Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mNLhoBaxNdkkn-A2ttz_VQhTI7c.roa
File: mNLhoBaxNdkkn-A2ttz_VQhTI7c.roa (raw, json)
Hash identifier: ALnEMCoJzPMCY3eQbFly8W1J98NqjkG1r7or8kcC34Y=
Subject key identifier: 98:D2:E1:A0:16:B1:35:D9:24:9F:E0:36:B6:DC:FF:55:08:53:23:B7
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018616108F9A16D7E593F788734797162654
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mNLhoBaxNdkkn-A2ttz_VQhTI7c.roa
Signing time: Fri 03 Feb 2023 06:57:09 +0000
ROA not before: Fri 03 Feb 2023 06:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.181.168.0/24 maxlen: 24
185.96.80.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
141.98.87.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:10:8f:9a:16:d7:e5:93:f7:88:73:47:97:16:26:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 3 06:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98d2e1a016b135d9249fe036b6dcff55085323b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0e:39:85:79:9e:e6:0b:57:3c:cb:22:cb:79:
32:47:ee:71:d2:ef:30:a8:fa:28:3c:6c:02:55:53:
62:e5:44:02:89:75:e5:ab:61:1b:01:d6:a6:ff:f9:
73:1a:6d:3b:bf:87:b9:7e:08:bb:40:33:70:4d:ee:
f7:6f:38:24:96:eb:a5:82:b1:fd:cd:13:9b:fa:71:
e8:83:e4:fd:0c:ee:e0:0f:22:4a:de:5a:04:47:05:
9b:2f:4b:11:1e:5c:36:7d:96:89:b5:f8:a4:57:0b:
fe:fe:41:0c:68:dc:be:5e:06:e9:36:0b:0a:9f:fd:
92:f5:29:90:18:93:d1:49:2d:ad:b0:6a:6e:4e:14:
05:cf:6a:e4:89:25:3f:2d:be:f7:88:da:a0:b6:51:
8a:fe:0f:da:f6:8e:ef:78:a5:21:03:c7:1e:e3:9b:
35:3a:22:dc:0b:05:6b:ec:af:a6:d4:fc:d2:03:52:
af:83:00:9d:35:3e:1e:53:7f:da:90:dc:3d:f1:70:
74:91:e2:e7:b6:a9:9a:3e:23:9a:a2:7d:b2:78:b2:
41:a4:95:4b:38:1d:39:54:ee:59:b6:24:10:01:c6:
c0:e2:0e:48:52:c8:e7:c0:58:8e:34:d4:75:dc:a9:
e3:f4:ee:12:23:9c:c6:9a:a6:c1:dd:f0:80:40:92:
59:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D2:E1:A0:16:B1:35:D9:24:9F:E0:36:B6:DC:FF:55:08:53:23:B7
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mNLhoBaxNdkkn-A2ttz_VQhTI7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.88.36.0/24
185.89.42.0/23
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.96.80.0/24
185.97.1.0/24
185.97.3.0/24
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
66:83:60:6a:70:24:0a:6e:c5:4d:2d:57:22:2f:86:c7:bd:d5:
ac:28:1c:55:48:1d:0e:1b:8f:df:44:62:ca:a2:a7:c2:9c:e9:
b9:a7:c9:f8:86:6f:5b:20:37:bd:25:51:c8:fa:46:65:af:0f:
13:1f:b2:3c:dc:45:09:6b:aa:a3:d4:ad:96:cf:5c:b2:14:aa:
b6:55:66:a6:99:ba:88:e8:a0:ff:56:74:46:b4:9f:79:23:58:
60:08:61:97:7b:2d:be:53:66:11:09:60:31:57:aa:77:3c:49:
3a:1e:04:78:dc:98:31:13:63:93:00:bd:be:c8:dc:e8:eb:d4:
02:64:30:2e:35:c9:fd:a1:73:e8:a1:73:16:ef:63:27:89:0c:
f0:8f:18:39:71:60:19:f7:aa:b1:50:56:d1:2e:d6:97:40:67:
72:38:1d:b7:53:03:81:12:10:81:ca:3b:e5:52:a4:80:f2:39:
bb:62:0a:fc:29:c0:80:72:18:32:52:82:11:d1:7b:98:c8:44:
ba:aa:39:9c:5c:0b:bf:f5:86:64:56:81:6e:71:94:d0:e7:ce:
cb:57:de:b8:d3:d5:6f:f1:ff:f7:b7:a3:d1:2b:37:d3:93:6d:
8e:d8:e1:4e:6c:76:54:98:15:31:cb:ee:cf:00:71:84:72:10:
9d:be:cf:36
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYYWEI+aFtflk/eIc0eXFiZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjAzMDY1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQyZTFhMDE2YjEzNWQ5MjQ5ZmUwMzZiNmRjZmY1NTA4NTMyM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w45hXme5gtXPMsiy3kyR+5x0u8w
qPooPGwCVVNi5UQCiXXlq2EbAdam//lzGm07v4e5fgi7QDNwTe73bzgkluulgrH9
zROb+nHog+T9DO7gDyJK3loERwWbL0sRHlw2fZaJtfikVwv+/kEMaNy+XgbpNgsK
n/2S9SmQGJPRSS2tsGpuThQFz2rkiSU/Lb73iNqgtlGK/g/a9o7veKUhA8ce45s1
OiLcCwVr7K+m1PzSA1KvgwCdNT4eU3/akNw98XB0keLntqmaPiOaon2yeLJBpJVL
OB05VO5ZtiQQAcbA4g5IUsjnwFiONNR13Knj9O4SI5zGmqbB3fCAQJJZrQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFJjS4aAWsTXZJJ/gNrbc/1UIUyO3MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvbU5MaG9CYXhOZGtrbi1BMnR0el9WUWhUSTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYDBAC5Ua4DBAC5
UbgDBAC5UbsDBAC5WCQDBAG5WSoDBAG5WWgDBAK5WWwwDAMEALlfZQMEA7lfYAME
ALlgJgMEALlgUAMEALlhAQMEALlhAwMEAMJoCgMEANXoeAMEANXoejANBgkqhkiG
9w0BAQsFAAOCAQEAZoNganAkCm7FTS1XIi+Gx73VrCgcVUgdDhuP30RiyqKnwpzp
uafJ+IZvWyA3vSVRyPpGZa8PEx+yPNxFCWuqo9Stls9cshSqtlVmppm6iOig/1Z0
RrSfeSNYYAhhl3stvlNmEQlgMVeqdzxJOh4EeNyYMRNjkwC9vsjc6OvUAmQwLjXJ
/aFz6KFzFu9jJ4kM8I8YOXFgGfeqsVBW0S7Wl0Bncjgdt1MDgRIQgco75VKkgPI5
u2IK/CnAgHIYMlKCEdF7mMhEuqo5nFwLv/WGZFaBbnGU0OfOy1feuNPVb/H/97ej
0Ss305NtjtjhTmx2VJgVMcvuzwBxhHIQnb7PNg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:17 2023 by rpki-client on console-fra.rpki-client.org