Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mCNOcI-GYCGy1DH02MoQKLOTfg4.roa
File: mCNOcI-GYCGy1DH02MoQKLOTfg4.roa (raw, json)
Hash identifier: Ilew91aRd8A+UsPZlqLdy6ZJBZUdDp7/+YoehVpY7CY=
Subject key identifier: 98:23:4E:70:8F:86:60:21:B2:D4:31:F4:D8:CA:10:28:B3:93:7E:0E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A8A75CC7837EF9D0306D5AEFC46001ED2
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mCNOcI-GYCGy1DH02MoQKLOTfg4.roa
Signing time: Tue 12 Sep 2023 17:34:50 +0000
ROA not before: Tue 12 Sep 2023 17:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 185.255.99.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
194.56.152.0/23 maxlen: 24
185.243.140.0/22 maxlen: 24
94.231.198.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
195.149.127.0/24 maxlen: 24
86.104.19.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
45.149.160.0/22 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
185.15.136.0/23 maxlen: 24
80.94.81.0/24 maxlen: 24
80.94.80.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
89.32.126.0/24 maxlen: 24
92.118.108.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8a:75:cc:78:37:ef:9d:03:06:d5:ae:fc:46:00:1e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 12 17:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98234e708f866021b2d431f4d8ca1028b3937e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:d4:ba:a1:c7:08:ac:e9:c3:8d:24:40:77:
59:c2:7e:37:81:27:da:78:47:83:5c:c3:ce:5d:73:
f3:28:8d:7c:a2:d4:60:ab:d3:e1:0b:94:30:72:04:
1f:57:47:98:e8:43:42:b8:bf:1b:59:0b:be:2b:a5:
10:9b:2e:47:36:42:2e:53:d4:61:8f:a7:ba:72:c9:
9c:57:80:ba:b6:58:6f:11:ca:e1:95:49:95:33:a8:
74:5f:1a:51:98:78:ca:1c:bf:4a:e9:44:d5:d8:46:
f0:8b:59:9f:f7:cb:2e:15:97:3d:b6:bd:00:a7:c2:
be:61:ed:d8:cc:9e:e2:98:37:2b:01:3e:14:3e:ed:
50:8e:c1:42:49:ef:61:17:70:12:01:10:64:07:8f:
ee:43:2d:f1:34:d0:2c:2f:80:0f:a1:ce:04:ad:a0:
62:f8:14:7a:3e:1f:9e:a8:b4:5b:05:09:90:c8:da:
8f:b3:30:70:65:fe:b7:4d:cf:1d:33:52:c6:4c:ac:
95:4f:69:f4:a9:d9:d2:bf:41:ac:ad:68:38:30:1f:
0b:bf:0e:53:8f:af:9c:c2:5a:de:5b:6d:76:9b:2e:
0e:2a:eb:2b:54:ce:ff:b0:45:a8:4b:74:1f:b4:d4:
ca:a9:17:42:ac:84:44:1e:e0:87:b1:65:24:c5:ab:
2a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:23:4E:70:8F:86:60:21:B2:D4:31:F4:D8:CA:10:28:B3:93:7E:0E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mCNOcI-GYCGy1DH02MoQKLOTfg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.64.0/22
45.67.117.0/24
45.149.160.0/22
80.94.80.0/23
86.104.19.0/24
89.32.126.0/24
89.39.242.0/24
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.103.0/24
92.118.108.0/24
94.231.198.0/24
176.126.223.0/24
185.15.136.0/23
