Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MPfbeHxKEqao9oIkrLv9Rp5uQVA.roa
File: MPfbeHxKEqao9oIkrLv9Rp5uQVA.roa (raw, json)
Hash identifier: Ej8634+Dw/j4ykvOfur65S0BPhunDFhifHQKQsQmHLE=
Subject key identifier: 30:F7:DB:78:7C:4A:12:A6:A8:F6:82:24:AC:BB:FD:46:9E:6E:41:50
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0186E52D26DB53FB1458FDE1877110297BA6
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MPfbeHxKEqao9oIkrLv9Rp5uQVA.roa
Signing time: Wed 15 Mar 2023 12:09:46 +0000
ROA not before: Wed 15 Mar 2023 12:09:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:202::/32 maxlen: 32
2a11:201::/32 maxlen: 32
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:2d:26:db:53:fb:14:58:fd:e1:87:71:10:29:7b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 15 12:09:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f7db787c4a12a6a8f68224acbbfd469e6e4150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:69:45:37:6c:21:13:bc:6d:de:59:3f:34:
56:20:5b:db:8f:dd:b5:58:8a:28:86:00:87:f6:d5:
56:99:f5:63:63:50:5f:ee:c0:0f:9f:d1:8f:1e:2e:
6e:93:d4:0f:63:ac:a9:0c:c0:65:cb:37:20:8e:e4:
73:9f:96:52:82:b8:38:88:9a:61:9f:45:2e:a0:d7:
97:a4:6b:a4:bc:0b:30:84:8c:f5:44:a7:a7:59:48:
9c:15:22:3b:36:a2:31:c1:fd:2a:7e:3f:9a:00:d6:
24:7f:3a:ce:7a:e6:15:6a:90:68:92:e8:ca:af:fc:
2c:50:ed:18:f0:0e:81:ea:6b:f6:07:f8:d0:a7:68:
4f:1f:8c:f8:90:cf:63:13:9b:d3:b1:52:b0:67:28:
84:de:a5:35:1a:da:08:36:d9:b9:e8:63:1b:50:88:
c4:0c:4d:45:86:b6:cd:c7:43:1e:f6:4b:a6:6e:f1:
e8:23:fb:5c:8f:04:f8:99:4f:59:7e:e7:aa:17:c5:
0f:ca:a3:3d:15:f6:d4:af:86:20:d4:01:fc:bd:b2:
db:61:90:c0:1e:47:fa:95:59:97:b6:e2:43:bb:00:
98:24:b6:0a:6f:91:11:d8:94:a1:8a:41:e9:f5:5a:
1f:aa:c2:39:88:74:a3:5b:cb:49:a9:fb:cc:2c:cf:
3b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:DB:78:7C:4A:12:A6:A8:F6:82:24:AC:BB:FD:46:9E:6E:41:50
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/MPfbeHxKEqao9oIkrLv9Rp5uQVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a10:c0c0::/29
2a11:200::/36
2a11:200:4000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:63:0a:78:f8:85:da:59:a6:ed:de:f2:b7:45:12:51:0a:ff:
2b:f2:5b:32:a4:d4:5b:48:81:b8:f3:2a:f9:34:a0:ac:62:8c:
00:11:db:6a:9b:69:59:48:04:a7:20:32:ff:99:13:2f:0e:24:
4b:48:e6:3d:41:6e:4c:3e:a3:12:ae:32:94:2a:6c:3a:99:ec:
4a:dd:c1:2e:94:ee:30:07:6e:6d:ef:35:c5:67:b0:10:91:7c:
1d:5f:75:ec:53:2b:3f:4c:1b:84:22:ce:3d:aa:32:86:d6:20:
16:6e:34:89:9d:ae:93:e2:b2:ad:1e:b8:0f:aa:27:fe:ce:ca:
91:e7:e4:df:48:03:85:53:d6:86:88:40:fb:15:f2:a2:ee:db:
24:38:a0:bd:bc:c1:dd:37:4c:cc:82:13:f4:99:97:cc:39:d4:
98:d2:7c:b2:b9:be:3b:68:fe:9a:d8:22:94:83:aa:3a:4c:e8:
29:3f:d4:d9:d0:1f:83:5d:70:c6:41:90:1f:ed:48:f4:1a:a4:
a2:61:f7:61:e9:1c:01:c9:52:58:28:2c:88:ab:63:0f:34:3f:
e4:5a:42:6e:84:12:31:ee:8b:6d:32:eb:bb:6b:40:e3:5d:1c:
14:46:a6:2b:7a:9f:29:e3:72:9e:74:86:aa:f9:e6:ff:4c:d3:
69:1b:e2:f6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYblLSbbU/sUWP3hh3EQKXumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMzE1MTIwOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3ZGI3ODdjNGExMmE2YThmNjgyMjRhY2JiZmQ0NjllNmU0MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlphpRTdsIRO8bd5ZPzRWIFvbj921
WIoohgCH9tVWmfVjY1Bf7sAPn9GPHi5uk9QPY6ypDMBlyzcgjuRzn5ZSgrg4iJph
n0UuoNeXpGukvAswhIz1RKenWUicFSI7NqIxwf0qfj+aANYkfzrOeuYVapBokujK
r/wsUO0Y8A6B6mv2B/jQp2hPH4z4kM9jE5vTsVKwZyiE3qU1GtoINtm56GMbUIjE
DE1FhrbNx0Me9kumbvHoI/tcjwT4mU9ZfueqF8UPyqM9FfbUr4Yg1AH8vbLbYZDA
Hkf6lVmXtuJDuwCYJLYKb5ER2JShikHp9VofqsI5iHSjW8tJqfvMLM87iwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFDD323h8ShKmqPaCJKy7/UaebkFQMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvTVBmYmVIeEtFcWFvOW9Ja3JMdjlScDV1UVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAYBAIAATASAwQCU6vwAwQA
VDYkAwQAwnFpMC0EAgACMCcDBQMqEMDAAwYEKhECAAADBgQqEQIAQDAOAwUAKhEC
AQMFACoRAgIwDQYJKoZIhvcNAQELBQADggEBADtjCnj4hdpZpu3e8rdFElEK/yvy
WzKk1FtIgbjzKvk0oKxijAAR22qbaVlIBKcgMv+ZEy8OJEtI5j1Bbkw+oxKuMpQq
bDqZ7ErdwS6U7jAHbm3vNcVnsBCRfB1fdexTKz9MG4Qizj2qMobWIBZuNImdrpPi
sq0euA+qJ/7OypHn5N9IA4VT1oaIQPsV8qLu2yQ4oL28wd03TMyCE/SZl8w51JjS
fLK5vjto/prYIpSDqjpM6Ck/1NnQH4NdcMZBkB/tSPQapKJh92HpHAHJUlgoLIir
Yw80P+RaQm6EEjHui20y67trQONdHBRGpit6nynjcp50hqr55v9M02kb4vY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:45 2023 by rpki-client on console-fra.rpki-client.org