Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/mGxoj0qcv9bvhwT5jJcMlK0BB1c.roa
File: mGxoj0qcv9bvhwT5jJcMlK0BB1c.roa (raw, json)
Hash identifier: y5RPLV8yRHQYo1bPr5Vl3jcGhOGC+QPQIIy25438RPc=
Subject key identifier: 98:6C:68:8F:4A:9C:BF:D6:EF:87:04:F9:8C:97:0C:94:AD:01:07:57
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018570705BDD4F12BCB23E8F98050543578A
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/mGxoj0qcv9bvhwT5jJcMlK0BB1c.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28769
IP address blocks: 31.216.166.0/24 maxlen: 24
31.216.160.0/22 maxlen: 24
31.216.164.0/23 maxlen: 23
31.216.171.0/24 maxlen: 24
31.216.168.0/23 maxlen: 23
31.216.167.0/24 maxlen: 24
31.216.172.0/22 maxlen: 22
46.166.65.0/24 maxlen: 24
46.166.66.0/24 maxlen: 24
46.166.67.0/24 maxlen: 24
46.166.78.0/24 maxlen: 24
80.240.35.0/24 maxlen: 24
80.240.32.0/24 maxlen: 24
80.240.36.0/23 maxlen: 23
80.240.33.0/24 maxlen: 24
80.240.34.0/24 maxlen: 24
80.240.44.0/24 maxlen: 24
80.240.47.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.84.0/23 maxlen: 23
46.166.91.0/24 maxlen: 24
46.166.88.0/23 maxlen: 24
46.166.86.0/24 maxlen: 24
46.166.87.0/24 maxlen: 24
46.166.92.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.98.0/24 maxlen: 24
46.166.104.0/22 maxlen: 22
46.166.99.0/24 maxlen: 24
46.166.112.0/23 maxlen: 23
46.166.116.0/22 maxlen: 22
46.166.114.0/24 maxlen: 24
46.166.120.0/21 maxlen: 21
93.188.215.0/24 maxlen: 24
93.188.208.0/23 maxlen: 23
93.188.210.0/24 maxlen: 24
46.182.132.0/22 maxlen: 22
46.182.131.0/24 maxlen: 24
46.182.128.0/22 maxlen: 22
2a06:e0c3::/32 maxlen: 32
2a06:e0c1::/32 maxlen: 32
2a06:e0c0::/32 maxlen: 32
2a06:e0c2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:5b:dd:4f:12:bc:b2:3e:8f:98:05:05:43:57:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=986c688f4a9cbfd6ef8704f98c970c94ad010757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7e:53:63:a5:df:86:29:b5:13:36:04:eb:00:
30:d1:d5:44:30:66:95:0b:ac:92:fd:96:05:d8:5a:
6e:6b:88:60:04:75:7d:3a:73:5f:31:a7:05:f4:7f:
e2:16:82:9f:9c:83:49:df:e4:dd:b6:cd:02:93:45:
c2:8d:dc:51:46:b8:66:7a:9e:96:8b:e1:3b:24:20:
73:65:9e:4e:60:ce:47:73:60:d1:35:5f:52:8b:78:
3a:bd:b6:60:9f:72:d9:57:14:51:fa:81:eb:35:6a:
57:76:56:36:30:94:96:c2:bd:79:79:7a:29:2c:36:
25:60:5f:12:38:75:ff:88:84:86:f5:91:7c:97:c1:
d8:4a:6e:27:bf:a0:69:b7:a7:05:07:24:2b:df:79:
d6:b4:33:00:88:ba:70:50:97:65:4b:fa:ce:e6:85:
4f:07:ba:8a:e1:8b:fc:a2:a6:0f:a3:cb:c7:ca:6a:
5e:85:07:75:c0:12:da:96:7b:d6:58:f7:ce:ad:e4:
73:3d:ed:20:b4:30:13:bb:77:07:93:38:fa:60:6d:
46:8d:e4:a4:27:05:ac:0d:d4:62:94:3b:cf:7b:ed:
f8:16:99:a9:21:66:ad:2d:55:96:0b:9f:3c:1e:03:
90:3d:78:73:8c:80:d5:6c:2f:d4:01:5a:3a:29:a8:
2e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6C:68:8F:4A:9C:BF:D6:EF:87:04:F9:8C:97:0C:94:AD:01:07:57
