Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MK86spCC_uC82VJcdVp2UvGXDhQ.roa
File: MK86spCC_uC82VJcdVp2UvGXDhQ.roa (raw, json)
Hash identifier: 0VQdI0KmxqQ1Rv83LM5V+ZqjTxcPGNfD9dbJsC5dOLQ=
Subject key identifier: 30:AF:3A:B2:90:82:FE:E0:BC:D9:52:5C:75:5A:76:52:F1:97:0E:14
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CB0D1587AA18CACEC36FEE31339EABBE8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MK86spCC_uC82VJcdVp2UvGXDhQ.roa
Signing time: Thu 28 Dec 2023 14:25:58 +0000
ROA not before: Thu 28 Dec 2023 14:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d1:58:7a:a1:8c:ac:ec:36:fe:e3:13:39:ea:bb:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 28 14:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30af3ab29082fee0bcd9525c755a7652f1970e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ba:7f:be:61:9d:a6:a6:a8:a0:57:7b:4d:41:
b2:93:95:4a:85:a0:b3:97:55:19:f8:f2:6c:72:e4:
f0:b0:77:9c:e8:2d:b3:e3:52:e0:21:79:59:6f:f8:
7c:60:23:f4:1d:7d:3f:c3:7f:4c:19:d1:ce:d3:b4:
0a:c7:33:36:29:de:3e:58:81:88:08:b1:ec:2e:f3:
5e:1e:6d:fe:35:c4:16:f0:82:49:8c:4b:4d:84:59:
0b:70:71:a5:9e:95:1e:3f:98:c7:c4:7e:dd:0a:f1:
7e:77:b6:f3:18:86:20:09:58:d0:e5:e4:7e:7b:dd:
7d:2a:59:aa:71:5f:fd:6a:23:4d:fd:2c:a7:30:24:
87:90:5b:21:17:75:0d:97:ca:1e:db:8a:90:66:a1:
be:70:72:cc:13:97:22:28:44:57:9e:4a:b1:67:32:
4e:ec:38:ff:21:77:85:71:0b:71:af:40:68:ea:ad:
a4:48:eb:ad:f4:90:f5:b1:90:c3:d2:f4:66:ce:de:
01:95:76:33:4a:47:38:78:6f:db:f0:e9:35:e5:0c:
b1:05:84:cb:52:da:9c:6b:c0:cf:99:31:5f:e4:62:
7c:d9:d1:1f:b3:4f:3d:e0:a4:65:42:ae:46:03:95:
da:ac:01:8d:2f:d8:db:50:fe:c8:c4:05:0e:e3:bb:
f0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AF:3A:B2:90:82:FE:E0:BC:D9:52:5C:75:5A:76:52:F1:97:0E:14
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MK86spCC_uC82VJcdVp2UvGXDhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
94.156.248.0/24
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:04:72:e7:8c:37:34:19:aa:4c:ee:42:c5:18:a0:c8:35:1d:
e7:67:d7:07:d4:3e:89:3d:fc:75:29:41:eb:24:7d:9b:56:fe:
ff:58:b8:15:1c:e2:f2:ad:2b:4f:37:ef:da:89:fd:2e:52:2a:
f4:da:e3:9a:a6:ef:2d:78:7b:76:42:e8:e0:03:4b:7d:22:89:
ff:d2:bf:91:99:2c:42:cf:e5:f4:9d:af:d2:fa:17:df:2b:9c:
71:7b:74:da:20:33:12:21:45:95:5b:0c:b1:37:af:fe:7c:18:
bd:52:31:83:5e:55:ff:85:2a:de:58:26:bd:9a:1f:7a:f2:50:
f5:a7:a2:e2:1d:d2:59:be:e3:1b:1d:14:aa:7f:9f:b7:17:98:
1c:83:b0:32:57:ab:57:45:c3:ee:cc:94:57:7f:52:07:11:24:
36:d1:4d:86:bd:f2:ee:4d:3c:9f:03:7c:bc:b1:eb:41:49:14:
96:7f:d7:f0:54:b7:73:34:8a:fc:0e:53:80:b1:00:5f:39:2d:
62:0a:bf:14:11:ac:04:78:31:e5:5b:58:2f:b7:73:96:5b:39:
73:bc:ce:c6:f5:39:05:7d:a2:32:6e:62:ae:d1:6b:5c:00:43:
3f:57:c2:4b:17:2c:76:bf:48:dc:7e:af:68:7d:4a:31:9d:6c:
26:a1:7b:72
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYyw0Vh6oYys7Db+4xM56rvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI4MTQyNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFmM2FiMjkwODJmZWUwYmNkOTUyNWM3NTVhNzY1MmYxOTcwZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbp/vmGdpqaooFd7TUGyk5VKhaCz
l1UZ+PJscuTwsHec6C2z41LgIXlZb/h8YCP0HX0/w39MGdHO07QKxzM2Kd4+WIGI
CLHsLvNeHm3+NcQW8IJJjEtNhFkLcHGlnpUeP5jHxH7dCvF+d7bzGIYgCVjQ5eR+
e919KlmqcV/9aiNN/SynMCSHkFshF3UNl8oe24qQZqG+cHLME5ciKERXnkqxZzJO
7Dj/IXeFcQtxr0Bo6q2kSOut9JD1sZDD0vRmzt4BlXYzSkc4eG/b8Ok15QyxBYTL
Utqca8DPmTFf5GJ82dEfs0894KRlQq5GA5XarAGNL9jbUP7IxAUO47vw5wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFDCvOrKQgv7gvNlSXHVadlLxlw4UMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTUs4NnNwQ0NfdUM4MlZKY2RWcDJVdkdYRGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJYuCAwQA
LYFUAwQALY2eAwQAT249AwQAUaHvAwQBV3l8AwQAV3miAwQCW8jAAwQAXpz4MAwD
BACrFhEDBACrFhIDBACrFh8DBADBGdgDBADBIxMwDQYJKoZIhvcNAQELBQADggEB
AHsEcueMNzQZqkzuQsUYoMg1Hedn1wfUPok9/HUpQeskfZtW/v9YuBUc4vKtK083
79qJ/S5SKvTa45qm7y14e3ZC6OADS30iif/Sv5GZLELP5fSdr9L6F98rnHF7dNog
MxIhRZVbDLE3r/58GL1SMYNeVf+FKt5YJr2aH3ryUPWnouId0lm+4xsdFKp/n7cX
mByDsDJXq1dFw+7MlFd/UgcRJDbRTYa98u5NPJ8DfLyx60FJFJZ/1/BUt3M0ivwO
U4CxAF85LWIKvxQRrAR4MeVbWC+3c5ZbOXO8zsb1OQV9ojJuYq7Ra1wAQz9XwksX
LHa/SNx+r2h9SjGdbCahe3I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:10 2024 by rpki-client on console-ams.rpki-client.org