Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mCwP65_jbMsT7Zu7U1OGm_WF0gM.roa
File: mCwP65_jbMsT7Zu7U1OGm_WF0gM.roa (raw, json)
Hash identifier: 8soeLvsQYPJn5oD4RwQZH1+PnAlqzgCR1OjfJb3gyJU=
Subject key identifier: 98:2C:0F:EB:9F:E3:6C:CB:13:ED:9B:BB:53:53:86:9B:F5:85:D2:03
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0187108298B55483DB81CDAA48ADA16862CD
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mCwP65_jbMsT7Zu7U1OGm_WF0gM.roa
Signing time: Thu 23 Mar 2023 22:06:46 +0000
ROA not before: Thu 23 Mar 2023 22:06:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 194.28.158.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:82:98:b5:54:83:db:81:cd:aa:48:ad:a1:68:62:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:06:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=982c0feb9fe36ccb13ed9bbb5353869bf585d203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c5:da:30:32:ed:e8:d6:50:28:da:63:c9:32:
36:fb:e0:0d:e8:1e:29:26:0b:2e:a8:fe:16:c0:5a:
cb:86:b3:af:f2:94:2f:55:9b:0c:b9:7e:1d:78:22:
11:63:4e:31:ee:ea:dd:24:17:f7:39:c7:64:ef:1e:
25:dd:fc:fa:76:02:94:72:21:8c:6a:95:93:ce:a3:
05:f6:dc:c9:33:8e:3f:12:85:fe:2a:a6:5f:bf:7f:
95:47:9e:ae:ac:19:f5:09:9c:07:70:a9:5c:1b:a7:
e1:c5:45:f7:2f:82:ca:ff:69:ec:48:1d:2d:06:71:
b1:97:64:76:79:64:14:e4:ee:56:8b:25:1c:cd:5d:
5f:27:82:3b:ff:ae:b3:7e:a7:b1:1e:0d:ce:85:8f:
6e:d9:51:d2:7c:29:9d:a5:99:73:5e:e6:b2:dc:65:
f9:9a:d2:d1:47:bb:72:dd:a0:9c:4e:cc:dd:de:bc:
17:4c:12:7e:77:bb:01:0e:0e:79:6a:66:5c:e7:e5:
55:5f:02:ed:47:2a:a5:a9:66:a2:8c:93:56:9b:67:
f9:51:e2:f8:d4:6d:36:74:e5:c3:3b:b5:14:18:96:
a3:9a:3b:1b:f0:3b:ac:92:91:8a:1b:35:f6:ac:3c:
32:6f:08:04:8f:60:5d:aa:c5:fa:76:66:6d:ed:13:
d1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2C:0F:EB:9F:E3:6C:CB:13:ED:9B:BB:53:53:86:9B:F5:85:D2:03
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mCwP65_jbMsT7Zu7U1OGm_WF0gM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
14:80:eb:e1:fd:47:26:1b:e9:92:66:27:37:98:8f:d0:a0:24:
12:37:ae:20:01:e0:ff:9e:33:45:ad:95:f7:f2:42:1b:6c:00:
93:dd:a5:ce:c0:75:b1:3a:be:d4:b1:2c:cb:82:3e:0b:ac:ee:
6d:10:2e:28:64:34:8e:a0:b8:5f:9e:d3:09:30:77:85:a3:61:
e2:4e:c0:97:60:4f:ce:e3:75:3f:da:cf:ab:43:9d:48:8f:60:
5c:56:fc:98:39:72:2a:5f:96:86:a4:c1:2b:ea:82:25:3d:1a:
7a:4b:7f:08:5a:23:d4:46:88:8a:f9:04:ef:ea:73:68:12:99:
a5:9d:0a:6d:57:31:0a:9c:94:9f:94:98:55:92:b7:7a:e3:9c:
9e:45:6e:b7:de:8d:83:7e:a9:22:96:11:7e:b4:21:25:6b:a6:
cb:7d:a6:68:3a:99:ae:96:b6:87:2f:2f:8a:8f:d9:97:0d:43:
b9:87:31:98:88:e2:83:0d:38:95:10:41:16:8a:ca:f5:b7:4e:
02:b3:21:17:80:17:b9:74:4a:34:96:bc:95:79:c6:74:64:8a:
0d:f9:7d:21:1c:aa:eb:57:39:f6:c1:45:f4:d5:e0:8b:98:b4:
7c:b4:88:48:5a:d5:f0:10:36:e9:b2:72:ad:dd:ee:ee:69:b0:
87:32:e8:30
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYcQgpi1VIPbgc2qSK2haGLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJjMGZlYjlmZTM2Y2NiMTNlZDliYmI1MzUzODY5YmY1ODVkMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcXaMDLt6NZQKNpjyTI2++AN6B4p
JgsuqP4WwFrLhrOv8pQvVZsMuX4deCIRY04x7urdJBf3Ocdk7x4l3fz6dgKUciGM
apWTzqMF9tzJM44/EoX+KqZfv3+VR56urBn1CZwHcKlcG6fhxUX3L4LK/2nsSB0t
BnGxl2R2eWQU5O5WiyUczV1fJ4I7/66zfqexHg3OhY9u2VHSfCmdpZlzXuay3GX5
mtLRR7ty3aCcTszd3rwXTBJ+d7sBDg55amZc5+VVXwLtRyqlqWaijJNWm2f5UeL4
1G02dOXDO7UUGJajmjsb8DuskpGKGzX2rDwybwgEj2BdqsX6dmZt7RPRaQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJgsD+uf42zLE+2bu1NThpv1hdIDMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvbUN3UDY1X2piTXNUN1p1N1UxT0dtX1dGMGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAFIDr4f1HJhvpkmYnN5iP0KAkEjeuIAHg/54zRa2V9/JCG2wAk92lzsB1sTq+
1LEsy4I+C6zubRAuKGQ0jqC4X57TCTB3haNh4k7Al2BPzuN1P9rPq0OdSI9gXFb8
mDlyKl+WhqTBK+qCJT0aekt/CFoj1EaIivkE7+pzaBKZpZ0KbVcxCpyUn5SYVZK3
euOcnkVut96Ng36pIpYRfrQhJWumy32maDqZrpa2hy8vio/Zlw1DuYcxmIjigw04
lRBBForK9bdOArMhF4AXuXRKNJa8lXnGdGSKDfl9IRyq61c59sFF9NXgi5i0fLSI
SFrV8BA26bJyrd3u7mmwhzLoMA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:24 2023 by rpki-client on console-ams.rpki-client.org