Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/MMcw_tq89_yt3fD4jeLWr7MJIiY.roa
File: MMcw_tq89_yt3fD4jeLWr7MJIiY.roa (raw, json)
Hash identifier: qQ+b2HtK30MN+HQLtx+vLJh93ZzA9zYu6Fk2IDHpLo4=
Subject key identifier: 30:C7:30:FE:DA:BC:F7:FC:AD:DD:F0:F8:8D:E2:D6:AF:B3:09:22:26
Certificate issuer: /CN=02df81268829301f3d69eb96f8ac617fa25256a1
Certificate serial: 01856FF0531A6B8176AAB1C61AE1960972EC
Authority key identifier: 02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/MMcw_tq89_yt3fD4jeLWr7MJIiY.roa
Signing time: Mon 02 Jan 2023 00:44:58 +0000
ROA not before: Mon 02 Jan 2023 00:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47638
IP address blocks: 91.229.174.0/23 maxlen: 24
91.237.197.0/24 maxlen: 24
185.59.204.0/22 maxlen: 24
23.90.64.0/22 maxlen: 24
2a02:6da0::/32 maxlen: 32
2001:67c:248c::/48 maxlen: 48
2a02:6da0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:53:1a:6b:81:76:aa:b1:c6:1a:e1:96:09:72:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02df81268829301f3d69eb96f8ac617fa25256a1
Validity
Not Before: Jan 2 00:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30c730fedabcf7fcadddf0f88de2d6afb3092226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:00:70:7c:39:3b:42:7f:f3:92:fb:88:c2:64:
77:7a:5d:3b:1e:cc:23:07:de:82:54:ed:57:18:04:
4d:d2:06:46:26:10:22:24:cf:0c:ee:8b:d2:bd:ba:
10:bf:53:d0:23:fb:72:23:a3:e3:a8:bb:42:56:52:
e8:34:64:6c:47:51:41:5f:09:a9:b5:78:e3:db:3f:
0c:52:3c:8a:c4:72:db:e8:fd:8c:9f:be:72:a5:a9:
ed:8d:4e:35:1f:7e:a7:35:81:39:c8:26:d8:12:eb:
8b:f6:cb:01:8f:86:79:45:1d:e4:85:3e:1d:af:b8:
af:4d:fa:5c:71:04:00:d2:b3:26:c8:30:ea:cf:ad:
24:e6:2e:fe:ba:bb:c5:e2:eb:c1:f5:7d:2a:68:94:
82:40:5f:d4:e2:9a:31:0a:d2:12:e1:90:e3:54:04:
24:5c:52:68:6e:c3:7d:d5:b9:3b:3b:bb:2c:c5:65:
e4:e2:ec:36:74:1f:e1:39:c9:22:59:27:ee:5c:25:
3c:e9:72:f9:fe:0d:fb:ae:c3:78:06:00:c7:0f:7d:
07:81:4f:63:f2:96:6d:99:8d:d4:f8:73:2e:4b:b3:
12:c0:e6:d7:f1:f1:a0:b5:9f:a4:be:f9:91:2b:94:
54:41:34:55:d2:9e:ad:5c:e1:e5:83:f1:02:2e:c6:
3e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C7:30:FE:DA:BC:F7:FC:AD:DD:F0:F8:8D:E2:D6:AF:B3:09:22:26
X509v3 Authority Key Identifier:
keyid:02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/MMcw_tq89_yt3fD4jeLWr7MJIiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.64.0/22
91.229.174.0/23
91.237.197.0/24
185.59.204.0/22
IPv6:
2001:67c:248c::/48
