Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MYM0bfyZKdMsc1ILbfVPAtK29OU.roa
File: MYM0bfyZKdMsc1ILbfVPAtK29OU.roa (raw, json)
Hash identifier: ppqUlGUVOmD2+2TMzjjHSIeJkT7hTHiA2EklTKI73dc=
Subject key identifier: 31:83:34:6D:FC:99:29:D3:2C:73:52:0B:6D:F5:4F:02:D2:B6:F4:E5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018954A8686903D241F8612C04A7203661C2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MYM0bfyZKdMsc1ILbfVPAtK29OU.roa
Signing time: Fri 14 Jul 2023 13:47:50 +0000
ROA not before: Fri 14 Jul 2023 13:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
45.88.136.0/23 maxlen: 24
85.209.122.0/23 maxlen: 24
194.242.97.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:a8:68:69:03:d2:41:f8:61:2c:04:a7:20:36:61:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 14 13:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3183346dfc9929d32c73520b6df54f02d2b6f4e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:36:77:a8:e8:32:41:8e:b0:37:75:54:df:90:
7c:75:8c:5e:8b:34:a1:d3:8b:dd:7c:56:ea:7a:4d:
b6:87:d1:46:7c:ff:fb:94:1f:05:25:15:1a:bf:ab:
0b:f8:ac:4b:ac:bd:08:0f:1c:82:15:90:7c:0e:a7:
3c:01:7b:85:9c:9f:56:ff:14:18:6f:2e:cf:e5:96:
be:11:d1:b9:0c:f6:46:d6:bb:a3:66:9a:5f:f5:0f:
7e:5f:2f:7a:e0:b1:e4:fe:c5:f8:9d:33:a5:8d:f4:
bf:9c:ec:3b:67:db:70:4e:28:ae:53:4a:6b:3a:88:
6a:fe:32:28:b3:e8:3d:05:de:0d:25:ff:48:71:9d:
06:8e:25:00:29:12:41:47:bd:60:6f:19:7e:0d:73:
d9:1f:f5:c6:d9:a1:11:27:9c:c1:ee:0a:bd:ab:cc:
cd:d3:51:ea:59:02:57:47:4d:95:ab:a8:b9:68:56:
18:8f:db:1a:08:ae:f8:e5:4f:a5:51:9f:cd:19:ed:
ac:40:0f:36:b8:e1:8d:87:ce:37:37:64:57:3f:a3:
b2:6d:0b:a5:f4:82:d1:54:c9:24:7c:63:9c:ed:85:
72:2f:73:a5:19:2b:db:dd:00:10:79:d1:76:6a:4d:
01:3e:1c:2f:9b:ed:98:70:79:90:90:4c:9a:98:fb:
75:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:83:34:6D:FC:99:29:D3:2C:73:52:0B:6D:F5:4F:02:D2:B6:F4:E5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MYM0bfyZKdMsc1ILbfVPAtK29OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
5.181.87.0/24
45.13.189.0-45.13.190.255
45.81.112.0/22
45.88.136.0/23
45.132.181.0-45.132.183.255
45.144.212.0/24
45.151.3.0/24
85.209.122.0/23
194.242.97.0/24
195.177.92.0/23
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
73:db:5e:bd:0a:0d:eb:19:b7:5c:31:c6:db:2a:e3:e3:1b:1e:
08:12:fe:4e:7a:d6:a2:99:ef:a5:6a:01:e5:33:eb:91:27:31:
ae:db:6a:f0:41:ab:1b:83:33:08:b3:c3:d7:10:72:6f:fc:84:
61:e8:0d:8f:41:06:70:e9:f4:62:b5:61:ab:57:0c:32:86:c9:
bc:da:df:d1:ae:84:ed:36:1d:e4:a5:82:0e:07:da:db:6d:2e:
5f:d1:75:ce:ca:5a:9b:2b:93:9a:f7:18:2c:94:4c:79:51:20:
0d:e3:ce:9f:3d:c9:33:cc:ca:c5:ea:e3:2d:bf:ea:53:f2:03:
8c:91:f0:0a:69:34:7d:a6:a7:c6:a6:bc:2e:d8:86:c7:58:1c:
85:87:ff:0b:ff:bd:4d:9f:9d:dc:8e:20:fd:47:d0:e8:32:f0:
4f:72:47:01:13:8d:15:6c:82:34:61:c3:6c:07:49:1e:6d:a5:
38:08:86:5c:7c:8d:a6:9e:8a:77:1b:c5:6b:78:02:5e:f8:c4:
82:47:50:2b:e3:2d:ee:8e:bd:a6:e2:4a:86:87:52:2c:fe:1b:
47:c1:c9:a1:f5:39:40:a9:e8:c6:75:a0:c1:53:86:8a:05:fb:
f3:2f:d7:b4:36:b2:91:53:5e:16:03:d3:90:d8:28:43:48:13:
99:e1:28:b7
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYlUqGhpA9JB+GEsBKcgNmHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwNzE0MTM0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTgzMzQ2ZGZjOTkyOWQzMmM3MzUyMGI2ZGY1NGYwMmQyYjZmNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzZ3qOgyQY6wN3VU35B8dYxeizSh
04vdfFbqek22h9FGfP/7lB8FJRUav6sL+KxLrL0IDxyCFZB8Dqc8AXuFnJ9W/xQY
by7P5Za+EdG5DPZG1rujZppf9Q9+Xy964LHk/sX4nTOljfS/nOw7Z9twTiiuU0pr
Oohq/jIos+g9Bd4NJf9IcZ0GjiUAKRJBR71gbxl+DXPZH/XG2aERJ5zB7gq9q8zN
01HqWQJXR02Vq6i5aFYYj9saCK745U+lUZ/NGe2sQA82uOGNh843N2RXP6OybQul
9ILRVMkkfGOc7YVyL3OlGSvb3QAQedF2ak0BPhwvm+2YcHmQkEyamPt1WwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFDGDNG38mSnTLHNSC231TwLStvTlMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTVlNMGJmeVpLZE1zYzFJTGJmVlBBdEsyOU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBBbVUAwQA
BbVXMAwDBAAtDb0DBAAtDb4DBAItUXADBAEtWIgwDAMEAC2EtQMEAy2EsAMEAC2Q
1AMEAC2XAwMEAVXRegMEAMLyYQMEAcOxXAMEAsPTvDANBgkqhkiG9w0BAQsFAAOC
AQEAc9tevQoN6xm3XDHG2yrj4xseCBL+TnrWopnvpWoB5TPrkScxrttq8EGrG4Mz
CLPD1xByb/yEYegNj0EGcOn0YrVhq1cMMobJvNrf0a6E7TYd5KWCDgfa220uX9F1
zspamyuTmvcYLJRMeVEgDePOnz3JM8zKxerjLb/qU/IDjJHwCmk0faanxqa8LtiG
x1gchYf/C/+9TZ+d3I4g/UfQ6DLwT3JHARONFWyCNGHDbAdJHm2lOAiGXHyNpp6K
dxvFa3gCXvjEgkdQK+Mt7o69puJKhodSLP4bR8HJofU5QKnoxnWgwVOGigX78y/X
tDaykVNeFgPTkNgoQ0gTmeEotw==
-----END CERTIFICATE-----
Generated at Wed Aug 23 11:59:26 2023 by rpki-client on console-ams.rpki-client.org