Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/MX6081pbADxSe4Eil-6969VD2U8.roa
File: MX6081pbADxSe4Eil-6969VD2U8.roa (raw, json)
Hash identifier: 2OzRfWxNhNF5mqArohHmBXZGD8c+zi8R/isSXmW3J2o=
Subject key identifier: 31:7E:B4:F3:5A:5B:00:3C:52:7B:81:22:97:EE:BD:EB:D5:43:D9:4F
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018A836693E98F3BA24E5C0D9F29330EA767
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/MX6081pbADxSe4Eil-6969VD2U8.roa
Signing time: Mon 11 Sep 2023 08:40:52 +0000
ROA not before: Mon 11 Sep 2023 08:40:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
62.244.117.0/24 maxlen: 24
212.106.96.0/19 maxlen: 19
91.90.96.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
82.210.0.0/19 maxlen: 19
195.15.128.0/18 maxlen: 18
185.81.52.0/22 maxlen: 22
185.5.108.0/22 maxlen: 22
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
62.244.89.0/24 maxlen: 24
178.16.160.0/20 maxlen: 20
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
95.141.96.0/20 maxlen: 20
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:66:93:e9:8f:3b:a2:4e:5c:0d:9f:29:33:0e:a7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Sep 11 08:40:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317eb4f35a5b003c527b812297eebdebd543d94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:46:5b:df:d2:6c:24:db:86:ba:b8:7b:08:4d:
3c:5f:77:d4:ce:be:09:1a:d9:00:91:98:13:74:ad:
c2:65:fc:e2:7b:48:8f:9b:e7:e1:2a:8f:81:bc:79:
fc:9b:1d:33:af:30:c4:2c:a2:9b:b0:55:45:b0:66:
c7:51:84:b0:ad:7d:13:bd:ca:dc:e7:b1:c1:ab:8b:
b6:a5:10:59:2d:fb:d6:4b:f7:c8:d5:83:3e:78:6e:
eb:00:51:38:89:c6:e7:46:0d:b8:25:2a:2a:b8:4f:
29:79:23:6b:87:24:35:ea:1c:e8:e2:e3:a6:20:54:
13:6a:93:40:ac:68:fb:1b:1f:ef:e9:dc:12:a7:c7:
2d:aa:46:41:a4:90:a1:11:31:b2:87:4c:1d:a8:21:
70:4f:ea:f0:db:07:1f:18:ca:3e:04:81:37:e7:64:
9b:2b:09:df:71:22:2c:b1:7b:3e:f1:45:9b:02:bb:
27:e1:3d:7f:3c:ff:d7:ce:07:b9:95:b3:d8:9f:32:
1d:a9:1d:7c:d2:cc:63:b3:c6:61:ef:27:db:09:5d:
05:12:86:f8:32:c0:6b:da:ed:94:9c:6f:ce:43:f2:
87:5a:90:8c:4c:21:2c:c8:1b:e0:7a:f5:1a:a0:7e:
34:6b:e1:a6:13:db:9b:94:e0:01:42:35:c2:5b:bf:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7E:B4:F3:5A:5B:00:3C:52:7B:81:22:97:EE:BD:EB:D5:43:D9:4F
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/MX6081pbADxSe4Eil-6969VD2U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.89.0/24
62.244.117.0/24
78.31.40.0/21
78.109.240.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.5.108.0/22
