Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cMnbDV6B-vpnOf8oTe4sTaABwgU.roa
File: cMnbDV6B-vpnOf8oTe4sTaABwgU.roa (raw, json)
Hash identifier: BZKMnUH3h4cwCZYEU5MxH2OHq6gRgGnl0BQAWzCfEG8=
Subject key identifier: 70:C9:DB:0D:5E:81:FA:FA:67:39:FF:28:4D:EE:2C:4D:A0:01:C2:05
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0187E6F339C023CD23B775716A6F79668956
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cMnbDV6B-vpnOf8oTe4sTaABwgU.roa
Signing time: Thu 04 May 2023 13:28:32 +0000
ROA not before: Thu 04 May 2023 13:28:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50835
IP address blocks: 91.193.30.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.246.192.0/22 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
176.113.180.0/22 maxlen: 22
91.246.203.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
176.110.112.0/23 maxlen: 23
91.246.217.0/24 maxlen: 24
81.161.8.0/22 maxlen: 22
37.97.121.0/24 maxlen: 24
37.97.120.0/24 maxlen: 24
91.232.56.0/23 maxlen: 23
193.36.220.0/22 maxlen: 22
194.33.66.0/23 maxlen: 23
64.43.120.0/22 maxlen: 24
91.233.200.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
193.36.203.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
109.207.129.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
91.200.132.0/24 maxlen: 24
91.200.134.0/23 maxlen: 23
176.121.108.0/23 maxlen: 24
176.121.110.0/23 maxlen: 24
91.238.39.0/24 maxlen: 24
176.116.228.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
176.116.236.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.224.212.0/24 maxlen: 24
91.232.226.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
91.236.76.0/24 maxlen: 24
46.173.254.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:f3:39:c0:23:cd:23:b7:75:71:6a:6f:79:66:89:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 4 13:28:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70c9db0d5e81fafa6739ff284dee2c4da001c205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:b9:1a:ec:54:c7:79:c6:8b:21:57:fd:91:
bd:f8:27:e4:82:b8:48:ed:76:cb:9f:40:92:5d:69:
6c:00:ab:d6:97:cc:2a:c9:8b:9b:9c:60:f8:02:61:
c2:ca:5b:d7:cb:65:dd:87:69:91:0c:ee:43:e5:a6:
63:6f:15:31:44:95:91:17:2d:95:40:ae:ef:b3:78:
4b:3e:8b:63:f5:54:02:27:c2:6f:0b:ed:da:ec:a2:
02:8a:2d:cc:ce:86:16:5f:c8:c2:74:6e:8a:8a:7a:
cf:81:67:ab:bb:15:f6:7b:0b:a8:92:a6:f2:3f:ed:
e2:96:1d:03:2d:82:9d:9e:23:49:b2:67:3a:bd:89:
57:b5:27:d2:28:87:94:f3:fc:07:51:ca:8b:70:b9:
20:99:58:14:da:d9:d5:50:62:e2:c8:ca:4c:36:37:
a1:e1:6a:21:dd:21:cf:d7:05:b0:60:01:6b:be:01:
84:2b:a5:a6:f9:5c:0f:5f:74:0e:d0:1f:21:85:94:
37:e3:fc:d2:49:be:52:d1:ff:02:c3:14:5d:28:fe:
a8:5d:b8:18:a7:6c:36:0c:f0:69:7e:0a:e2:9b:2e:
fe:95:86:c7:16:8e:97:86:c4:a0:cc:9d:2d:4e:3e:
e1:60:d4:67:00:28:2f:69:7b:61:5a:f2:e0:da:07:
83:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C9:DB:0D:5E:81:FA:FA:67:39:FF:28:4D:EE:2C:4D:A0:01:C2:05
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cMnbDV6B-vpnOf8oTe4sTaABwgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.120.0/23
