Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa
File: MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa (raw, json)
Hash identifier: WRqhYeOYtZzxMxVYSSzG7QWed/lXdzSPRq7z13nGNCw=
Subject key identifier: 31:89:57:18:4D:C7:65:98:7D:C6:B5:66:8E:6D:1B:E4:B3:CB:FC:A1
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 01878C796FA0461F76FB6CC1DA17F69FB845
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa
Signing time: Sun 16 Apr 2023 23:49:41 +0000
ROA not before: Sun 16 Apr 2023 23:49:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.41.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8c:79:6f:a0:46:1f:76:fb:6c:c1:da:17:f6:9f:b8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Apr 16 23:49:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=318957184dc765987dc6b5668e6d1be4b3cbfca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:98:08:fc:de:2c:3f:4d:44:23:e0:2b:f1:ae:
da:c3:d5:03:84:77:03:4b:97:4e:4e:75:80:29:87:
f6:0c:43:91:28:59:01:26:c0:5c:90:dc:41:c6:0d:
cc:2e:ca:31:48:5e:f7:da:36:40:bb:e2:1d:09:ea:
b7:0e:32:3b:56:a1:1c:43:57:f9:58:53:88:02:90:
a9:71:84:a5:51:14:75:52:81:e9:d4:7a:55:d3:92:
aa:2c:08:e4:9f:a2:e7:0b:83:0b:88:ad:7f:23:1d:
37:99:42:5c:bd:85:1f:0f:a9:c6:e8:e8:d6:00:4f:
94:16:87:24:9d:85:f7:ed:b9:ee:ad:ca:2c:06:6a:
00:a2:00:bf:ed:c6:04:27:ab:8f:b9:07:f0:a7:ef:
7b:91:68:59:c2:1b:a2:2d:1b:45:96:e7:05:f1:92:
9f:ef:e4:cd:29:0f:b5:dd:91:2b:2e:bc:99:bd:9e:
57:f6:e3:40:d4:1d:52:d5:42:2e:8c:ca:b1:5d:df:
35:6b:6d:d6:37:31:ba:24:59:7a:2c:92:e4:c7:00:
4e:5b:a9:94:88:9f:b0:c9:b0:65:ab:28:e7:7b:a3:
74:50:33:cc:1d:69:7f:f4:b5:8f:ab:a5:6d:be:e6:
82:2a:f0:cc:82:b0:65:bb:4d:d3:70:e7:03:8e:18:
1b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:89:57:18:4D:C7:65:98:7D:C6:B5:66:8E:6D:1B:E4:B3:CB:FC:A1
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/MYlXGE3HZZh9xrVmjm0b5LPL_KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
7f:12:f3:84:b4:d4:ee:c5:0d:aa:00:1f:32:fb:b6:5b:1a:e2:
ba:fb:e9:e3:a6:09:30:cb:41:10:4f:af:87:b2:85:38:86:a4:
16:6e:d8:c8:59:2e:84:67:22:b9:62:83:cd:a3:06:68:88:47:
f0:06:ce:d4:4a:19:dc:25:12:0f:16:a2:3e:fd:33:bc:e2:ed:
2d:30:87:e1:9d:38:f0:4f:34:72:3e:76:d5:87:fc:4a:e1:a0:
f0:45:da:f0:e1:67:14:a2:e8:28:b0:a0:31:44:db:21:a2:27:
9f:72:8a:8f:36:6f:cb:61:0d:70:6a:da:e4:26:35:ba:23:7d:
2e:62:d0:05:c1:8c:d1:59:6d:65:c6:36:42:f4:d4:35:fe:66:
de:a0:12:b6:6c:e5:b7:a8:7a:a3:2f:ce:43:48:7c:10:c4:da:
e8:aa:75:5e:39:6d:60:61:43:71:e9:8f:d9:e0:bf:24:bf:14:
8f:51:f6:ac:f0:92:fc:bd:9f:f9:79:c4:00:67:0d:47:aa:ec:
2d:fd:5b:35:19:bf:3d:04:08:88:dc:7d:e6:29:14:bf:f8:87:
42:e7:3f:da:01:15:c3:54:b1:dc:d7:0c:ce:eb:27:1b:c3:34:
20:45:6d:16:6e:16:6b:a4:27:a7:bd:99:03:b9:ba:22:ff:2d:
ca:6b:47:f2
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAYeMeW+gRh92+2zB2hf2n7hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjMwNDE2MjM0OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg5NTcxODRkYzc2NTk4N2RjNmI1NjY4ZTZkMWJlNGIzY2JmY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZgI/N4sP01EI+Ar8a7aw9UDhHcD
S5dOTnWAKYf2DEORKFkBJsBckNxBxg3MLsoxSF732jZAu+IdCeq3DjI7VqEcQ1f5
WFOIApCpcYSlURR1UoHp1HpV05KqLAjkn6LnC4MLiK1/Ix03mUJcvYUfD6nG6OjW
AE+UFocknYX37bnurcosBmoAogC/7cYEJ6uPuQfwp+97kWhZwhuiLRtFlucF8ZKf
7+TNKQ+13ZErLryZvZ5X9uNA1B1S1UIujMqxXd81a23WNzG6JFl6LJLkxwBOW6mU
iJ+wybBlqyjne6N0UDPMHWl/9LWPq6VtvuaCKvDMgrBlu03TcOcDjhgbnQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFDGJVxhNx2WYfca1Zo5tG+Szy/yhMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvTVlsWEdFM0haWmg5eHJWbWptMGI1TFBMX0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBnQQCAAEwgZYDBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UDBAJZJoADBABZ
JocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUDBANdcxADBABesLYDBACy
nVIDBAGynVoDBAC5YKMDBAK5qtQDBAC56jQDBAG589YDBAG81HwDBALCIEwDBALC
YxQwKwQCAAIwJQMFACoFgoADBQIqCc1AMA4DBQAqCc1FAwUAKgnNRgMFASoMucAw
DQYJKoZIhvcNAQELBQADggEBAH8S84S01O7FDaoAHzL7tlsa4rr76eOmCTDLQRBP
r4eyhTiGpBZu2MhZLoRnIrlig82jBmiIR/AGztRKGdwlEg8Woj79M7zi7S0wh+Gd
OPBPNHI+dtWH/ErhoPBF2vDhZxSi6CiwoDFE2yGiJ59yio82b8thDXBq2uQmNboj
fS5i0AXBjNFZbWXGNkL01DX+Zt6gErZs5beoeqMvzkNIfBDE2uiqdV45bWBhQ3Hp
j9ngvyS/FI9R9qzwkvy9n/l5xABnDUeq7C39WzUZvz0ECIjcfeYpFL/4h0LnP9oB
FcNUsdzXDM7rJxvDNCBFbRZuFmukJ6e9mQO5uiL/LcprR/I=
-----END CERTIFICATE-----
Generated at Wed Sep 27 01:04:40 2023 by rpki-client on console-ams.rpki-client.org