Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/MqHkU9YzR2sPBC3XDCTeQvdDZHc.roa
File: MqHkU9YzR2sPBC3XDCTeQvdDZHc.roa (raw, json)
Hash identifier: jncMbKR7/X2XWdhKWdIzwj7jM9lOdTnbdYl/Dg0tYFI=
Subject key identifier: 32:A1:E4:53:D6:33:47:6B:0F:04:2D:D7:0C:24:DE:42:F7:43:64:77
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01856D6646543BE582E28AF2DB3BFAB23D8E
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/MqHkU9YzR2sPBC3XDCTeQvdDZHc.roa
Signing time: Sun 01 Jan 2023 12:54:57 +0000
ROA not before: Sun 01 Jan 2023 12:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60380
IP address blocks: 83.133.178.0/23 maxlen: 23
81.209.248.0/21 maxlen: 21
83.125.6.0/23 maxlen: 23
80.86.184.0/24 maxlen: 24
80.86.188.0/23 maxlen: 23
83.133.240.0/20 maxlen: 20
2001:7f0:3000::/46 maxlen: 46
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:46:54:3b:e5:82:e2:8a:f2:db:3b:fa:b2:3d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 12:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32a1e453d633476b0f042dd70c24de42f7436477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:28:a4:2d:90:b5:f2:14:ba:b9:38:8d:a2:57:
b2:76:a0:6c:8c:1d:b4:91:f8:18:49:12:62:12:ce:
12:7c:87:f3:d1:e2:a0:e1:3f:10:7a:50:88:32:84:
35:2d:2a:e7:99:53:a4:8b:68:6f:dd:26:fc:ad:6b:
52:e7:18:9d:18:15:ff:14:d8:48:71:97:eb:15:98:
9e:34:78:c5:3d:00:33:63:a7:84:1f:2a:c4:ba:d1:
b5:09:ef:38:66:1f:dc:5e:e1:81:b3:4f:64:22:26:
bf:8b:13:ed:7c:06:1c:99:34:2e:4e:8b:3f:21:99:
6d:b5:5f:07:bb:7d:10:b9:ca:b2:fc:f6:d7:8e:48:
80:62:79:ae:7f:7c:71:8f:a5:24:b8:d6:5e:94:50:
36:e0:0f:fb:6a:67:e4:e5:4f:a0:9c:7c:2f:8a:59:
94:b1:5d:75:51:03:ec:fb:43:fc:e3:d3:3b:37:c4:
01:a1:a3:2d:38:c2:9e:41:8d:9e:1a:e1:92:78:62:
ec:d8:55:ee:81:17:de:32:cd:01:01:36:33:da:9e:
14:9f:3b:2a:c1:22:ed:da:f8:47:48:7d:54:7b:f1:
1d:e1:8c:ac:a3:2d:99:5a:79:45:1f:ff:da:10:b5:
38:80:68:1c:e2:f5:18:2b:67:ed:a4:76:00:1e:c3:
a9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A1:E4:53:D6:33:47:6B:0F:04:2D:D7:0C:24:DE:42:F7:43:64:77
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/MqHkU9YzR2sPBC3XDCTeQvdDZHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.184.0/24
80.86.188.0/23
81.209.248.0/21
83.125.6.0/23
83.133.178.0/23
83.133.240.0/20
IPv6:
2001:7f0:3000::/46
Signature Algorithm: sha256WithRSAEncryption
61:11:70:c4:30:a6:89:20:ac:92:9f:f7:ee:0d:39:58:0f:22:
2c:8e:53:4f:5f:2f:e9:95:fd:05:c6:f5:c8:c0:94:74:a2:16:
bd:63:23:0e:ba:eb:a9:41:64:70:66:b8:d6:02:f4:87:be:aa:
12:3b:72:af:57:3c:54:81:13:95:d6:36:b1:f6:11:8f:81:52:
1c:e5:88:33:9d:31:d5:9b:74:fd:9c:86:57:ea:0c:6b:bb:d7:
5d:82:98:de:0c:18:c6:2f:8d:75:bd:c6:80:fc:54:93:db:66:
bf:fc:91:67:9e:f1:c0:cf:48:21:82:d4:cf:fe:56:78:92:c9:
61:33:49:f3:48:68:fb:27:a8:07:ee:84:6e:7f:cf:5e:34:fd:
19:77:56:45:33:d8:64:f6:a1:7e:e5:8f:66:1d:2e:55:fa:dd:
0a:20:73:a2:92:7d:99:95:35:ea:2c:30:88:8b:f1:dd:00:36:
1d:af:74:43:6d:d9:e1:6d:31:8b:0e:4c:bb:84:30:57:9f:9a:
2c:4f:bf:06:c4:33:e1:a6:67:b7:31:6d:42:dd:07:b2:f6:a3:
46:cf:c7:b0:ca:01:bf:9a:a8:06:cc:96:0a:a4:29:1d:d5:e9:
98:d1:63:eb:b1:7c:45:7e:51:89:45:b9:e4:cd:e2:30:41:5c:
b0:0f:e6:2c
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVtZkZUO+WC4ory2zv6sj2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjMwMTAxMTI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmExZTQ1M2Q2MzM0NzZiMGYwNDJkZDcwYzI0ZGU0MmY3NDM2NDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiikLZC18hS6uTiNoleydqBsjB20
kfgYSRJiEs4SfIfz0eKg4T8QelCIMoQ1LSrnmVOki2hv3Sb8rWtS5xidGBX/FNhI
cZfrFZieNHjFPQAzY6eEHyrEutG1Ce84Zh/cXuGBs09kIia/ixPtfAYcmTQuTos/
IZlttV8Hu30Qucqy/PbXjkiAYnmuf3xxj6UkuNZelFA24A/7amfk5U+gnHwvilmU
sV11UQPs+0P849M7N8QBoaMtOMKeQY2eGuGSeGLs2FXugRfeMs0BATYz2p4Unzsq
wSLt2vhHSH1Ue/Ed4Yysoy2ZWnlFH//aELU4gGgc4vUYK2ftpHYAHsOpHwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDKh5FPWM0drDwQt1wwk3kL3Q2R3MB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvTXFIa1U5WXpSMnNQQkMzWERDVGVRdmREWkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAUFa4AwQB
UFa8AwQDUdH4AwQBU30GAwQBU4WyAwQEU4XwMA8EAgACMAkDBwIgAQfwMAAwDQYJ
KoZIhvcNAQELBQADggEBAGERcMQwpokgrJKf9+4NOVgPIiyOU09fL+mV/QXG9cjA
lHSiFr1jIw6666lBZHBmuNYC9Ie+qhI7cq9XPFSBE5XWNrH2EY+BUhzliDOdMdWb
dP2chlfqDGu7112CmN4MGMYvjXW9xoD8VJPbZr/8kWee8cDPSCGC1M/+VniSyWEz
SfNIaPsnqAfuhG5/z140/Rl3VkUz2GT2oX7lj2YdLlX63Qogc6KSfZmVNeosMIiL
8d0ANh2vdENt2eFtMYsOTLuEMFefmixPvwbEM+GmZ7cxbULdB7L2o0bPx7DKAb+a
qAbMlgqkKR3V6ZjRY+uxfEV+UYlFueTN4jBBXLAP5iw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:10 2024 by rpki-client on console-ams.rpki-client.org