Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mjsaH70oEPFzJr8iDAon-0IXypE.roa
File: mjsaH70oEPFzJr8iDAon-0IXypE.roa (raw, json)
Hash identifier: WmmLJfAa68G/4WoF0bIGi59RkcZlo3/q2OrcwoF66Z0=
Subject key identifier: 9A:3B:1A:1F:BD:28:10:F1:73:26:BF:22:0C:0A:27:FB:42:17:CA:91
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F02307A4C12F4215ED68416C062A52E
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mjsaH70oEPFzJr8iDAon-0IXypE.roa
Signing time: Sun 01 Jan 2023 20:24:52 +0000
ROA not before: Sun 01 Jan 2023 20:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.58.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:30:7a:4c:12:f4:21:5e:d6:84:16:c0:62:a5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a3b1a1fbd2810f17326bf220c0a27fb4217ca91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ad:83:6e:7c:a7:64:3d:cd:9b:f9:a8:d3:68:
2d:9c:00:85:0d:58:01:0b:84:b4:42:f3:89:e9:a9:
c8:1b:b9:c7:2e:d7:d1:95:e9:af:a6:f4:72:8c:74:
71:70:55:66:a8:7c:67:a1:f1:78:d7:44:78:d6:22:
f6:36:ef:78:ae:19:85:68:f3:43:44:01:08:e3:5e:
7b:e8:76:c2:52:94:d7:c1:a7:c5:11:5d:1a:2c:2c:
44:7a:8b:a3:78:7c:2d:3b:c9:d2:de:04:ab:49:cd:
eb:c3:76:4f:d2:3e:32:1a:5a:18:14:ef:df:16:71:
52:54:83:ea:2f:a3:f9:de:e0:d9:3f:27:e8:f9:12:
da:fb:3c:e1:ae:31:21:f3:a8:3c:c3:8c:7b:79:2b:
18:6f:16:e8:4a:be:a7:17:bf:40:42:c1:86:0a:61:
c8:3c:6b:3e:59:ed:ff:87:b3:ea:7c:6f:2b:ba:57:
55:d5:ca:ca:04:e6:be:d3:11:5b:3e:1e:65:ae:1f:
ce:fa:12:fb:7b:eb:ef:31:fb:35:0d:b4:dd:36:a0:
f9:3a:06:1c:fb:e0:99:d9:3d:6d:b4:c1:64:28:0f:
a5:b5:7e:4e:76:02:83:ab:07:fc:da:79:eb:b2:dc:
3d:00:24:a6:5e:9f:d8:ea:c0:63:df:c2:59:c9:f6:
a0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3B:1A:1F:BD:28:10:F1:73:26:BF:22:0C:0A:27:FB:42:17:CA:91
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/mjsaH70oEPFzJr8iDAon-0IXypE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
a2:a0:6d:37:8d:e3:22:16:9e:b8:e0:5b:50:a4:61:0a:c9:0c:
09:8d:18:00:43:8c:ce:aa:c2:f6:ed:9d:6c:cf:4d:d0:53:6f:
bb:2b:bb:46:89:bb:a1:55:c1:f7:42:26:51:3b:c6:93:74:f7:
bf:1b:32:74:a2:25:21:db:6d:f0:e9:fa:a6:1f:52:a1:c4:3f:
84:cd:dc:12:af:60:c9:65:b5:07:3a:9c:cd:48:31:f6:27:d1:
3b:4a:45:3c:24:27:d3:57:db:09:e8:92:2d:71:29:65:80:84:
a9:32:c4:ef:97:3f:3b:99:2e:62:ca:27:25:f9:8f:65:d7:cf:
88:84:44:19:0c:24:c6:b7:d5:cf:51:37:f5:c3:35:aa:8e:5f:
1d:ec:d4:04:75:cc:cc:1b:90:13:f6:48:3a:02:78:93:4b:ed:
79:32:f6:41:49:46:93:bb:91:ba:af:07:9c:13:c0:e3:54:6a:
11:dc:da:80:2b:16:fe:b8:d7:86:c7:76:8a:80:7b:0a:da:63:
ed:27:f6:e9:61:23:5e:0d:ae:03:12:c3:eb:1a:fd:3b:e1:53:
c2:d7:f0:a9:46:1e:74:94:40:ca:b2:92:1a:52:ce:08:cc:ce:
ea:a1:e6:5a:b1:b9:4d:41:6d:d5:4d:5e:4a:2f:1f:f3:1e:24:
90:c2:24:fc
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVvAjB6TBL0IV7WhBbAYqUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNiMWExZmJkMjgxMGYxNzMyNmJmMjIwYzBhMjdmYjQyMTdjYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq2DbnynZD3Nm/mo02gtnACFDVgB
C4S0QvOJ6anIG7nHLtfRlemvpvRyjHRxcFVmqHxnofF410R41iL2Nu94rhmFaPND
RAEI41576HbCUpTXwafFEV0aLCxEeoujeHwtO8nS3gSrSc3rw3ZP0j4yGloYFO/f
FnFSVIPqL6P53uDZPyfo+RLa+zzhrjEh86g8w4x7eSsYbxboSr6nF79AQsGGCmHI
PGs+We3/h7PqfG8ruldV1crKBOa+0xFbPh5lrh/O+hL7e+vvMfs1DbTdNqD5OgYc
++CZ2T1ttMFkKA+ltX5OdgKDqwf82nnrstw9ACSmXp/Y6sBj38JZyfagxwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJo7Gh+9KBDxcya/IgwKJ/tCF8qRMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvbWpzYUg3MG9FUEZ6SnI4aURBb24tMElYeXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCioG03jeMiFp644FtQpGEKyQwJjRgAQ4zOqsL27Z1sz03QU2+7K7tGibuhVcH3
QiZRO8aTdPe/GzJ0oiUh223w6fqmH1KhxD+EzdwSr2DJZbUHOpzNSDH2J9E7SkU8
JCfTV9sJ6JItcSllgISpMsTvlz87mS5iyicl+Y9l18+IhEQZDCTGt9XPUTf1wzWq
jl8d7NQEdczMG5AT9kg6AniTS+15MvZBSUaTu5G6rwecE8DjVGoR3NqAKxb+uNeG
x3aKgHsK2mPtJ/bpYSNeDa4DEsPrGv074VPC1/CpRh50lEDKspIaUs4IzM7qoeZa
sblNQW3VTV5KLx/zHiSQwiT8
-----END CERTIFICATE-----
Generated at Tue Sep 12 09:13:37 2023 by rpki-client on console-fra.rpki-client.org