Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mB5Zw-0YX7pHhiopopjiAVMwk-4.roa
File: mB5Zw-0YX7pHhiopopjiAVMwk-4.roa (raw, json)
Hash identifier: g9CuZHNrMcTEA6TDOipdZpGXjhdO9pv1K5Y3OMR3HyU=
Subject key identifier: 98:1E:59:C3:ED:18:5F:BA:47:86:2A:29:A2:98:E2:01:53:30:93:EE
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 01856E2FA1DB6134AF6707EE870F7123B4BC
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mB5Zw-0YX7pHhiopopjiAVMwk-4.roa
Signing time: Sun 01 Jan 2023 16:34:53 +0000
ROA not before: Sun 01 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204601
IP address blocks: 185.224.215.0/24 maxlen: 24
185.80.234.0/24 maxlen: 24
80.89.228.0/23 maxlen: 23
80.89.230.0/24 maxlen: 24
80.89.234.0/23 maxlen: 23
80.89.238.0/23 maxlen: 23
80.89.237.0/24 maxlen: 24
85.208.186.0/24 maxlen: 24
85.208.184.0/22 maxlen: 22
85.208.184.0/24 maxlen: 24
85.208.185.0/24 maxlen: 24
85.208.187.0/24 maxlen: 24
185.92.148.0/22 maxlen: 24
89.105.213.0/24 maxlen: 24
89.105.217.0/24 maxlen: 24
45.14.13.0/24 maxlen: 24
45.14.12.0/24 maxlen: 24
45.14.14.0/24 maxlen: 24
45.14.15.0/24 maxlen: 24
80.89.224.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:a1:db:61:34:af:67:07:ee:87:0f:71:23:b4:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Jan 1 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981e59c3ed185fba47862a29a298e201533093ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:2b:20:1e:5c:c0:b7:56:21:5d:4b:7d:71:
3b:c9:ac:f1:32:08:8c:53:64:cd:f5:77:09:31:2d:
78:f0:a6:f5:df:ae:ea:93:f8:4f:59:98:c3:5b:dd:
cc:20:24:97:b3:ce:65:c2:28:e8:e8:9a:82:5b:8a:
7e:a5:c7:22:77:8d:87:f2:3c:6f:b0:fb:c6:f8:b9:
65:4d:3f:f0:94:d3:f1:41:76:3a:e6:fd:8a:20:69:
0b:21:9f:78:a1:f2:18:e4:9e:f9:99:69:fb:58:43:
b8:f8:76:c0:69:23:55:ac:b4:a8:10:8d:e0:0e:84:
02:8f:99:09:05:9a:ba:a4:b8:bf:1b:b5:27:7d:67:
22:ab:ba:77:64:dc:c0:78:0c:45:87:ff:ea:b3:58:
17:11:44:ca:f6:f5:b2:59:ef:92:46:73:7f:30:52:
84:c0:4c:fc:bf:a0:22:a4:4d:07:4b:35:86:bd:ee:
14:32:9b:0b:d6:81:90:9b:11:69:d9:af:e6:ff:37:
8c:74:68:5b:be:4e:b9:35:51:a1:da:12:d2:f7:43:
62:8b:21:53:f5:a8:42:e4:d5:9b:9f:09:c7:84:cd:
76:9a:da:0a:77:a2:bc:a3:85:31:b6:60:f5:2f:ce:
8a:68:e7:fe:ba:af:ec:9b:94:21:ac:58:ae:10:44:
83:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1E:59:C3:ED:18:5F:BA:47:86:2A:29:A2:98:E2:01:53:30:93:EE
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/mB5Zw-0YX7pHhiopopjiAVMwk-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.12.0/22
80.89.224.0-80.89.230.255
80.89.234.0/23
80.89.237.0-80.89.239.255
85.208.184.0/22
89.105.213.0/24
89.105.217.0/24
185.80.234.0/24
