Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/mMlXrvfLDaq8GbDNFtqU57gEHvU.roa
File: mMlXrvfLDaq8GbDNFtqU57gEHvU.roa (raw, json)
Hash identifier: lS+8fcNI/nPGEFgu2cxaTuf909iz1lAksZ8sjymJd0g=
Subject key identifier: 98:C9:57:AE:F7:CB:0D:AA:BC:19:B0:CD:16:DA:94:E7:B8:04:1E:F5
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 01856DD40B6EAE2059552894990AA53B7B35
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/mMlXrvfLDaq8GbDNFtqU57gEHvU.roa
Signing time: Sun 01 Jan 2023 14:54:51 +0000
ROA not before: Sun 01 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196714
IP address blocks: 109.73.16.0/20 maxlen: 20
31.3.80.0/21 maxlen: 24
171.33.184.0/21 maxlen: 22
185.38.8.0/22 maxlen: 24
91.137.0.0/18 maxlen: 18
2a02:2250::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0b:6e:ae:20:59:55:28:94:99:0a:a5:3b:7b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 1 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98c957aef7cb0daabc19b0cd16da94e7b8041ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:49:ef:77:e6:c9:ee:bf:0a:a1:5a:51:65:73:
71:d5:89:80:fd:e5:f8:cd:ce:48:18:ef:56:bd:60:
b4:0a:1d:fe:a2:a3:b5:5f:02:b8:60:49:ca:8b:78:
49:ff:c2:49:9a:43:51:2f:2a:59:18:12:8e:ed:b8:
a3:0f:45:d2:df:bf:50:d2:5c:06:36:93:b4:72:5b:
49:cc:d8:61:99:c1:7e:9a:e9:58:16:d9:84:63:3e:
97:78:aa:9f:76:70:26:b3:41:4f:c5:49:d7:4e:5f:
43:03:a3:d5:9a:8d:51:3b:3a:75:47:68:53:b1:b7:
a0:96:1a:c2:b9:5c:dc:03:48:3b:12:4a:44:2d:a6:
cb:c8:2d:a9:a3:7d:04:ff:b3:6e:cf:82:04:0a:09:
16:ad:51:54:1e:96:bb:5d:ed:f4:32:55:77:a6:6d:
43:77:a7:2c:ef:f1:89:df:53:dc:2d:dc:8d:c5:99:
33:98:ed:fb:53:07:3c:f1:ec:c1:7f:79:21:69:60:
bd:66:5c:72:9c:e2:bd:d8:1a:96:d7:4d:6d:ba:4e:
68:79:9f:92:5a:81:e9:2f:eb:87:b1:a6:38:59:62:
09:0d:3d:e2:0b:06:74:a9:8c:d6:19:6f:99:a8:43:
a7:97:1d:65:38:3c:ff:a6:16:a2:a3:cf:61:10:68:
91:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C9:57:AE:F7:CB:0D:AA:BC:19:B0:CD:16:DA:94:E7:B8:04:1E:F5
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/mMlXrvfLDaq8GbDNFtqU57gEHvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.80.0/21
91.137.0.0/18
109.73.16.0/20
171.33.184.0/21
185.38.8.0/22
IPv6:
2a02:2250::/32
Signature Algorithm: sha256WithRSAEncryption
a0:96:db:20:3d:c1:ad:e4:ce:8c:0f:66:6f:19:57:ea:b3:38:
e7:fc:12:99:bc:b8:c5:a3:87:fa:c0:e7:56:3a:1d:9c:11:11:
00:21:12:ab:43:af:6f:82:af:34:e6:0d:ac:b3:61:7a:cc:ed:
95:ab:50:1d:16:a9:01:e7:d7:56:8a:0a:d9:53:35:e6:99:ee:
b3:23:a4:22:b3:25:61:b0:da:4a:e4:07:70:43:71:7d:d2:94:
26:3d:83:7e:41:fe:57:f9:15:9b:7e:56:19:37:c9:58:d7:4d:
d6:e0:42:31:fa:24:7f:90:eb:bb:31:51:18:f7:58:dd:eb:60:
80:44:5a:09:dc:a5:af:a9:c4:e9:6c:c9:19:ac:81:d8:70:fd:
7a:95:38:d4:1f:74:d4:9b:6f:96:ea:e5:fd:6f:4a:0d:79:dd:
73:43:70:af:a6:fd:24:3a:02:a6:ec:77:13:d6:55:ed:da:1c:
f0:98:ce:dc:c1:f1:f0:3f:95:dd:48:e4:8f:a6:be:bb:7a:0f:
b5:3f:40:fc:79:be:0f:8d:eb:24:49:ed:c1:a5:73:b3:b3:f2:
21:37:e4:cf:56:de:49:db:4c:db:76:1f:32:d5:a2:e5:be:7e:
c2:4a:4e:0a:f4:7a:a3:ca:98:e3:fc:e6:e6:8f:8a:20:de:94:
14:0e:09:79
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVt1AturiBZVSiUmQqlO3s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWE4Mzg1YTE0ZmQ5OTY3OTc4YWU3ZjA2ZWM0ZGQ1MjIy
OWE0NGEwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM5NTdhZWY3Y2IwZGFhYmMxOWIwY2QxNmRhOTRlN2I4MDQxZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0nvd+bJ7r8KoVpRZXNx1YmA/eX4
zc5IGO9WvWC0Ch3+oqO1XwK4YEnKi3hJ/8JJmkNRLypZGBKO7bijD0XS379Q0lwG
NpO0cltJzNhhmcF+mulYFtmEYz6XeKqfdnAms0FPxUnXTl9DA6PVmo1ROzp1R2hT
sbeglhrCuVzcA0g7EkpELabLyC2po30E/7Nuz4IECgkWrVFUHpa7Xe30MlV3pm1D
d6cs7/GJ31PcLdyNxZkzmO37Uwc88ezBf3khaWC9ZlxynOK92BqW101tuk5oeZ+S
WoHpL+uHsaY4WWIJDT3iCwZ0qYzWGW+ZqEOnlx1lODz/phaio89hEGiRsQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJjJV673yw2qvBmwzRbalOe4BB71MB8GA1UdIwQY
MBaAFGDqg4WhT9mWeXiufwbsTdUiKaRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEt
ZjU0NTc3ZjdjYzBmLzEvbU1sWHJ2ZkxEYXE4R2JETkZ0cVU1N2dFSHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEtZjU0NTc3ZjdjYzBm
LzEvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHwNQAwQG
W4kAAwQEbUkQAwQDqyG4AwQCuSYIMA0EAgACMAcDBQAqAiJQMA0GCSqGSIb3DQEB
CwUAA4IBAQCgltsgPcGt5M6MD2ZvGVfqszjn/BKZvLjFo4f6wOdWOh2cEREAIRKr
Q69vgq805g2ss2F6zO2Vq1AdFqkB59dWigrZUzXmme6zI6QisyVhsNpK5AdwQ3F9
0pQmPYN+Qf5X+RWbflYZN8lY103W4EIx+iR/kOu7MVEY91jd62CARFoJ3KWvqcTp
bMkZrIHYcP16lTjUH3TUm2+W6uX9b0oNed1zQ3Cvpv0kOgKm7HcT1lXt2hzwmM7c
wfHwP5XdSOSPpr67eg+1P0D8eb4PjeskSe3BpXOzs/IhN+TPVt5J20zbdh8y1aLl
vn7CSk4K9Hqjypjj/Obmj4og3pQUDgl5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:39 2024 by rpki-client on console-ams.rpki-client.org