAEncryption
7d:2e:5d:8f:41:87:14:0e:5a:3d:b5:f3:64:97:10:f9:a2:36:
06:33:76:03:0e:20:60:fa:8c:f5:74:4f:b0:06:fc:f4:38:54:
7c:4d:5e:4c:54:ed:98:d5:dd:f5:a2:da:d9:da:34:0a:d7:08:
ac:b6:86:d3:3d:ea:86:93:6e:09:01:11:61:69:2b:c6:5a:f8:
68:68:17:4d:d5:fd:9a:ae:d2:12:ae:fb:3e:bc:16:9d:e3:69:
1c:fb:32:83:6b:d2:cf:ac:de:15:c4:0c:39:79:b7:8c:ee:0b:
2b:38:7b:3f:07:1c:ad:71:1a:c4:93:3c:45:53:7d:37:bd:5d:
03:74:2a:01:e8:91:7e:c9:e6:76:c2:3a:d9:05:f2:08:62:db:
a4:b4:bf:91:96:73:46:ee:e0:83:e2:7e:e0:89:da:32:3d:26:
63:f7:f9:13:ed:49:b2:e2:f7:0c:96:93:e1:36:92:87:38:04:
be:23:87:7c:e9:f0:19:26:fa:0f:bd:41:42:1a:59:81:b5:4c:
59:eb:2d:6b:24:a4:ad:43:46:c6:0a:a1:b7:28:3f:eb:41:18:
e7:e3:53:f3:46:ae:b0:b8:56:bd:5b:c9:96:da:32:3d:56:72:
0f:46:e6:47:4a:32:26:f5:14:54:c8:bb:d2:c9:64:3e:2d:e6:
a0:fb:99:a2
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAY5/7G9lwF8rjSbXRVhrcyxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwMzI3MTIzOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWI0MGIzYTEwMWI0ZGVkMWVkMmVmZTE1OTcyMmI5MzY1YzYxMmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYOlPN4+ZMwRlSpUBEv9CVH8bCt6
Do5Ld+Xecp81sgPJFidphkDKMx0MiPoir1ZLtSJ8EldZ9Xg6oBpWVn7G5Y+aiWVt
3vHrMf5GIlaCe5XpQi7m3DK8ZekqafTEVnS8Msm5HT8u2DwMkThuDd9wkly0ZoYq
i0f3OlFUhxjo8h5eHncvvWGyCHYqL+1Qw2R76meL3UQSGrYXz+olExNTFDpHd+mg
XDh7JdvCq8cFreUaVcZdC61aBecuqQAt8crbtKfb5J8xNupXzs9plKQuTicsDujK
1drMbyQnDJfkUT615xsmYuFszPSqS3NwQJXTGggxNwMfWqb8x2ydc0gl6wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFJq0CzoQG03tHtLv4VlyK5NlxhLUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvbXJRTE9oQWJUZTBlMHVfaFdYSXJrMlhHRXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAAW0aAME
AAW0awMEAS2DAAMEAC2DAwMEAC2IBQMEAC2NlAMEAC2NlgMEAC2TLDAMAwQDTVPI
AwQATVPKAwQAwnTkAwQBwnTsAwQAwpIaAwQAwpIkAwQAwpIvMA0EAgACMAcDBQMq
D+0AMA0GCSqGSIb3DQEBCwUAA4IBAQB9Ll2PQYcUDlo9tfNklxD5ojYGM3YDDiBg
+oz1dE+wBvz0OFR8TV5MVO2Y1d31otrZ2jQK1wistobTPeqGk24JARFhaSvGWvho
aBdN1f2artISrvs+vBad42kc+zKDa9LPrN4VxAw5ebeM7gsrOHs/BxytcRrEkzxF
U303vV0DdCoB6JF+yeZ2wjrZBfIIYtuktL+RlnNG7uCD4n7gidoyPSZj9/kT7Umy
4vcMlpPhNpKHOAS+I4d86fAZJvoPvUFCGlmBtUxZ6y1rJKStQ0bGCqG3KD/rQRjn
41PzRq6wuFa9W8mW2jI9VnIPRuZHSjIm9RRUyLvSyWQ+Leag+5mi
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:46:19 2025 by rpki-client