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/mGxoj0qcv9bvhwT5jJcMlK0BB1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.160.0-31.216.169.255
31.216.171.0-31.216.175.255
46.166.65.0-46.166.67.255
46.166.78.0/23
46.166.84.0-46.166.89.255
46.166.91.0-46.166.94.255
46.166.98.0/23
46.166.104.0/22
46.166.112.0-46.166.114.255
46.166.116.0-46.166.127.255
46.182.128.0/21
80.240.32.0-80.240.37.255
80.240.44.0/24
80.240.47.0/24
93.188.208.0-93.188.210.255
93.188.215.0/24
IPv6:
2a06:e0c0::/30
Signature Algorithm: sha256WithRSAEncryption
d9:33:26:29:83:00:f7:98:6e:3a:1a:6f:d0:63:2b:92:b7:00:
47:26:7b:21:9a:ce:8b:18:5f:8d:f0:ea:41:90:f4:a1:18:0b:
ff:3c:64:b2:ed:8f:73:89:fd:c9:6a:d5:aa:6c:10:75:7d:be:
9d:6a:1b:cf:82:28:7e:aa:44:96:77:32:ec:7f:b4:32:d2:f1:
04:b4:25:60:30:98:44:17:6d:df:65:5a:e7:8c:70:8c:1c:30:
55:17:fd:d6:4b:dd:c1:89:1d:fc:64:52:f2:89:08:38:fc:36:
70:56:97:a9:a0:7f:e6:e3:6f:99:b0:43:8f:3e:e1:9b:4a:13:
bd:3e:b6:92:7c:77:d5:1f:fb:f1:65:14:16:5d:91:87:9c:5c:
92:f9:75:65:8e:97:a1:ea:ef:0e:98:dc:1e:2a:01:ba:5d:aa:
63:6e:17:b6:a2:c2:94:e8:70:85:3a:15:62:7b:11:a9:9d:c2:
7b:a3:d1:3c:9a:93:25:a3:2e:36:8c:62:57:de:98:89:3a:9e:
9b:e8:69:d2:8a:c8:84:2c:40:dc:c7:b1:c8:c3:00:9c:d7:7c:
27:c3:4a:64:eb:e4:9d:cd:4a:4b:13:2e:fd:80:82:97:fa:4b:
7c:59:28:f8:f0:cd:d7:33:c9:89:31:7e:aa:d3:a2:be:cf:bb:
ee:e0:0c:3a
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYVwcFvdTxK8sj6PmAUFQ1eKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZjNjg4ZjRhOWNiZmQ2ZWY4NzA0Zjk4Yzk3MGM5NGFkMDEwNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH5TY6Xfhim1EzYE6wAw0dVEMGaV
C6yS/ZYF2Fpua4hgBHV9OnNfMacF9H/iFoKfnINJ3+Tdts0Ck0XCjdxRRrhmep6W
i+E7JCBzZZ5OYM5Hc2DRNV9Si3g6vbZgn3LZVxRR+oHrNWpXdlY2MJSWwr15eXop
LDYlYF8SOHX/iISG9ZF8l8HYSm4nv6Bpt6cFByQr33nWtDMAiLpwUJdlS/rO5oVP
B7qK4Yv8oqYPo8vHympehQd1wBLalnvWWPfOreRzPe0gtDATu3cHkzj6YG1GjeSk
JwWsDdRilDvPe+34FpmpIWatLVWWC588HgOQPXhzjIDVbC/UAVo6Kagu9wIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFJhsaI9KnL/W74cE+YyXDJStAQdXMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvbUd4b2owcWN2OWJ2aHdUNWpKY01sSzBCQjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBrwQCAAEwgagwDAME
BR/YoAMEAR/YqDAMAwQAH9irAwQEH9igMAwDBAAupkEDBAIupkADBAEupk4wDAME
Ai6mVAMEAS6mWDAMAwQALqZbAwQALqZeAwQBLqZiAwQCLqZoMAwDBAQupnADBAAu
pnIwDAMEAi6mdAMEBy6mAAMEAy62gDAMAwQFUPAgAwQBUPAkAwQAUPAsAwQAUPAv
MAwDBARdvNADBABdvNIDBABdvNcwDQQCAAIwBwMFAioG4MAwDQYJKoZIhvcNAQEL
BQADggEBANkzJimDAPeYbjoab9BjK5K3AEcmeyGazosYX43w6kGQ9KEYC/88ZLLt
j3OJ/clq1apsEHV9vp1qG8+CKH6qRJZ3Mux/tDLS8QS0JWAwmEQXbd9lWueMcIwc
MFUX/dZL3cGJHfxkUvKJCDj8NnBWl6mgf+bjb5mwQ48+4ZtKE70+tpJ8d9Uf+/Fl
FBZdkYecXJL5dWWOl6Hq7w6Y3B4qAbpdqmNuF7aiwpTocIU6FWJ7Eamdwnuj0Tya
kyWjLjaMYlfemIk6npvoadKKyIQsQNzHscjDAJzXfCfDSmTr5J3NSksTLv2Agpf6
S3xZKPjwzdczyYkxfqrTor7Pu+7gDDo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:32 2024 by rpki-client on console-ams.rpki-client.org