46.173.248.0/22
46.173.254.0/23
64.43.120.0/22
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
81.161.8.0/22
81.161.48.0/22
91.193.30.0/23
91.200.132.0/24
91.200.134.0/23
91.224.212.0/24
91.232.56.0/23
91.232.226.0/24
91.233.200.0/24
91.236.76.0/24
91.238.39.0/24
91.239.222.0/23
91.239.226.0/24
91.246.192.0/22
91.246.203.0/24
91.246.217.0/24
109.207.129.0-109.207.130.255
109.207.132.0/24
176.96.94.0/24
176.110.112.0/23
176.113.180.0/22
176.115.236.0/22
176.116.228.0/24
176.116.236.0/24
176.121.108.0/22
193.36.203.0/24
193.36.220.0/22
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:be:df:f7:e8:bc:93:6c:2d:c1:b2:e6:ad:da:15:03:97:52:
29:8d:a5:86:61:a6:34:7d:8d:f4:ad:54:cd:4a:9a:07:d0:b4:
3f:84:f9:ea:46:90:46:f1:0e:78:ef:04:02:d3:11:3a:8f:07:
b6:b4:79:45:f4:e4:2d:a5:61:7e:26:2d:a8:9a:22:c3:c4:8b:
02:a7:73:95:58:bf:b7:eb:cb:9a:59:13:69:f0:80:65:08:23:
49:d5:ec:13:19:78:2c:f0:7c:a9:91:38:da:77:de:b2:d4:7d:
8e:44:e4:4e:d5:f9:8d:02:01:e6:ea:0b:d5:6a:0e:fb:03:e1:
39:b7:ee:92:e9:23:a7:60:26:dc:f8:ba:f0:3b:99:80:e6:b1:
00:27:67:94:9a:d0:c2:b2:e1:6a:23:ea:59:55:58:2b:a6:b8:
e7:eb:24:96:25:92:0b:b3:16:d1:b1:51:6f:72:97:e7:60:8d:
4e:14:2a:4e:0e:15:96:33:c5:76:53:99:e3:c6:c7:bb:40:6d:
e0:37:86:98:05:d9:48:ac:e1:aa:5a:7d:48:eb:4b:b2:0d:b0:
af:ca:ec:81:17:8a:6e:9a:c9:b9:4c:5b:11:cd:e7:52:1a:8d:
c4:b1:2a:90:df:92:a5:29:30:88:90:6d:93:f0:05:31:ab:14:
ca:55:2c:35
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAYfm8znAI80jt3Vxam95ZolWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTA0MTMyODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM5ZGIwZDVlODFmYWZhNjczOWZmMjg0ZGVlMmM0ZGEwMDFjMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppC5GuxUx3nGiyFX/ZG9+CfkgrhI
7XbLn0CSXWlsAKvWl8wqyYubnGD4AmHCylvXy2Xdh2mRDO5D5aZjbxUxRJWRFy2V
QK7vs3hLPotj9VQCJ8JvC+3a7KICii3MzoYWX8jCdG6KinrPgWeruxX2ewuokqby
P+3ilh0DLYKdniNJsmc6vYlXtSfSKIeU8/wHUcqLcLkgmVgU2tnVUGLiyMpMNjeh
4Woh3SHP1wWwYAFrvgGEK6Wm+VwPX3QO0B8hhZQ34/zSSb5S0f8CwxRdKP6oXbgY
p2w2DPBpfgrimy7+lYbHFo6XhsSgzJ0tTj7hYNRnACgvaXthWvLg2geDlwIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFHDJ2w1egfr6Zzn/KE3uLE2gAcIFMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvY01uYkRWNkItdnBuT2Y4b1RlNHNUYUFCd2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAEl
YXgDBAIurfgDBAEurf4DBAJAK3gDBABNJDkDBABNJDwDBABNJEEDBAJRoQgDBAJR
oTADBAFbwR4DBABbyIQDBAFbyIYDBABb4NQDBAFb6DgDBABb6OIDBABb6cgDBABb
7EwDBABb7icDBAFb794DBABb7+IDBAJb9sADBABb9ssDBABb9tkwDAMEAG3PgQME
AG3PggMEAG3PhAMEALBgXgMEAbBucAMEArBxtAMEArBz7AMEALB05AMEALB07AME
ArB5bAMEAMEkywMEAsEk3AMEAcIhQjANBgkqhkiG9w0BAQsFAAOCAQEAnL7f9+i8
k2wtwbLmrdoVA5dSKY2lhmGmNH2N9K1UzUqaB9C0P4T56kaQRvEOeO8EAtMROo8H
trR5RfTkLaVhfiYtqJoiw8SLAqdzlVi/t+vLmlkTafCAZQgjSdXsExl4LPB8qZE4
2nfestR9jkTkTtX5jQIB5uoL1WoO+wPhObfukukjp2Am3Pi68DuZgOaxACdnlJrQ
wrLhaiPqWVVYK6a45+skliWSC7MW0bFRb3KX52CNThQqTg4VljPFdlOZ48bHu0Bt
4DeGmAXZSKzhqlp9SOtLsg2wr8rsgReKbprJuUxbEc3nUhqNxLEqkN+SpSkwiJBt
k/AFMasUylUsNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org