Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa
File: movoT8YRL8aOUKHTP8NqfVNT-BI.roa (raw, json)
Hash identifier: C5d8AlJ6QtLYnJxO02CDRkMqr/dWdz0JeCUGgYXf4as=
Subject key identifier: 9A:8B:E8:4F:C6:11:2F:C6:8E:50:A1:D3:3F:C3:6A:7D:53:53:F8:12
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018BAEA911234DEF5BE9D1FB104178841631
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa
Signing time: Wed 08 Nov 2023 11:19:57 +0000
ROA not before: Wed 08 Nov 2023 11:19:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 194.31.104.0/22 maxlen: 22
185.28.51.0/24 maxlen: 24
45.152.140.0/22 maxlen: 22
185.231.186.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
31.15.4.0/24 maxlen: 24
31.15.0.0/22 maxlen: 22
31.15.7.0/24 maxlen: 24
31.15.6.0/24 maxlen: 24
31.15.5.0/24 maxlen: 24
45.155.56.0/22 maxlen: 22
89.190.152.0/24 maxlen: 24
185.225.244.0/22 maxlen: 22
89.190.152.0/22 maxlen: 22
185.225.246.0/24 maxlen: 24
185.225.245.0/24 maxlen: 24
185.225.244.0/24 maxlen: 24
89.190.154.0/24 maxlen: 24
89.190.153.0/24 maxlen: 24
89.190.155.0/24 maxlen: 24
185.225.247.0/24 maxlen: 24
185.246.12.0/23 maxlen: 23
185.246.15.0/24 maxlen: 24
185.246.14.0/24 maxlen: 24
185.246.13.0/24 maxlen: 24
185.246.12.0/24 maxlen: 24
45.133.60.0/22 maxlen: 22
178.19.40.0/22 maxlen: 22
45.81.124.0/22 maxlen: 22
45.137.12.0/23 maxlen: 23
45.145.132.0/22 maxlen: 22
185.244.231.0/24 maxlen: 24
185.244.230.0/24 maxlen: 24
185.244.229.0/24 maxlen: 24
185.244.228.0/24 maxlen: 24
185.244.228.0/23 maxlen: 23
185.229.216.0/22 maxlen: 22
2.59.192.0/22 maxlen: 22
92.118.180.0/22 maxlen: 22
194.32.112.0/24 maxlen: 24
45.150.84.0/22 maxlen: 22
194.32.112.0/22 maxlen: 22
194.32.115.0/24 maxlen: 24
194.32.114.0/24 maxlen: 24
194.32.113.0/24 maxlen: 24
45.81.104.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:a9:11:23:4d:ef:5b:e9:d1:fb:10:41:78:84:16:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Nov 8 11:19:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a8be84fc6112fc68e50a1d33fc36a7d5353f812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d2:c1:b3:db:ec:f6:40:04:d6:43:53:51:96:
95:4c:c3:b8:fa:74:29:7e:07:ac:98:8a:28:05:9e:
60:5d:7e:65:8e:83:b8:60:20:b9:7f:9a:74:54:70:
bc:86:a6:5d:89:5d:5c:6f:33:14:17:cd:68:b7:04:
c8:f1:7e:a8:30:d4:5c:50:00:58:69:92:2b:1f:69:
ea:bb:f8:3a:a5:23:35:85:3e:1a:7b:12:09:52:6d:
eb:f5:db:24:c3:9b:4b:7d:52:ca:56:7c:2c:09:98:
bb:29:1c:2c:2b:19:06:61:63:c9:a2:51:29:20:ba:
09:64:84:30:07:b0:8d:ad:6c:ae:d5:28:2c:38:da:
d8:8a:68:3b:58:61:d0:d9:dd:0e:15:e2:3a:c5:4c:
9b:ae:37:a0:c5:34:57:2b:d6:c1:3f:ce:97:7a:f0:
0c:b5:7a:ad:39:64:00:03:6a:20:d3:4c:42:ec:33:
de:4c:e7:b7:9f:7c:98:66:9c:7c:e1:bf:c3:e0:c6:
e8:e9:4e:02:92:12:90:4a:3c:c0:ec:99:05:04:37:
db:1d:e6:29:cc:e6:bf:58:40:d6:86:1c:9e:3a:62:
38:89:d4:b3:98:d0:bd:34:f2:60:12:2c:f7:82:92:
b6:16:40:ff:05:05:9c:dc:a5:95:1e:40:48:bf:e8:
