Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa
File: MoLgKXXxofzQNagTv7wxPAcyXwE.roa (raw, json)
Hash identifier: 1wxwoVeMsGhs2VRkgzBodPMiH+98IEngKAHpt1yQNg4=
Subject key identifier: 32:82:E0:29:75:F1:A1:FC:D0:35:A8:13:BF:BC:31:3C:07:32:5F:01
Certificate issuer: /CN=019ad1824be546163b481fc49647a0508b226bf4
Certificate serial: 01891C9801BFD894016BA8F0896DE1F81030
Authority key identifier: 01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa
Signing time: Mon 03 Jul 2023 16:31:11 +0000
ROA not before: Mon 03 Jul 2023 16:31:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59865
IP address blocks: 185.232.112.0/22 maxlen: 24
185.240.168.0/22 maxlen: 22
89.255.219.0/24 maxlen: 24
89.255.216.0/21 maxlen: 24
89.255.223.0/24 maxlen: 24
89.255.221.0/24 maxlen: 24
89.255.222.0/24 maxlen: 24
89.255.220.0/24 maxlen: 24
185.68.172.0/22 maxlen: 22
2a03:2ca0:255::/48 maxlen: 48
2a03:2ca0:3135::/48 maxlen: 48
2a03:2ca0::/32 maxlen: 48
2a0c:8680::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:98:01:bf:d8:94:01:6b:a8:f0:89:6d:e1:f8:10:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=019ad1824be546163b481fc49647a0508b226bf4
Validity
Not Before: Jul 3 16:31:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3282e02975f1a1fcd035a813bfbc313c07325f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:73:6f:91:46:38:15:92:c3:d3:33:4a:96:84:
c9:da:8a:33:05:32:dd:42:94:b3:56:38:3a:26:9b:
be:af:08:48:a9:5b:b8:7f:9e:b1:ed:88:d4:9d:1a:
fb:20:47:ae:09:fc:a9:f9:e1:48:ad:75:b9:58:ef:
9f:c1:a5:90:d9:35:6d:c2:2a:75:7b:fa:19:13:d6:
70:80:d6:0a:c6:dd:12:28:00:eb:fe:64:e9:11:98:
3d:b2:87:44:8b:b5:4f:ab:b0:e5:8c:fb:46:1d:5f:
26:7b:a0:5c:f1:17:be:44:cb:74:a9:98:9e:63:cf:
ea:33:8b:35:cb:37:02:ea:40:41:9a:02:0b:5a:6e:
d0:82:81:f0:b0:f3:ff:32:2c:3c:de:2a:d7:17:06:
ee:1a:4e:12:ce:64:0b:35:09:ce:74:6b:04:25:31:
20:37:cb:9d:e1:2d:f8:2b:2c:99:9b:b7:85:e2:63:
50:b8:9f:67:ec:f3:6a:b9:de:c7:2f:4a:ba:6c:44:
4d:d5:76:3d:51:cf:07:9e:bf:38:21:c8:e4:3e:bf:
61:4c:6b:68:1d:b0:8f:57:bd:a9:9c:6e:17:59:c3:
ff:e1:56:94:d4:e6:47:73:d0:b7:0b:2b:48:4e:c9:
6b:06:80:3c:29:d4:a6:68:66:13:92:60:c2:f7:b5:
d7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:82:E0:29:75:F1:A1:FC:D0:35:A8:13:BF:BC:31:3C:07:32:5F:01
X509v3 Authority Key Identifier:
keyid:01:9A:D1:82:4B:E5:46:16:3B:48:1F:C4:96:47:A0:50:8B:22:6B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZrRgkvlRhY7SB_ElkegUIsia_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/MoLgKXXxofzQNagTv7wxPAcyXwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/6248ec-204f-459b-904c-e8e13bb0e084/1/AZrRgkvlRhY7SB_ElkegUIsia_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.216.0/21
