Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/M5TYS01sJdd7Gzh8sDILFFhYHFQ.roa
File: M5TYS01sJdd7Gzh8sDILFFhYHFQ.roa (raw, json)
Hash identifier: Wc1hNbhASrruAZuub1tiJy8D8niBEUbRnP9rcYOqJ5Q=
Subject key identifier: 33:94:D8:4B:4D:6C:25:D7:7B:1B:38:7C:B0:32:0B:14:58:58:1C:54
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018AD534E1202DE61823CCB82DC47C7DDCD7
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/M5TYS01sJdd7Gzh8sDILFFhYHFQ.roa
Signing time: Wed 27 Sep 2023 05:55:27 +0000
ROA not before: Wed 27 Sep 2023 05:55:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8491
IP address blocks: 82.194.224.0/19 maxlen: 19
82.194.232.0/24 maxlen: 24
82.194.237.0/24 maxlen: 24
81.95.32.0/20 maxlen: 20
81.95.41.0/24 maxlen: 24
81.95.42.0/24 maxlen: 24
89.188.160.0/19 maxlen: 19
81.95.46.0/24 maxlen: 24
87.238.96.0/21 maxlen: 21
87.238.101.0/24 maxlen: 24
2a03:8640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:34:e1:20:2d:e6:18:23:cc:b8:2d:c4:7c:7d:dc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Sep 27 05:55:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3394d84b4d6c25d77b1b387cb0320b1458581c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:fa:bc:e3:e3:ac:54:4d:5b:9b:b9:b4:62:
fb:ba:9e:4f:33:a7:85:03:11:77:61:95:d6:67:63:
6e:77:76:60:35:c7:8a:25:69:51:51:a0:66:52:43:
1c:70:79:fa:cc:79:0b:3f:d6:0d:d2:e0:31:3b:79:
fd:55:69:07:0a:25:38:3e:54:95:56:76:54:32:e3:
aa:5d:98:1c:13:19:d2:39:44:cf:d0:ff:5c:6d:5f:
11:db:48:83:d7:df:08:08:53:25:cf:65:b6:05:4d:
fc:06:52:8e:65:75:c0:ea:1d:5f:db:09:2d:0b:00:
de:cf:08:8d:ed:00:d1:31:53:c8:a6:18:2c:3a:7f:
3c:4c:ae:30:ff:1f:1b:8c:5a:8c:1b:ed:3d:4e:79:
70:93:1e:1e:be:42:e3:02:4a:7c:0e:ea:91:6d:3e:
83:cb:00:91:4b:05:5d:66:e2:a4:b0:4e:d1:70:b0:
8b:dc:89:f8:a0:28:2d:75:70:05:a6:e8:31:f8:1c:
e4:ca:6d:4f:26:96:ea:70:41:79:5e:17:d0:ca:81:
63:93:0b:5a:a3:90:70:c6:4e:55:44:1d:d3:ec:e7:
26:2c:55:fa:e1:71:85:ec:1c:6c:3a:e5:14:51:76:
2a:fc:2c:61:e0:3e:09:71:6c:a8:74:2c:5e:4d:53:
f1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:94:D8:4B:4D:6C:25:D7:7B:1B:38:7C:B0:32:0B:14:58:58:1C:54
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/M5TYS01sJdd7Gzh8sDILFFhYHFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.32.0/20
82.194.224.0/19
87.238.96.0/21
89.188.160.0/19
IPv6:
2a03:8640::/32
Signature Algorithm: sha256WithRSAEncryption
4c:31:35:68:eb:ff:2f:e5:10:a9:10:76:b1:fc:a8:cb:5d:29:
61:15:8f:99:33:b0:23:cc:37:4e:ee:20:7e:b8:05:73:00:e9:
d9:a3:60:8c:33:de:14:36:d9:0c:36:b7:36:11:ce:72:d1:08:
47:6c:ad:b1:e7:2b:e2:b5:58:5b:e0:aa:4d:87:80:60:97:ab:
01:94:cd:c4:31:c5:dc:8a:80:03:5e:bb:41:29:20:18:40:f8:
c6:cc:55:6f:0f:16:c1:a9:e5:23:f0:41:0f:c3:3b:43:47:e5:
71:90:9e:f0:a6:64:64:fe:91:b7:94:4e:a2:cb:a8:d4:0d:1a:
3c:74:b8:10:f3:30:10:0e:df:85:95:c2:ce:10:17:b6:a3:73:
4d:fa:e0:5d:ff:1f:b2:6d:18:3f:30:6b:cb:26:5f:aa:e7:ce:
9c:02:3b:f3:81:16:95:ad:82:82:f3:27:59:94:a0:b7:17:b2:
70:43:68:5b:9f:11:86:3e:dc:61:de:0e:bc:3c:47:b5:b8:c4:
e0:e1:2e:98:4d:ba:56:2c:36:3f:0f:97:dd:5f:ea:ec:03:c8:
94:e6:16:9a:82:15:70:e2:87:59:62:a3:7c:1c:6d:ce:fc:dd:
e5:7e:da:68:b3:27:cc:24:27:8b:b4:cb:3e:e0:6f:4a:da:24:
63:1f:44:fa
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrVNOEgLeYYI8y4LcR8fdzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwOTI3MDU1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzk0ZDg0YjRkNmMyNWQ3N2IxYjM4N2NiMDMyMGIxNDU4NTgxYzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlz6vOPjrFRNW5u5tGL7up5PM6eF
AxF3YZXWZ2Nud3ZgNceKJWlRUaBmUkMccHn6zHkLP9YN0uAxO3n9VWkHCiU4PlSV
VnZUMuOqXZgcExnSOUTP0P9cbV8R20iD198ICFMlz2W2BU38BlKOZXXA6h1f2wkt
CwDezwiN7QDRMVPIphgsOn88TK4w/x8bjFqMG+09Tnlwkx4evkLjAkp8DuqRbT6D
ywCRSwVdZuKksE7RcLCL3In4oCgtdXAFpugx+Bzkym1PJpbqcEF5XhfQyoFjkwta
o5Bwxk5VRB3T7OcmLFX64XGF7BxsOuUUUXYq/Cxh4D4JcWyodCxeTVPxyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDOU2EtNbCXXexs4fLAyCxRYWBxUMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvTTVUWVMwMXNKZGQ3R3poOHNESUxGRmhZSEZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUV8gAwQF
UsLgAwQDV+5gAwQFWbygMA0EAgACMAcDBQAqA4ZAMA0GCSqGSIb3DQEBCwUAA4IB
AQBMMTVo6/8v5RCpEHax/KjLXSlhFY+ZM7AjzDdO7iB+uAVzAOnZo2CMM94UNtkM
Nrc2Ec5y0QhHbK2x5yvitVhb4KpNh4Bgl6sBlM3EMcXcioADXrtBKSAYQPjGzFVv
DxbBqeUj8EEPwztDR+VxkJ7wpmRk/pG3lE6iy6jUDRo8dLgQ8zAQDt+FlcLOEBe2
o3NN+uBd/x+ybRg/MGvLJl+q586cAjvzgRaVrYKC8ydZlKC3F7JwQ2hbnxGGPtxh
3g68PEe1uMTg4S6YTbpWLDY/D5fdX+rsA8iU5haaghVw4odZYqN8HG3O/N3lftpo
syfMJCeLtMs+4G9K2iRjH0T6
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:48 2024 by rpki-client on console-ams.rpki-client.org