Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/Mb9C-bz9JW7M7AlX_H6zVAJ45OY.roa
File: Mb9C-bz9JW7M7AlX_H6zVAJ45OY.roa (raw, json)
Hash identifier: k918e+btcUfY5VD90+auXDUCY5kpLl/lbiLbsAfJXJw=
Subject key identifier: 31:BF:42:F9:BC:FD:25:6E:CC:EC:09:57:FC:7E:B3:54:02:78:E4:E6
Certificate issuer: /CN=07560e3e72c6079a04e7d1f6103b9df78979a522
Certificate serial: 01879FE5ACAF8B9D9E8BED2F9EB1AC4F85A2
Authority key identifier: 07:56:0E:3E:72:C6:07:9A:04:E7:D1:F6:10:3B:9D:F7:89:79:A5:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1YOPnLGB5oE59H2EDud94l5pSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/Mb9C-bz9JW7M7AlX_H6zVAJ45OY.roa
Signing time: Thu 20 Apr 2023 18:20:41 +0000
ROA not before: Thu 20 Apr 2023 18:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49635
IP address blocks: 217.71.200.0/21 maxlen: 24
161.22.40.0/21 maxlen: 24
85.208.20.0/22 maxlen: 24
185.166.212.0/22 maxlen: 24
185.253.152.0/22 maxlen: 24
79.143.88.0/21 maxlen: 24
27.0.172.0/22 maxlen: 24
46.183.112.0/21 maxlen: 24
93.189.88.0/21 maxlen: 24
200.234.224.0/20 maxlen: 24
185.254.204.0/22 maxlen: 24
80.240.126.0/23 maxlen: 24
103.23.60.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9f:e5:ac:af:8b:9d:9e:8b:ed:2f:9e:b1:ac:4f:85:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07560e3e72c6079a04e7d1f6103b9df78979a522
Validity
Not Before: Apr 20 18:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31bf42f9bcfd256eccec0957fc7eb3540278e4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:00:ae:ac:61:b7:7c:d3:dc:4b:0b:67:26:20:
3a:9e:71:92:41:9f:ad:0f:c4:8b:20:eb:22:a0:9e:
aa:70:14:f7:eb:0a:75:66:6e:53:62:58:64:ff:7b:
60:1a:7c:4a:9c:f3:42:c8:a4:16:5e:3f:48:35:f6:
1a:d2:bc:bc:48:9a:c6:cb:2a:e8:2d:69:f7:43:0b:
00:3c:cd:3b:fd:c3:81:48:33:e5:38:f6:ea:4a:55:
13:3a:bc:ab:80:ff:88:e8:8b:ce:45:a0:b2:ff:a6:
f9:54:bf:30:4b:ee:c7:e8:8c:c8:69:de:db:38:ef:
d6:90:de:3b:e5:a3:b8:b2:d4:fb:40:b4:70:12:87:
bc:dd:42:3e:9b:f4:ba:6c:e7:85:8d:c2:15:cd:fa:
f5:42:ad:39:ea:f2:64:5f:a4:ae:2e:38:c3:4e:05:
78:3b:31:58:b1:6a:c0:5d:f4:d4:9a:ad:9a:ad:73:
05:1a:36:ce:a2:47:db:90:0f:dd:19:96:41:8c:d7:
cb:06:79:41:bd:61:20:36:b6:da:c1:0b:a6:4a:b5:
d4:c0:08:a4:30:54:13:35:83:6e:0a:40:08:3d:20:
2f:2a:77:18:de:d6:52:19:78:df:e5:3a:3d:43:0c:
13:1a:a8:d3:fb:2b:d5:0f:6f:bf:e2:92:13:e5:a3:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:BF:42:F9:BC:FD:25:6E:CC:EC:09:57:FC:7E:B3:54:02:78:E4:E6
X509v3 Authority Key Identifier:
keyid:07:56:0E:3E:72:C6:07:9A:04:E7:D1:F6:10:3B:9D:F7:89:79:A5:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1YOPnLGB5oE59H2EDud94l5pSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/Mb9C-bz9JW7M7AlX_H6zVAJ45OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/06998d-8cd9-4993-9fe7-8221d2143796/1/B1YOPnLGB5oE59H2EDud94l5pSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.172.0/22
