Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/mxcR_y51bgUUEZw1BjOsewlsxsA.roa
File: mxcR_y51bgUUEZw1BjOsewlsxsA.roa (raw, json)
Hash identifier: LyVBfgL6r9gHqk+UC5czRNLPOIO9qjdu9iaruRdcs/A=
Subject key identifier: 9B:17:11:FF:2E:75:6E:05:14:11:9C:35:06:33:AC:7B:09:6C:C6:C0
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01856F54B61B96753607EF73954E61E88763
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/mxcR_y51bgUUEZw1BjOsewlsxsA.roa
Signing time: Sun 01 Jan 2023 21:55:00 +0000
ROA not before: Sun 01 Jan 2023 21:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.237.0/24 maxlen: 24
80.71.234.0/24 maxlen: 24
81.29.146.0/24 maxlen: 24
81.29.157.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:b6:1b:96:75:36:07:ef:73:95:4e:61:e8:87:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 1 21:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b1711ff2e756e0514119c350633ac7b096cc6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:99:31:d6:d9:68:96:5b:c2:91:fb:33:57:8b:
7d:0d:d0:e8:b8:63:8f:28:4d:1f:07:82:7b:f7:95:
19:d4:9d:d0:92:a6:95:51:66:ad:6f:7e:33:ec:a2:
6a:bd:a4:3b:a3:68:eb:3d:10:f6:33:84:d9:4d:e7:
aa:82:c5:3e:0c:8e:75:cb:1d:e6:bd:d1:71:b2:bb:
71:90:6a:c2:c9:6f:be:23:e4:fa:1a:8a:cd:16:b7:
d2:b9:31:60:df:8d:df:e1:4e:3a:63:d7:c6:fe:c4:
2c:35:62:67:78:a5:9f:6d:fa:d4:3f:0b:3c:9e:30:
f2:88:ea:3b:51:7c:3d:53:ea:d4:9a:44:00:87:3e:
cc:d5:d5:0b:bc:7f:92:ac:b1:21:5d:1a:05:2e:7b:
97:6f:52:fb:fc:24:b1:19:ab:7e:d5:a5:07:b4:30:
b8:51:9c:a2:f4:6d:85:5a:7e:38:09:58:f7:c6:f8:
86:89:ae:55:1d:66:34:fa:5d:8e:c5:8c:34:f1:29:
6c:c6:30:11:17:5c:18:31:02:92:88:b4:82:f1:eb:
0c:8a:e4:3d:8f:c4:61:30:bb:2a:1e:eb:49:40:81:
e2:d1:24:20:6e:2e:af:02:65:2a:1e:9e:39:a2:de:
e5:0c:87:f6:b5:44:35:da:94:39:94:73:fd:b8:d4:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:17:11:FF:2E:75:6E:05:14:11:9C:35:06:33:AC:7B:09:6C:C6:C0
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/mxcR_y51bgUUEZw1BjOsewlsxsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0-80.71.234.255
80.71.236.0/23
81.29.146.0/24
81.29.156.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:e2:d2:4e:f8:0e:1c:3d:d1:bf:00:98:67:91:21:8a:aa:7a:
49:9e:1d:d5:28:b1:69:c9:34:f9:f8:93:da:c2:4b:ee:8f:d9:
cd:69:0f:97:bf:f8:1a:8c:69:4a:98:e6:ca:1d:98:b8:29:ea:
26:8a:39:a4:ef:53:3f:22:51:94:74:2e:7e:86:e9:62:84:7c:
a2:ba:23:14:27:ce:11:75:7b:14:df:9b:cf:2d:87:5b:f6:26:
fa:fa:d1:84:f2:b8:02:24:36:42:62:0d:0c:7b:ab:8b:5e:95:
45:41:ff:93:8d:3d:c5:3e:95:2a:97:8d:16:b9:3f:ac:f6:c2:
a7:1c:43:95:d4:15:e2:1e:94:cf:f3:b1:66:a8:c7:18:76:e3:
7c:79:be:cf:c2:c4:bd:a0:bd:f9:6d:09:82:09:64:06:01:19:
4f:1a:cd:8a:5c:9c:42:bd:d4:75:3a:84:ad:b2:bc:c4:2f:d9:
49:73:40:4c:39:4e:b5:43:80:14:b4:32:e2:c9:8b:4a:a4:02:
bc:30:a1:5e:10:6a:72:45:a9:15:5e:55:1e:92:cb:76:ac:1d:
53:8f:ce:52:e6:b1:ab:9a:5b:85:2e:71:78:6e:47:75:bb:45:
21:58:62:45:f8:fe:52:9e:a9:94:8d:81:7b:50:bc:8a:03:14:
65:8b:78:7a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvVLYblnU2B+9zlU5h6IdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMTAxMjE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE3MTFmZjJlNzU2ZTA1MTQxMTljMzUwNjMzYWM3YjA5NmNjNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJkx1tlollvCkfszV4t9DdDouGOP
KE0fB4J795UZ1J3QkqaVUWatb34z7KJqvaQ7o2jrPRD2M4TZTeeqgsU+DI51yx3m
vdFxsrtxkGrCyW++I+T6GorNFrfSuTFg343f4U46Y9fG/sQsNWJneKWfbfrUPws8
njDyiOo7UXw9U+rUmkQAhz7M1dULvH+SrLEhXRoFLnuXb1L7/CSxGat+1aUHtDC4
UZyi9G2FWn44CVj3xviGia5VHWY0+l2OxYw08SlsxjARF1wYMQKSiLSC8esMiuQ9
j8RhMLsqHutJQIHi0SQgbi6vAmUqHp45ot7lDIf2tUQ12pQ5lHP9uNSSjwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJsXEf8udW4FFBGcNQYzrHsJbMbAMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvbXhjUl95NTFiZ1VVRVp3MUJqT3Nld2xzeHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUEfnMAwD
BABQR+kDBABQR+oDBAFQR+wDBABRHZIDBAFRHZwwDQYJKoZIhvcNAQELBQADggEB
ACzi0k74Dhw90b8AmGeRIYqqekmeHdUosWnJNPn4k9rCS+6P2c1pD5e/+BqMaUqY
5sodmLgp6iaKOaTvUz8iUZR0Ln6G6WKEfKK6IxQnzhF1exTfm88th1v2Jvr60YTy
uAIkNkJiDQx7q4telUVB/5ONPcU+lSqXjRa5P6z2wqccQ5XUFeIelM/zsWaoxxh2
43x5vs/CxL2gvfltCYIJZAYBGU8azYpcnEK91HU6hK2yvMQv2UlzQEw5TrVDgBS0
MuLJi0qkArwwoV4QanJFqRVeVR6Sy3asHVOPzlLmsauaW4UucXhuR3W7RSFYYkX4
/lKeqZSNgXtQvIoDFGWLeHo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org