dd:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8B:E8:4F:C6:11:2F:C6:8E:50:A1:D3:3F:C3:6A:7D:53:53:F8:12
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/movoT8YRL8aOUKHTP8NqfVNT-BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.192.0/22
31.15.0.0/21
45.81.104.0/22
45.81.124.0/22
45.133.60.0/22
45.137.12.0/23
45.145.132.0/22
45.150.84.0/22
45.152.140.0/22
45.155.56.0/22
89.190.152.0/22
92.118.180.0/22
178.19.40.0/22
185.28.51.0/24
185.225.244.0/22
185.229.216.0/22
185.231.186.0/23
185.244.228.0/22
185.246.12.0/22
194.31.104.0/22
194.32.112.0/22
Signature Algorithm: sha256WithRSAEncryption
86:14:ec:40:65:64:32:01:86:65:bc:06:45:ad:f5:47:b1:37:
81:aa:77:0e:e0:c7:fa:6b:fd:74:32:de:77:54:27:a9:3d:a5:
cb:cc:96:53:78:cb:6d:e1:bb:cd:c0:b3:d5:5e:79:c0:be:52:
81:38:fc:fd:c8:fd:46:dd:d0:39:59:f9:66:80:37:9a:59:1b:
8f:b2:16:a9:8c:d1:71:39:06:9c:ca:11:0d:4d:d3:86:06:51:
8d:f9:53:d8:fe:fb:58:68:1c:ca:37:6d:63:80:92:72:de:1b:
1a:da:1d:72:3d:de:c5:93:5a:0e:f5:bc:9e:6b:e1:e9:fb:09:
1c:5a:77:46:2f:82:6c:d6:e8:ce:dd:0d:ca:d1:f5:f5:55:cd:
f4:ec:bf:09:f0:4c:ff:74:99:31:cb:48:ef:7b:8d:2f:ef:35:
8b:39:3c:54:8b:a1:08:4c:4e:6f:72:7e:4d:4c:ae:37:81:d8:
fb:d4:cf:5d:44:c4:ea:f9:00:af:eb:15:d7:27:39:a0:8b:32:
f2:91:34:93:4d:43:da:a8:f2:ff:e2:2a:d6:ca:90:d0:9f:96:
4f:c4:0a:6d:64:ab:05:2b:47:04:c1:22:cd:14:c0:10:98:70:
67:df:66:58:0f:3e:a9:18:63:d8:22:23:f5:c5:43:1a:f8:e5:
76:0c:eb:36
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYuuqREjTe9b6dH7EEF4hBYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMxMTA4MTExOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThiZTg0ZmM2MTEyZmM2OGU1MGExZDMzZmMzNmE3ZDUzNTNmODEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dLBs9vs9kAE1kNTUZaVTMO4+nQp
fgesmIooBZ5gXX5ljoO4YCC5f5p0VHC8hqZdiV1cbzMUF81otwTI8X6oMNRcUABY
aZIrH2nqu/g6pSM1hT4aexIJUm3r9dskw5tLfVLKVnwsCZi7KRwsKxkGYWPJolEp
ILoJZIQwB7CNrWyu1SgsONrYimg7WGHQ2d0OFeI6xUybrjegxTRXK9bBP86XevAM
tXqtOWQAA2og00xC7DPeTOe3n3yYZpx84b/D4Mbo6U4CkhKQSjzA7JkFBDfbHeYp
zOa/WEDWhhyeOmI4idSzmNC9NPJgEiz3gpK2FkD/BQWc3KWVHkBIv+jdywIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFJqL6E/GES/GjlCh0z/Dan1TU/gSMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbW92b1Q4WVJMOGFPVUtIVFA4TnFmVk5ULUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgI7
wAMEAx8PAAMEAi1RaAMEAi1RfAMEAi2FPAMEAS2JDAMEAi2RhAMEAi2WVAMEAi2Y
jAMEAi2bOAMEAlm+mAMEAlx2tAMEArITKAMEALkcMwMEArnh9AMEArnl2AMEAbnn
ugMEArn05AMEArn2DAMEAsIfaAMEAsIgcDANBgkqhkiG9w0BAQsFAAOCAQEAhhTs
QGVkMgGGZbwGRa31R7E3gap3DuDH+mv9dDLed1QnqT2ly8yWU3jLbeG7zcCz1V55
wL5SgTj8/cj9Rt3QOVn5ZoA3mlkbj7IWqYzRcTkGnMoRDU3ThgZRjflT2P77WGgc
yjdtY4CSct4bGtodcj3exZNaDvW8nmvh6fsJHFp3Ri+CbNbozt0NytH19VXN9Oy/
CfBM/3SZMctI73uNL+81izk8VIuhCExOb3J+TUyuN4HY+9TPXUTE6vkAr+sV1yc5
oIsy8pE0k01D2qjy/+Iq1sqQ0J+WT8QKbWSrBStHBMEizRTAEJhwZ99mWA8+qRhj
2CIj9cVDGvjldgzrNg==
-----END CERTIFICATE-----
Generated at Wed Nov 8 14:29:50 2023 by rpki-client on console-fra.rpki-client.org