46.183.112.0/21
79.143.88.0/21
80.240.126.0/23
85.208.20.0/22
93.189.88.0/21
103.23.60.0/23
161.22.40.0/21
185.166.212.0/22
185.253.152.0/22
185.254.204.0/22
200.234.224.0/20
217.71.200.0/21
Signature Algorithm: sha256WithRSAEncryption
55:a9:97:49:ba:43:f1:94:ec:08:c4:30:ef:5a:4b:82:bc:24:
28:5b:2a:d8:95:1e:ca:fa:62:09:fa:27:05:8d:95:b0:89:ec:
33:a9:5f:80:b0:c6:60:3b:67:6a:40:87:10:d5:71:02:a6:44:
4b:ed:5c:10:09:f1:ed:dc:84:44:b2:3b:f9:be:38:36:63:a1:
60:ab:af:9e:3f:b0:6e:1d:75:8a:a6:8a:c6:7d:c1:f8:47:9d:
80:9e:f2:90:e6:1a:3d:85:2c:ca:90:c6:78:26:90:44:e6:fa:
0b:fa:9b:4b:33:37:1c:6a:b8:ac:5f:18:3d:cf:a2:27:9f:a9:
86:88:c5:bf:98:0f:50:7d:2f:ef:db:95:73:28:a8:d8:1f:ca:
a1:5a:ac:93:c0:02:03:c7:2a:22:9e:6f:02:49:33:6f:1e:40:
14:66:27:1e:08:12:34:72:c0:a8:49:ec:40:76:96:31:0c:ee:
04:3c:97:0c:88:82:72:00:b5:cb:c4:2f:ff:9b:29:7e:e6:27:
70:b8:2f:ca:9c:b5:8f:ba:8b:11:49:d4:37:29:0d:9c:71:4a:
81:43:35:b8:9f:7c:ac:46:6d:6d:48:e8:cc:47:2b:c5:96:56:
96:3d:80:be:08:a5:cb:0b:33:85:fa:5c:d4:db:ec:05:12:42:
e3:fc:83:63
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYef5ayvi52ei+0vnrGsT4WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTYwZTNlNzJjNjA3OWEwNGU3ZDFmNjEwM2I5ZGY3ODk3
OWE1MjIwHhcNMjMwNDIwMTgyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWJmNDJmOWJjZmQyNTZlY2NlYzA5NTdmYzdlYjM1NDAyNzhlNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgCurGG3fNPcSwtnJiA6nnGSQZ+t
D8SLIOsioJ6qcBT36wp1Zm5TYlhk/3tgGnxKnPNCyKQWXj9INfYa0ry8SJrGyyro
LWn3QwsAPM07/cOBSDPlOPbqSlUTOryrgP+I6IvORaCy/6b5VL8wS+7H6IzIad7b
OO/WkN475aO4stT7QLRwEoe83UI+m/S6bOeFjcIVzfr1Qq056vJkX6SuLjjDTgV4
OzFYsWrAXfTUmq2arXMFGjbOokfbkA/dGZZBjNfLBnlBvWEgNrbawQumSrXUwAik
MFQTNYNuCkAIPSAvKncY3tZSGXjf5To9QwwTGqjT+yvVD2+/4pIT5aMRYQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDG/Qvm8/SVuzOwJV/x+s1QCeOTmMB8GA1UdIwQY
MBaAFAdWDj5yxgeaBOfR9hA7nfeJeaUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFZT1BuTEdCNW9FNTlIMkVEdWQ5NGw1cFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wNjk5OGQtOGNkOS00OTkzLTlmZTct
ODIyMWQyMTQzNzk2LzEvTWI5Qy1iejlKVzdNN0FsWF9INnpWQUo0NU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wNjk5OGQtOGNkOS00OTkzLTlmZTctODIyMWQyMTQzNzk2
LzEvQjFZT1BuTEdCNW9FNTlIMkVEdWQ5NGw1cFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCGwCsAwQD
LrdwAwQDT49YAwQBUPB+AwQCVdAUAwQDXb1YAwQBZxc8AwQDoRYoAwQCuabUAwQC
uf2YAwQCuf7MAwQEyOrgAwQD2UfIMA0GCSqGSIb3DQEBCwUAA4IBAQBVqZdJukPx
lOwIxDDvWkuCvCQoWyrYlR7K+mIJ+icFjZWwiewzqV+AsMZgO2dqQIcQ1XECpkRL
7VwQCfHt3IREsjv5vjg2Y6Fgq6+eP7BuHXWKporGfcH4R52AnvKQ5ho9hSzKkMZ4
JpBE5voL+ptLMzccarisXxg9z6Inn6mGiMW/mA9QfS/v25VzKKjYH8qhWqyTwAID
xyoinm8CSTNvHkAUZiceCBI0csCoSexAdpYxDO4EPJcMiIJyALXLxC//myl+5idw
uC/KnLWPuosRSdQ3KQ2ccUqBQzW4n3ysRm1tSOjMRyvFllaWPYC+CKXLCzOF+lzU
2+wFEkLj/INj
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:11 2024 by rpki-client on console-fra.rpki-client.org