Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/MSQyGZh2LCtsJvUzk6zqcaE5txc.roa
File: MSQyGZh2LCtsJvUzk6zqcaE5txc.roa (raw, json)
Hash identifier: mxaVX5urI/IQYP0IkMtl5ew2SChVPpmTeh8wOI3gDt8=
Subject key identifier: 31:24:32:19:98:76:2C:2B:6C:26:F5:33:93:AC:EA:71:A1:39:B7:17
Certificate issuer: /CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Certificate serial: 0185704BC298DE2E800BAE0899CF12B63A0B
Authority key identifier: 29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/MSQyGZh2LCtsJvUzk6zqcaE5txc.roa
Signing time: Mon 02 Jan 2023 02:24:51 +0000
ROA not before: Mon 02 Jan 2023 02:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63949
IP address blocks: 151.236.216.0/21 maxlen: 24
80.85.84.0/22 maxlen: 24
176.58.96.0/19 maxlen: 24
212.71.232.0/21 maxlen: 24
212.71.244.0/22 maxlen: 24
194.233.160.0/21 maxlen: 24
192.53.112.0/21 maxlen: 24
194.233.168.0/21 maxlen: 24
212.71.248.0/21 maxlen: 24
85.159.208.0/21 maxlen: 24
88.80.184.0/21 maxlen: 24
192.53.124.0/22 maxlen: 24
194.233.176.0/21 maxlen: 24
192.53.120.0/22 maxlen: 24
109.237.24.0/22 maxlen: 24
194.233.184.0/21 maxlen: 24
192.46.208.0/21 maxlen: 24
192.46.216.0/22 maxlen: 24
192.46.222.0/23 maxlen: 24
192.46.220.0/23 maxlen: 24
192.46.224.0/21 maxlen: 24
192.46.232.0/21 maxlen: 24
192.53.160.0/21 maxlen: 24
192.53.168.0/23 maxlen: 24
192.53.172.0/22 maxlen: 24
192.53.170.0/23 maxlen: 24
213.52.128.0/22 maxlen: 24
178.79.128.0/18 maxlen: 24
85.90.244.0/22 maxlen: 24
212.111.40.0/22 maxlen: 24
185.3.92.0/22 maxlen: 24
194.195.112.0/21 maxlen: 24
194.195.120.0/21 maxlen: 24
213.219.36.0/22 maxlen: 24
109.74.192.0/20 maxlen: 24
194.195.208.0/21 maxlen: 24
194.195.216.0/21 maxlen: 24
213.168.248.0/22 maxlen: 24
194.195.240.0/21 maxlen: 24
194.195.248.0/21 maxlen: 24
2a01:7e01::/32 maxlen: 48
2a01:7e00::/31 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Jun 2023 14:05:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c2:98:de:2e:80:0b:ae:08:99:cf:12:b6:3a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Validity
Not Before: Jan 2 02:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3124321998762c2b6c26f53393acea71a139b717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:86:ec:63:1f:75:e1:3c:16:8c:29:3d:69:03:
f2:19:2b:a4:fd:de:49:a6:15:c7:49:18:6f:87:3f:
cf:4c:f6:6e:ed:fc:fe:0a:67:95:16:d3:f6:f1:7d:
bf:5f:f0:79:dc:56:21:01:92:58:f2:20:84:25:4f:
d8:e1:31:37:12:67:6e:ef:b2:ff:ec:ef:1f:ef:50:
4f:fe:6f:40:03:04:1a:5d:e7:96:6c:7d:73:5b:bd:
12:72:20:58:15:86:fb:ed:2e:73:ef:57:d6:27:f5:
1d:7e:25:6f:7d:4e:58:83:dd:e8:0b:65:67:a6:f7:
56:26:2c:01:ea:6a:9f:b3:15:f3:50:d1:ce:96:43:
a8:f8:eb:00:48:47:20:f3:82:fe:ac:d7:e0:11:94:
51:2c:21:45:3c:46:16:e6:3a:d1:ae:d6:c3:ad:b6:
68:fa:e6:76:6f:e2:42:a3:66:02:ec:2d:1e:b2:0a:
1b:4b:8d:9e:6a:11:1d:c2:fe:24:47:a2:d2:16:fc:
8a:3e:d3:5c:e3:38:6d:71:a0:09:70:99:5d:d1:23:
4c:6e:b2:88:cc:cf:5b:1a:2e:f3:3c:67:34:ea:f4:
eb:2a:c1:ed:21:4d:99:9b:c6:70:46:59:22:82:ec:
90:d2:25:e2:da:11:fd:87:e6:6e:0d:8b:ad:79:93:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:24:32:19:98:76:2C:2B:6C:26:F5:33:93:AC:EA:71:A1:39:B7:17
X509v3 Authority Key Identifier:
