Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/mQEANWL8iJSEwJct3rtk_nmVIyw.roa
File: mQEANWL8iJSEwJct3rtk_nmVIyw.roa (raw, json)
Hash identifier: JRoWVLl/AxNjFWYo0mjCFHN87ZPewCM2a08YR7ykwDI=
Subject key identifier: 99:01:00:35:62:FC:88:94:84:C0:97:2D:DE:BB:64:FE:79:95:23:2C
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 018571D7E80A6A3FBE2561598C1F93AED7DD
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/mQEANWL8iJSEwJct3rtk_nmVIyw.roa
Signing time: Mon 02 Jan 2023 09:37:33 +0000
ROA not before: Mon 02 Jan 2023 09:37:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43948
IP address blocks: 46.21.96.0/22 maxlen: 22
46.21.96.0/20 maxlen: 20
195.149.101.0/24 maxlen: 24
46.21.100.0/23 maxlen: 23
46.21.100.0/24 maxlen: 24
46.21.106.0/24 maxlen: 24
185.157.220.0/22 maxlen: 22
185.39.146.0/23 maxlen: 23
31.192.224.0/21 maxlen: 21
31.192.228.0/24 maxlen: 24
193.108.196.0/24 maxlen: 24
109.74.0.0/20 maxlen: 20
79.99.2.0/23 maxlen: 23
79.99.0.0/23 maxlen: 23
79.99.0.0/21 maxlen: 21
91.228.193.0/24 maxlen: 24
91.228.194.0/23 maxlen: 23
5.178.77.0/24 maxlen: 24
5.178.75.0/24 maxlen: 24
5.178.72.0/21 maxlen: 24
94.247.168.0/21 maxlen: 21
94.247.175.0/24 maxlen: 24
94.247.173.0/24 maxlen: 24
37.152.56.0/21 maxlen: 21
37.152.60.0/24 maxlen: 24
194.54.164.0/24 maxlen: 24
194.54.164.0/22 maxlen: 22
195.238.76.0/23 maxlen: 23
185.39.144.0/22 maxlen: 22
159.253.24.0/21 maxlen: 21
159.253.26.0/24 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
195.246.120.0/23 maxlen: 23
195.20.206.0/23 maxlen: 23
2a02:750::/29 maxlen: 48
2a02:750:5::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:e8:0a:6a:3f:be:25:61:59:8c:1f:93:ae:d7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Jan 2 09:37:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9901003562fc889484c0972ddebb64fe7995232c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f3:1c:53:d3:10:36:e4:f7:a5:fc:2a:52:ca:
bb:ca:6e:56:85:fb:a1:29:c4:c2:49:1a:cb:c6:1a:
ca:0d:5d:0e:13:fe:cd:88:2a:51:ef:7e:c4:a9:98:
64:5e:4b:97:f8:ce:33:cf:24:5b:e9:1a:8b:ae:7e:
b6:81:05:cc:84:c0:62:0b:e6:0f:fd:a2:a9:5e:e3:
3c:3d:f8:bb:0a:a8:76:36:0b:f5:ad:ba:c8:30:01:
9d:84:b2:a8:d9:f2:e9:64:0b:93:d4:9d:68:2f:05:
51:6a:68:5f:2f:83:96:35:eb:ca:aa:3e:71:d7:96:
93:11:57:5b:c3:31:af:d6:8a:4b:e2:b0:6f:87:4e:
2b:ca:25:82:02:d8:a7:6b:27:b2:e5:27:a4:16:08:
8b:cd:a1:a6:72:9c:2e:78:cc:0e:9b:5c:5e:ea:8b:
fc:e5:b1:4b:70:ac:f6:7c:56:f4:d6:24:05:4a:02:
95:cd:2b:a4:59:7a:72:73:ef:78:2a:ec:7e:35:9a:
73:cf:2a:03:72:96:f7:21:06:b7:0e:fd:7d:b5:cc:
20:32:4f:06:77:f6:dc:41:22:bf:37:a8:2e:51:d6:
fd:b9:63:ac:c8:41:4c:70:d0:92:6b:08:7c:f8:ba:
7f:62:6e:d2:ab:68:f9:c4:1f:6d:dc:ea:54:95:e8:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:01:00:35:62:FC:88:94:84:C0:97:2D:DE:BB:64:FE:79:95:23:2C