185.92.148.0/22
185.224.215.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:1f:a6:10:07:08:a1:99:67:98:18:ca:97:f9:39:77:8d:26:
75:ef:66:e1:29:45:bb:14:cb:32:9c:bb:f2:0e:ae:74:9f:fc:
8e:a9:8d:9b:4e:da:ea:86:7f:12:3c:6a:58:71:a5:a8:d3:e6:
4d:3e:97:7c:44:0a:01:8f:5b:e2:5b:6c:4b:bf:80:1c:2f:95:
46:5f:31:49:b1:4a:76:22:4c:7e:50:6e:bc:29:81:0e:62:24:
3d:05:a9:90:70:17:50:0d:dd:94:4a:ed:a3:3b:ec:fd:ff:34:
1f:66:33:4b:99:0c:5e:d1:e9:a0:f3:ed:24:2a:f3:15:d1:07:
62:8b:ea:2f:e8:04:61:71:2e:13:1f:09:23:5a:86:cc:ae:65:
9e:14:8d:c5:48:b1:cf:0a:44:c2:17:40:68:07:f4:f4:fa:4d:
c5:62:c7:88:54:cf:44:bb:47:ec:39:1c:7c:de:29:84:87:40:
0e:ca:91:1b:17:45:30:4a:8f:ef:88:d5:d7:31:90:26:42:9f:
2e:1b:37:0f:0b:01:db:6b:80:79:1a:99:f1:20:b2:fb:07:4f:
5f:d4:85:48:0f:6c:a4:98:b7:50:f9:61:6b:c3:0e:53:e5:f3:
6f:26:d5:6c:19:72:36:44:c8:42:31:f3:a5:78:e1:8f:be:4e:
b8:6e:62:c6
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVuL6HbYTSvZwfuhw9xI7S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTBlMGFlZTFlY2MzMTA2NmNiNzQ0ZjhhN2ZlZWRlZmIz
Zjc5MzAwHhcNMjMwMTAxMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODFlNTljM2VkMTg1ZmJhNDc4NjJhMjlhMjk4ZTIwMTUzMzA5M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE8rIB5cwLdWIV1LfXE7yazxMgiM
U2TN9XcJMS148Kb1367qk/hPWZjDW93MICSXs85lwijo6JqCW4p+pccid42H8jxv
sPvG+LllTT/wlNPxQXY65v2KIGkLIZ94ofIY5J75mWn7WEO4+HbAaSNVrLSoEI3g
DoQCj5kJBZq6pLi/G7UnfWciq7p3ZNzAeAxFh//qs1gXEUTK9vWyWe+SRnN/MFKE
wEz8v6AipE0HSzWGve4UMpsL1oGQmxFp2a/m/zeMdGhbvk65NVGh2hLS90NiiyFT
9ahC5NWbnwnHhM12mtoKd6K8o4UxtmD1L86KaOf+uq/sm5QhrFiuEESDdwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJgeWcPtGF+6R4YqKaKY4gFTMJPuMB8GA1UdIwQY
MBaAFNyQ4K7h7MMQZst0T4p/7t77P3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYt
MDBiY2Q5YjkxYzFiLzEvbUI1WnctMFlYN3BIaGlvcG9wamlBVk13ay00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84N2IyNjctNDljMi00MjY5LTlmNjYtMDBiY2Q5YjkxYzFi
LzEvM0pEZ3J1SHN3eEJteTNSUGluX3UzdnNfZVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCLQ4MMAwD
BAVQWeADBABQWeYDBAFQWeowDAMEAFBZ7QMEBFBZ4AMEAlXQuAMEAFlp1QMEAFlp
2QMEALlQ6gMEArlclAMEALng1zANBgkqhkiG9w0BAQsFAAOCAQEAzh+mEAcIoZln
mBjKl/k5d40mde9m4SlFuxTLMpy78g6udJ/8jqmNm07a6oZ/EjxqWHGlqNPmTT6X
fEQKAY9b4ltsS7+AHC+VRl8xSbFKdiJMflBuvCmBDmIkPQWpkHAXUA3dlErtozvs
/f80H2YzS5kMXtHpoPPtJCrzFdEHYovqL+gEYXEuEx8JI1qGzK5lnhSNxUixzwpE
whdAaAf09PpNxWLHiFTPRLtH7DkcfN4phIdADsqRGxdFMEqP74jV1zGQJkKfLhs3
DwsB22uAeRqZ8SCy+wdPX9SFSA9spJi3UPlha8MOU+XzbybVbBlyNkTIQjHzpXjh
j75OuG5ixg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:38 2024 by rpki-client on console-fra.rpki-client.org