Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mCHmnAiuWGnjAgnKoD6lmfdqlPY.roa
File: mCHmnAiuWGnjAgnKoD6lmfdqlPY.roa (raw, json)
Hash identifier: qof1o/9vDgYggLF5P0WtzYY6k7bLimnBh8LxA1iOW6g=
Subject key identifier: 98:21:E6:9C:08:AE:58:69:E3:02:09:CA:A0:3E:A5:99:F7:6A:94:F6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018A2BC3151C7F6D4F285CA85573692A174C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mCHmnAiuWGnjAgnKoD6lmfdqlPY.roa
Signing time: Fri 25 Aug 2023 08:15:19 +0000
ROA not before: Fri 25 Aug 2023 08:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/22 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:c3:15:1c:7f:6d:4f:28:5c:a8:55:73:69:2a:17:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 25 08:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9821e69c08ae5869e30209caa03ea599f76a94f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ed:92:50:0d:17:50:63:07:11:68:93:c2:96:
bc:35:a6:54:94:26:eb:3e:6b:e7:38:b9:c0:88:8a:
30:80:6e:99:87:48:3a:88:91:68:3a:89:06:59:8f:
8f:10:3a:8a:85:71:9b:d5:79:b8:41:f8:a0:15:ee:
87:89:67:30:4d:f1:e9:5d:93:44:11:51:1e:6d:ae:
ea:0b:43:b4:c7:49:2f:c8:c5:f1:5c:33:b0:dc:c2:
11:2a:82:5c:3e:7b:95:85:6d:07:a5:45:92:dc:99:
d8:bb:f0:8c:3f:01:15:70:c7:55:7f:72:08:89:56:
ad:e3:7f:38:d9:9a:d4:c4:2f:e5:8a:cf:e2:69:f2:
b0:b3:64:7d:fe:13:f9:56:9e:dd:ef:b4:88:f4:70:
0e:82:61:13:72:b0:9d:42:ef:04:4e:ee:04:ba:d6:
a9:be:05:73:b0:d5:b3:61:6e:32:35:22:9f:5a:1f:
94:54:90:3c:d6:8e:72:ff:6f:2d:6f:b3:15:f7:7b:
f6:aa:37:c0:ca:81:9e:a0:30:1d:4e:6c:91:9b:bf:
74:31:79:18:27:5b:83:75:74:90:33:d1:4a:d0:a8:
be:67:ee:6e:c8:29:09:ad:c5:3a:61:18:ec:cb:b6:
76:a2:01:b6:2d:f8:27:14:27:28:80:53:e6:25:1f:
52:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:21:E6:9C:08:AE:58:69:E3:02:09:CA:A0:3E:A5:99:F7:6A:94:F6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mCHmnAiuWGnjAgnKoD6lmfdqlPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/23
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/23
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.242.96.0/22
195.62.24.0/24
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
ba:95:3f:dd:32:ee:c3:2b:de:86:86:15:85:22:2a:c7:1c:d6:
2a:7a:f4:a4:a8:72:fb:ee:bb:d7:c0:8f:14:86:a7:5b:ad:c6:
af:0e:ac:97:21:43:41:02:fd:a1:ad:80:9a:ad:23:86:c1:ea:
ea:14:a9:6c:d0:c9:ce:38:ad:01:aa:fe:1b:55:85:59:b2:d0:
98:46:7b:a3:80:d3:da:56:ba:05:35:7c:91:a1:27:f4:f0:68:
29:85:20:6a:8a:7f:9f:c5:8b:aa:be:64:50:6e:ff:ab:2b:e5:
c5:09:52:c1:87:2c:65:ef:b9:72:12:9c:20:58:62:fa:04:59:
b5:a6:40:ee:92:6b:18:e8:0e:0a:22:4a:14:ac:d8:eb:56:b0:
8d:82:01:bd:c6:39:66:00:b2:ff:2f:fc:db:00:30:f6:cb:bd:
dd:03:17:0b:31:7b:f7:1c:f5:45:11:a3:7c:03:cc:ba:e0:de:
d9:3e:d4:70:89:79:c3:67:13:d8:cd:12:ee:22:74:f5:f4:17:
70:c0:39:87:af:65:1e:d0:53:ff:d2:e0:27:9a:a8:82:3e:6a:
60:90:8a:e9:41:e0:c1:d1:e3:8f:1a:94:0a:5e:77:9f:9d:61:
b5:a8:96:3a:df:4b:57:bd:27:14:31:81:19:47:18:89:1f:99:
4d:e7:91:66
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYorwxUcf21PKFyoVXNpKhdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwODI1MDgxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIxZTY5YzA4YWU1ODY5ZTMwMjA5Y2FhMDNlYTU5OWY3NmE5NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhe2SUA0XUGMHEWiTwpa8NaZUlCbr
PmvnOLnAiIowgG6Zh0g6iJFoOokGWY+PEDqKhXGb1Xm4QfigFe6HiWcwTfHpXZNE
EVEeba7qC0O0x0kvyMXxXDOw3MIRKoJcPnuVhW0HpUWS3JnYu/CMPwEVcMdVf3II
iVat43842ZrUxC/lis/iafKws2R9/hP5Vp7d77SI9HAOgmETcrCdQu8ETu4Eutap
vgVzsNWzYW4yNSKfWh+UVJA81o5y/28tb7MV93v2qjfAyoGeoDAdTmyRm790MXkY
J1uDdXSQM9FK0Ki+Z+5uyCkJrcU6YRjsy7Z2ogG2LfgnFCcogFPmJR9SjwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFJgh5pwIrlhp4wIJyqA+pZn3apT2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbUNIbW5BaXVXR25qQWduS29ENmxtZmRxbFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBkwQCAAEwgYwDBAIC
OGwDBAAFtVcDBAAtCR0DBAItUXADBAAtWIgDBAEtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAS2Q1AMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AsEe8AMEAME5KQMEAME5KwMEAsLyYAMEAMM+GAMEAsOxXAMEAsPTvDApBAIAAjAj
AwUAKgFxIAMFAyoHkgADBQMqDKWAAwUDKhDfwAMFAyoRBYAwDQYJKoZIhvcNAQEL
BQADggEBALqVP90y7sMr3oaGFYUiKscc1ip69KSocvvuu9fAjxSGp1utxq8OrJch
Q0EC/aGtgJqtI4bB6uoUqWzQyc44rQGq/htVhVmy0JhGe6OA09pWugU1fJGhJ/Tw
aCmFIGqKf5/Fi6q+ZFBu/6sr5cUJUsGHLGXvuXISnCBYYvoEWbWmQO6SaxjoDgoi
ShSs2OtWsI2CAb3GOWYAsv8v/NsAMPbLvd0DFwsxe/cc9UURo3wDzLrg3tk+1HCJ
ecNnE9jNEu4idPX0F3DAOYevZR7QU//S4CeaqII+amCQiulB4MHR448alAped5+d
YbWoljrfS1e9JxQxgRlHGIkfmU3nkWY=
-----END CERTIFICATE-----
Generated at Sat Aug 26 09:48:58 2023 by rpki-client on console-fra.rpki-client.org