keyid:29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/MSQyGZh2LCtsJvUzk6zqcaE5txc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.84.0/22
85.90.244.0/22
85.159.208.0/21
88.80.184.0/21
109.74.192.0/20
109.237.24.0/22
151.236.216.0/21
176.58.96.0/19
178.79.128.0/18
185.3.92.0/22
192.46.208.0-192.46.239.255
192.53.112.0/20
192.53.160.0/20
194.195.112.0/20
194.195.208.0/20
194.195.240.0/20
194.233.160.0/19
212.71.232.0/21
212.71.244.0-212.71.255.255
212.111.40.0/22
213.52.128.0/22
213.168.248.0/22
213.219.36.0/22
IPv6:
2a01:7e00::/31
Signature Algorithm: sha256WithRSAEncryption
7b:9e:bf:f5:65:3f:a5:30:c1:0a:58:de:16:f7:ed:b8:7c:1c:
5f:6e:76:43:ac:c6:ed:a8:6a:8f:d9:44:23:22:96:a9:5d:d3:
e0:d4:05:6c:f8:b3:bd:66:52:7b:d7:24:29:31:63:22:92:f7:
c1:b2:a7:d4:f4:d3:11:c2:1b:54:86:cb:e6:6b:aa:a4:5d:26:
b6:1d:77:4d:29:4d:c2:fb:42:3d:96:0d:fc:b5:55:2f:5e:eb:
20:5c:f3:e1:3f:49:2e:f2:78:1f:15:83:38:a1:9d:83:ee:44:
67:8d:84:1c:2f:bd:c1:ad:65:d9:f5:e9:f2:2c:58:85:68:bc:
a8:22:c5:ae:51:85:41:b1:dd:61:d2:67:1e:cd:35:01:fa:ff:
dc:ae:ae:23:4d:17:c7:f0:5b:3e:fb:66:c2:f9:f4:c9:8f:61:
cd:f3:b1:f6:df:e4:cc:bd:6c:ba:ca:62:c0:44:1e:5e:c5:0b:
92:0d:f9:ef:bd:a3:dc:34:ce:ba:76:43:12:cd:b0:8f:f5:a4:
81:34:28:6e:de:25:2c:de:be:60:0d:35:16:0b:1f:94:bd:33:
8a:b0:a1:a0:5c:75:a6:b5:65:45:62:44:b5:3e:6c:f0:f4:d5:
60:93:a0:60:8e:b6:31:53:02:dc:7c:cb:45:c1:75:dd:2c:59:
d3:31:2a:46
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYVwS8KY3i6AC64Imc8StjoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YWQ4YmZlMDdhZDVkMmNjYjQzYjBkMWRiYTZiMTkyY2I1
MWRiZWEwHhcNMjMwMTAyMDIyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTI0MzIxOTk4NzYyYzJiNmMyNmY1MzM5M2FjZWE3MWExMzliNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnobsYx914TwWjCk9aQPyGSuk/d5J
phXHSRhvhz/PTPZu7fz+CmeVFtP28X2/X/B53FYhAZJY8iCEJU/Y4TE3Emdu77L/
7O8f71BP/m9AAwQaXeeWbH1zW70SciBYFYb77S5z71fWJ/UdfiVvfU5Yg93oC2Vn
pvdWJiwB6mqfsxXzUNHOlkOo+OsASEcg84L+rNfgEZRRLCFFPEYW5jrRrtbDrbZo
+uZ2b+JCo2YC7C0esgobS42eahEdwv4kR6LSFvyKPtNc4zhtcaAJcJld0SNMbrKI
zM9bGi7zPGc06vTrKsHtIU2Zm8ZwRlkiguyQ0iXi2hH9h+ZuDYuteZNJvQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFDEkMhmYdiwrbCb1M5Os6nGhObcXMB8GA1UdIwQY
MBaAFCmti/4HrV0sy0Ow0dumsZLLUdvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTkt
Mzc4NDk5Mzk4ZjE4LzEvTVNReUdaaDJMQ3RzSnZVems2enFjYUU1dHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTktMzc4NDk5Mzk4ZjE4
LzEvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBoAQCAAEwgZkDBAJQ
VVQDBAJVWvQDBANVn9ADBANYULgDBARtSsADBAJt7RgDBAOX7NgDBAWwOmADBAay
T4ADBAK5A1wwDAMEBMAu0AMEBMAu4AMEBMA1cAMEBMA1oAMEBMLDcAMEBMLD0AME
BMLD8AMEBcLpoAMEA9RH6DALAwQC1Ef0AwMD1EADBALUbygDBALVNIADBALVqPgD
BALV2yQwDQQCAAIwBwMFASoBfgAwDQYJKoZIhvcNAQELBQADggEBAHuev/VlP6Uw
wQpY3hb37bh8HF9udkOsxu2oao/ZRCMilqld0+DUBWz4s71mUnvXJCkxYyKS98Gy
p9T00xHCG1SGy+ZrqqRdJrYdd00pTcL7Qj2WDfy1VS9e6yBc8+E/SS7yeB8Vgzih
nYPuRGeNhBwvvcGtZdn16fIsWIVovKgixa5RhUGx3WHSZx7NNQH6/9yuriNNF8fw
Wz77ZsL59MmPYc3zsfbf5My9bLrKYsBEHl7FC5IN+e+9o9w0zrp2QxLNsI/1pIE0
KG7eJSzevmANNRYLH5S9M4qwoaBcdaa1ZUViRLU+bPD01WCToGCOtjFTAtx8y0XB
dd0sWdMxKkY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:00 2024 by rpki-client on console-ams.rpki-client.org