2a02:6da0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:a6:63:c7:99:24:0d:3e:e2:cd:a9:a3:4c:25:e8:19:1c:12:
69:a5:a9:08:e2:b3:c4:c9:20:9a:e9:2d:55:eb:e4:e9:36:d5:
ef:94:86:44:0f:25:3f:f2:b4:dd:ef:1a:a7:7c:14:c0:3c:c4:
0f:65:7d:2c:d2:0d:8f:ca:27:66:8d:2c:3d:c2:b4:f3:7c:2f:
49:4d:c4:dc:3c:84:c1:9f:85:44:9a:8c:e9:55:58:15:16:70:
25:b4:69:37:ee:f3:56:b5:b0:ab:f6:0b:94:11:6f:4b:3f:b1:
9e:5d:cf:79:9e:01:78:02:24:b6:30:7c:a9:ef:4f:90:29:21:
f8:c1:a6:08:7c:6a:2d:e2:ec:a7:0f:d9:52:a0:a9:1a:9e:d6:
8a:a4:70:55:06:eb:7b:1b:97:53:bf:0f:e5:8d:1f:d5:4e:20:
0f:95:f5:4d:42:a8:d1:68:24:6f:8e:b8:ba:21:1d:5e:b9:2d:
af:f5:88:c0:27:2f:90:4e:e5:9d:e6:da:08:c0:b1:0d:32:08:
50:a7:ff:df:c0:74:f5:87:e1:8e:41:81:6c:83:90:26:b2:e6:
ed:f0:5f:35:39:05:b7:a9:c9:b2:95:b9:ed:26:22:05:7b:92:
f8:42:1e:59:41:4e:5f:9e:bf:2c:56:4d:86:b2:a1:e7:31:50:
c2:36:45:bf
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVv8FMaa4F2qrHGGuGWCXLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZGY4MTI2ODgyOTMwMWYzZDY5ZWI5NmY4YWM2MTdmYTI1
MjU2YTEwHhcNMjMwMTAyMDA0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM3MzBmZWRhYmNmN2ZjYWRkZGYwZjg4ZGUyZDZhZmIzMDkyMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgBwfDk7Qn/zkvuIwmR3el07Hswj
B96CVO1XGARN0gZGJhAiJM8M7ovSvboQv1PQI/tyI6PjqLtCVlLoNGRsR1FBXwmp
tXjj2z8MUjyKxHLb6P2Mn75ypantjU41H36nNYE5yCbYEuuL9ssBj4Z5RR3khT4d
r7ivTfpccQQA0rMmyDDqz60k5i7+urvF4uvB9X0qaJSCQF/U4poxCtIS4ZDjVAQk
XFJobsN91bk7O7ssxWXk4uw2dB/hOckiWSfuXCU86XL5/g37rsN4BgDHD30HgU9j
8pZtmY3U+HMuS7MSwObX8fGgtZ+kvvmRK5RUQTRV0p6tXOHlg/ECLsY+rQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDDHMP7avPf8rd3w+I3i1q+zCSImMB8GA1UdIwQY
MBaAFALfgSaIKTAfPWnrlvisYX+iUlahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2It
M2U4NmQyYzI5OTY5LzEvTU1jd190cTg5X3l0M2ZENGplTFdyN01KSWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2ItM2U4NmQyYzI5OTY5
LzEvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCF1pAAwQB
W+WuAwQAW+3FAwQCuTvMMBYEAgACMBADBwAgAQZ8JIwDBQMqAm2gMA0GCSqGSIb3
DQEBCwUAA4IBAQAOpmPHmSQNPuLNqaNMJegZHBJppakI4rPEySCa6S1V6+TpNtXv
lIZEDyU/8rTd7xqnfBTAPMQPZX0s0g2PyidmjSw9wrTzfC9JTcTcPITBn4VEmozp
VVgVFnAltGk37vNWtbCr9guUEW9LP7GeXc95ngF4AiS2MHyp70+QKSH4waYIfGot
4uynD9lSoKkantaKpHBVBut7G5dTvw/ljR/VTiAPlfVNQqjRaCRvjri6IR1euS2v
9YjAJy+QTuWd5toIwLENMghQp//fwHT1h+GOQYFsg5Amsubt8F81OQW3qcmylbnt
JiIFe5L4Qh5ZQU5fnr8sVk2GsqHnMVDCNkW/
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:49 2024 by rpki-client on console-fra.rpki-client.org