185.68.172.0/22
185.232.112.0/22
185.240.168.0/22
IPv6:
2a03:2ca0::/32
2a0c:8680::/29
Signature Algorithm: sha256WithRSAEncryption
a5:e3:78:3c:ec:15:00:6d:c2:55:25:69:b6:51:0f:4d:d6:7e:
80:04:94:b2:ca:6f:59:11:11:fb:42:3a:53:e1:c4:0e:77:6a:
0f:d4:5e:90:8f:ee:b3:10:81:73:1a:ca:29:de:41:57:e5:0f:
76:74:25:e2:ca:8f:1b:a8:8c:1e:ce:0b:77:e8:1f:b0:6a:28:
38:a4:d3:5e:d2:2b:53:45:df:cc:98:23:99:b3:e4:c5:bb:32:
d2:89:f5:82:34:83:65:b6:a9:f1:59:55:59:3d:27:2a:5e:f6:
1a:3f:20:de:23:3d:26:84:fc:c0:3f:c4:3c:2d:d4:3a:ba:f2:
56:df:4c:f4:e5:65:ff:b6:b2:ad:81:ca:f7:7e:f9:54:00:ed:
0c:cb:76:22:b5:2e:60:fd:4a:82:26:f5:22:34:20:d6:7d:4f:
85:7e:21:d6:18:ea:1c:03:d4:fe:e3:31:66:41:ea:b7:df:f0:
2f:65:37:f2:f1:8e:fc:4d:bc:b3:d8:1d:b1:d5:e5:ab:fe:80:
03:40:6c:8c:64:05:2a:93:2e:9b:c1:ac:5e:94:ea:ae:aa:40:
51:41:ec:c7:5e:13:90:c1:68:0f:32:e5:ee:a0:34:35:9a:69:
dc:30:c2:14:83:fb:f4:78:c0:84:fc:2a:fd:fd:d2:7d:d1:09:
98:0e:94:cd
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYkcmAG/2JQBa6jwiW3h+BAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOWFkMTgyNGJlNTQ2MTYzYjQ4MWZjNDk2NDdhMDUwOGIy
MjZiZjQwHhcNMjMwNzAzMTYzMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgyZTAyOTc1ZjFhMWZjZDAzNWE4MTNiZmJjMzEzYzA3MzI1ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHNvkUY4FZLD0zNKloTJ2oozBTLd
QpSzVjg6Jpu+rwhIqVu4f56x7YjUnRr7IEeuCfyp+eFIrXW5WO+fwaWQ2TVtwip1
e/oZE9ZwgNYKxt0SKADr/mTpEZg9sodEi7VPq7DljPtGHV8me6Bc8Re+RMt0qZie
Y8/qM4s1yzcC6kBBmgILWm7QgoHwsPP/Miw83irXFwbuGk4SzmQLNQnOdGsEJTEg
N8ud4S34KyyZm7eF4mNQuJ9n7PNqud7HL0q6bERN1XY9Uc8Hnr84IcjkPr9hTGto
HbCPV72pnG4XWcP/4VaU1OZHc9C3CytITslrBoA8KdSmaGYTkmDC97XXUQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDKC4Cl18aH80DWoE7+8MTwHMl8BMB8GA1UdIwQY
MBaAFAGa0YJL5UYWO0gfxJZHoFCLImv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMt
ZThlMTNiYjBlMDg0LzEvTW9MZ0tYWHhvZnpRTmFnVHY3d3hQQWN5WHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MjQ4ZWMtMjA0Zi00NTliLTkwNGMtZThlMTNiYjBlMDg0
LzEvQVpyUmdrdmxSaFk3U0JfRWxrZWdVSXNpYV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDWf/YAwQC
uUSsAwQCuehwAwQCufCoMBQEAgACMA4DBQAqAyygAwUDKgyGgDANBgkqhkiG9w0B
AQsFAAOCAQEApeN4POwVAG3CVSVptlEPTdZ+gASUsspvWRER+0I6U+HEDndqD9Re
kI/usxCBcxrKKd5BV+UPdnQl4sqPG6iMHs4Ld+gfsGooOKTTXtIrU0XfzJgjmbPk
xbsy0on1gjSDZbap8VlVWT0nKl72Gj8g3iM9JoT8wD/EPC3UOrryVt9M9OVl/7ay
rYHK9375VADtDMt2IrUuYP1Kgib1IjQg1n1PhX4h1hjqHAPU/uMxZkHqt9/wL2U3
8vGO/E28s9gdsdXlq/6AA0BsjGQFKpMum8GsXpTqrqpAUUHsx14TkMFoDzLl7qA0
NZpp3DDCFIP79HjAhPwq/f3SfdEJmA6UzQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:10:56 2024 by rpki-client on console-ams.rpki-client.org