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/mQEANWL8iJSEwJct3rtk_nmVIyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
79.99.0.0/21
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
185.39.144.0/22
185.157.220.0/22
193.108.196.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
IPv6:
2a02:750::/29
Signature Algorithm: sha256WithRSAEncryption
06:25:5d:7d:b4:fc:1f:17:6b:bc:2b:94:fc:98:7f:0d:09:5a:
b7:36:33:3d:3f:fd:72:9c:5b:d7:57:84:d2:44:7b:1e:77:d1:
6c:4a:07:3c:cb:92:a2:49:b7:c8:55:68:85:6b:d8:e0:52:e3:
fa:16:41:f8:58:df:71:04:eb:69:f6:ab:08:ef:53:8d:f9:88:
89:be:f8:36:27:22:d8:0e:38:d5:fd:a4:91:61:32:d6:96:0d:
a2:85:79:b7:36:2a:3f:ca:50:63:33:53:88:53:9f:07:13:ca:
0a:c0:f1:92:38:81:17:ae:00:29:50:cd:33:f6:e3:94:f7:e2:
19:94:ba:72:40:82:2e:11:43:bc:bd:54:3c:50:4d:cc:6d:f3:
09:21:02:4d:c7:5f:21:4a:6c:5f:e4:0b:56:0a:00:ad:c1:71:
ea:c2:ab:79:a0:8f:f9:c9:1d:62:0f:f3:20:88:b9:2a:ac:45:
fb:35:38:5d:ba:fc:89:68:e1:c7:9b:e1:45:2f:17:09:81:b5:
f2:db:1f:19:07:a5:57:dd:67:08:0c:e4:71:cf:a2:00:80:e1:
5e:55:e0:af:6e:b4:1a:15:32:53:8e:d5:dd:6d:9e:1c:75:c1:
98:3a:1b:55:03:61:1e:05:51:d5:22:ef:a6:74:27:78:7f:65:
a6:a5:26:ae
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYVx1+gKaj++JWFZjB+TrtfdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjMwMTAyMDkzNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAxMDAzNTYyZmM4ODk0ODRjMDk3MmRkZWJiNjRmZTc5OTUyMzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfMcU9MQNuT3pfwqUsq7ym5Whfuh
KcTCSRrLxhrKDV0OE/7NiCpR737EqZhkXkuX+M4zzyRb6RqLrn62gQXMhMBiC+YP
/aKpXuM8Pfi7Cqh2Ngv1rbrIMAGdhLKo2fLpZAuT1J1oLwVRamhfL4OWNevKqj5x
15aTEVdbwzGv1opL4rBvh04ryiWCAtinayey5SekFgiLzaGmcpwueMwOm1xe6ov8
5bFLcKz2fFb01iQFSgKVzSukWXpyc+94Kux+NZpzzyoDcpb3IQa3Dv19tcwgMk8G
d/bcQSK/N6guUdb9uWOsyEFMcNCSawh8+Lp/Ym7Sq2j5xB9t3OpUleg2KQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJkBADVi/IiUhMCXLd67ZP55lSMsMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvbVFFQU5XTDhpSlNFd0pjdDNydGtfbm1WSXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQDBbJI
AwQDH8DgAwQDJZg4AwQELhVgAwQDT2MAMAwDBABb5MEDBAJb5MADBANe96gDBARt
SgADBAOf/RgDBAK5J5ADBAK5ndwDBADBbMQDBALCNqQDBAHDFM4DBADDlWUDBAHD
7kwDBAHD9ngwDQQCAAIwBwMFAyoCB1AwDQYJKoZIhvcNAQELBQADggEBAAYlXX20
/B8Xa7wrlPyYfw0JWrc2Mz0//XKcW9dXhNJEex530WxKBzzLkqJJt8hVaIVr2OBS
4/oWQfhY33EE62n2qwjvU435iIm++DYnItgOONX9pJFhMtaWDaKFebc2Kj/KUGMz
U4hTnwcTygrA8ZI4gReuAClQzTP245T34hmUunJAgi4RQ7y9VDxQTcxt8wkhAk3H
XyFKbF/kC1YKAK3BcerCq3mgj/nJHWIP8yCIuSqsRfs1OF26/Ilo4ceb4UUvFwmB
tfLbHxkHpVfdZwgM5HHPogCA4V5V4K9utBoVMlOO1d1tnhx1wZg6G1UDYR4FUdUi
76Z0J3h/ZaalJq4=
-----END CERTIFICATE-----
Generated at Fri Sep 29 12:53:46 2023 by rpki-client on console-fra.rpki-client.org