185.41.4.0/22
185.81.52.0/22
195.15.128.0/18
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
8a:06:97:64:a2:92:92:db:43:fc:b5:93:8c:da:69:d5:63:0c:
9d:d8:3f:7c:69:c4:d9:0e:00:d8:eb:68:ea:dd:e2:17:9e:ed:
08:66:f0:34:04:73:a3:eb:47:98:0e:a6:b5:dd:3c:ff:26:76:
40:0b:4f:2a:09:1b:87:6d:5d:89:e9:df:11:00:bc:51:d8:cc:
77:e4:1b:1f:90:33:b4:d1:6f:f8:0e:69:05:06:6e:7a:f1:96:
28:82:6d:ac:84:be:72:99:47:f4:7b:63:6f:a1:83:cf:20:c4:
ed:0a:ef:9f:36:5a:ed:63:22:61:d5:10:64:7c:e1:f3:0d:71:
42:83:39:d5:b7:84:66:e7:f0:15:dc:2a:29:50:54:6b:c3:29:
0f:01:17:17:49:34:b1:d8:2e:8e:05:54:40:b2:81:b4:80:1c:
cb:96:b2:11:a0:78:e0:6c:af:c2:5c:01:68:6f:e4:41:75:ab:
ef:62:ca:13:ba:ee:8d:75:94:a3:5d:48:dd:6f:71:d3:4a:fa:
af:78:86:86:2f:de:41:d4:c6:01:25:54:c0:fc:c9:31:b0:73:
19:39:c1:69:b4:29:e2:df:ff:d9:0e:a2:94:05:86:62:74:89:
7b:bf:21:cc:56:39:f3:12:70:e7:28:79:5f:ee:44:0a:91:16:
47:27:e5:d9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYqDZpPpjzuiTlwNnykzDqdnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwOTExMDg0MDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdlYjRmMzVhNWIwMDNjNTI3YjgxMjI5N2VlYmRlYmQ1NDNkOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40Zb39JsJNuGurh7CE08X3fUzr4J
GtkAkZgTdK3CZfzie0iPm+fhKo+BvHn8mx0zrzDELKKbsFVFsGbHUYSwrX0Tvcrc
57HBq4u2pRBZLfvWS/fI1YM+eG7rAFE4icbnRg24JSoquE8peSNrhyQ16hzo4uOm
IFQTapNArGj7Gx/v6dwSp8ctqkZBpJChETGyh0wdqCFwT+rw2wcfGMo+BIE352Sb
KwnfcSIssXs+8UWbArsn4T1/PP/Xzge5lbPYnzIdqR180sxjs8Zh7yfbCV0FEob4
MsBr2u2UnG/OQ/KHWpCMTCEsyBvgevUaoH40a+GmE9ublOABQjXCW7+BzwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFDF+tPNaWwA8UnuBIpfuvevVQ9lPMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvTVg2MDgxcGJBRHhTZTRFaWwtNjk2OVZEMlU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljB+BAIAATB4AwQCBYVE
AwQFPsEgAwQAPvRZAwQAPvR1AwQDTh8oAwQETm3wAwQGUtIAAwQFU3bAAwQDU46Q
AwQDW1pgAwQEXuSwAwQEX41gAwQFn7TgAwQDsDkgAwQEshCgAwQCuQVsAwQCuSkE
AwQCuVE0AwQGww+AAwQF1GpgMBQEAgACMA4DBQMgAQq4AwUAKgFOADANBgkqhkiG
9w0BAQsFAAOCAQEAigaXZKKSkttD/LWTjNpp1WMMndg/fGnE2Q4A2Oto6t3iF57t
CGbwNARzo+tHmA6mtd08/yZ2QAtPKgkbh21dienfEQC8UdjMd+QbH5AztNFv+A5p
BQZuevGWKIJtrIS+cplH9Htjb6GDzyDE7QrvnzZa7WMiYdUQZHzh8w1xQoM51beE
ZufwFdwqKVBUa8MpDwEXF0k0sdgujgVUQLKBtIAcy5ayEaB44GyvwlwBaG/kQXWr
72LKE7rujXWUo11I3W9x00r6r3iGhi/eQdTGASVUwPzJMbBzGTnBabQp4t//2Q6i
lAWGYnSJe78hzFY58xJw5yh5X+5ECpEWRyfl2Q==
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:11:04 2023 by rpki-client on console-ams.rpki-client.org