185.40.105.0/24
185.173.247.0/24
185.212.11.0/24
185.243.140.0/22
185.255.99.0/24
193.46.211.0/24
194.56.152.0/23
194.180.238.0/24
194.213.10.0/24
194.242.28.0/23
195.138.103.0-195.138.106.255
195.149.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:63:71:f8:7a:27:a8:97:27:31:94:2d:c4:45:58:f2:4b:a7:
3c:51:ca:06:70:ff:59:cc:eb:4a:86:31:2b:c1:37:b5:19:8b:
20:97:27:0f:99:f4:2d:9f:5d:92:cb:aa:b6:f9:2b:87:e1:55:
72:81:50:7e:4c:9d:5b:66:cb:1e:a8:8d:da:9c:ae:3e:4e:79:
ab:8a:64:18:d5:01:0a:46:0e:72:b1:40:3b:0f:1d:5b:d3:e8:
25:8c:c7:58:c8:da:c2:9d:b7:b2:6e:bd:6f:59:33:5f:69:0f:
7f:80:05:0d:25:72:57:74:1a:cf:7a:bf:eb:55:a3:8f:b2:8e:
a7:db:b0:dc:01:66:96:a5:39:cd:ce:0f:a9:b3:45:f4:4f:82:
96:73:22:d4:b7:0d:3a:35:66:38:35:92:11:e7:4f:c8:b2:4e:
a1:9c:9e:08:db:b3:45:34:64:6d:b3:38:48:fb:cd:b5:70:85:
7d:94:b2:3c:7d:9b:f9:fd:a3:fb:f8:0d:51:19:15:24:34:a6:
35:a2:18:0f:3f:ae:bf:36:66:87:a4:dd:4e:01:79:9a:91:e3:
bc:9a:ea:e5:c4:c1:54:f3:92:04:e8:88:ae:4a:5c:db:c7:3a:
8a:0f:d1:51:34:3d:c8:a6:e7:15:33:13:e2:e8:31:0d:3f:d5:
00:ef:bd:50
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYqKdcx4N++dAwbVrvxGAB7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwOTEyMTczNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIzNGU3MDhmODY2MDIxYjJkNDMxZjRkOGNhMTAyOGIzOTM3ZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ7UuqHHCKzpw40kQHdZwn43gSfa
eEeDXMPOXXPzKI18otRgq9PhC5QwcgQfV0eY6ENCuL8bWQu+K6UQmy5HNkIuU9Rh
j6e6csmcV4C6tlhvEcrhlUmVM6h0XxpRmHjKHL9K6UTV2Ebwi1mf98suFZc9tr0A
p8K+Ye3YzJ7imDcrAT4UPu1QjsFCSe9hF3ASARBkB4/uQy3xNNAsL4APoc4EraBi
+BR6Ph+eqLRbBQmQyNqPszBwZf63Tc8dM1LGTKyVT2n0qdnSv0GsrWg4MB8Lvw5T
j6+cwlreW212my4OKusrVM7/sEWoS3QftNTKqRdCrIREHuCHsWUkxasq0QIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFJgjTnCPhmAhstQx9NjKECizk34OMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbUNOT2NJLUdZQ0d5MURIMDJNb1FLTE9UZmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAIt
D0ADBAAtQ3UDBAItlaADBAFQXlADBABWaBMDBABZIH4DBABZJ/IDBABZKKEwDAME
AVvyRgMEAVvySAMEAFvySwMEAFvyZwMEAFx2bAMEAF7nxgMEALB+3wMEAbkPiAME
ALkoaQMEALmt9wMEALnUCwMEArnzjAMEALn/YwMEAMEu0wMEAcI4mAMEAMK07gME
AMLVCgMEAcLyHDAMAwQAw4pnAwQAw4pqAwQAw5V/MA0GCSqGSIb3DQEBCwUAA4IB
AQBSY3H4eieolycxlC3ERVjyS6c8UcoGcP9ZzOtKhjErwTe1GYsglycPmfQtn12S
y6q2+SuH4VVygVB+TJ1bZsseqI3anK4+TnmrimQY1QEKRg5ysUA7Dx1b0+gljMdY
yNrCnbeybr1vWTNfaQ9/gAUNJXJXdBrPer/rVaOPso6n27DcAWaWpTnNzg+ps0X0
T4KWcyLUtw06NWY4NZIR50/Isk6hnJ4I27NFNGRtszhI+821cIV9lLI8fZv5/aP7
+A1RGRUkNKY1ohgPP66/NmaHpN1OAXmakeO8murlxMFU85IE6IiuSlzbxzqKD9FR
ND3IpucVMxPi6DENP9UA771Q
-----END CERTIFICATE-----
Generated at Thu Sep 14 14:39:06 2023 by rpki-client on console-ams.rpki-client.org