Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mWS7_ndqXrvGrxU9Hxe1xnxL-iw.roa
File: mWS7_ndqXrvGrxU9Hxe1xnxL-iw.roa (raw, json)
Hash identifier: y6iyAGM+ugQyotBdtDDMWRJYSciZSEueQaPPJfi3HkM=
Subject key identifier: 99:64:BB:FE:77:6A:5E:BB:C6:AF:15:3D:1F:17:B5:C6:7C:4B:FA:2C
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBCF1DBF0D452D6605F98DFDAA1D8C
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mWS7_ndqXrvGrxU9Hxe1xnxL-iw.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1729
IP address blocks: 131.116.0.0/16 maxlen: 24
81.228.8.0/24 maxlen: 24
81.228.9.0/24 maxlen: 24
81.228.10.0/24 maxlen: 24
81.228.11.0/24 maxlen: 24
192.150.84.0/24 maxlen: 24
131.115.0.0/16 maxlen: 24
192.16.152.0/24 maxlen: 24
192.16.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:cf:1d:bf:0d:45:2d:66:05:f9:8d:fd:aa:1d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9964bbfe776a5ebbc6af153d1f17b5c67c4bfa2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9c:e1:90:fd:95:20:21:45:8b:46:94:79:0f:
8c:7e:b3:ce:aa:26:db:82:d6:51:60:9a:15:8e:3a:
63:45:d1:f2:e1:07:7b:ed:1e:8d:85:a6:db:b0:f1:
89:35:5a:31:f0:ae:64:e5:19:2c:1f:04:49:28:7d:
32:8a:e6:7b:77:bf:88:b6:38:d6:6b:65:b0:21:7d:
89:af:c6:6e:a2:85:27:80:0e:67:80:d3:1a:37:eb:
8e:7a:10:9e:9e:63:ee:74:e1:65:d0:4a:35:69:cf:
a7:97:78:c2:0f:a8:51:53:22:03:fe:44:ad:35:32:
c7:b8:d1:2d:71:08:19:70:f6:3a:a7:b0:14:58:60:
e4:c1:f4:83:28:82:c0:8b:a6:4d:00:8d:00:84:e5:
0a:18:74:8e:7f:55:7a:36:4b:6d:b6:f7:93:ff:37:
90:05:3a:d7:6f:48:13:c3:46:8c:8e:93:15:3e:2b:
35:e4:3b:33:bd:45:71:ea:55:19:38:84:c3:16:1e:
9f:4a:7e:6d:b5:e9:b0:62:fb:91:0d:21:02:af:06:
ee:c0:ce:18:0b:03:b2:a0:c2:c8:36:2a:a0:9e:17:
43:55:47:dc:6d:21:4d:e5:f2:b2:4a:1c:73:41:75:
d7:9e:4b:b6:00:df:69:c0:fa:a8:af:16:6a:af:30:
89:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:64:BB:FE:77:6A:5E:BB:C6:AF:15:3D:1F:17:B5:C6:7C:4B:FA:2C
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mWS7_ndqXrvGrxU9Hxe1xnxL-iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.228.8.0/22
131.115.0.0-131.116.255.255
192.16.152.0/24
192.16.154.0/24
192.150.84.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:50:b0:b2:3d:b2:69:b8:66:71:c0:48:80:d2:3b:0a:16:e3:
83:6b:4b:79:72:fa:ca:f9:ac:f5:8c:ed:58:0c:be:e1:a9:90:
66:76:03:c6:4c:7c:c8:05:e3:7b:b7:a4:6f:21:ae:14:8c:ca:
34:71:b9:14:86:b2:99:3e:ef:ae:ba:d3:10:63:1c:16:3b:5c:
42:25:0d:3b:f3:a2:65:79:ef:b5:27:04:01:f5:0e:21:ae:90:
3b:cf:1d:fd:a3:d5:d4:39:22:0e:29:3f:ca:41:0f:22:c6:5d:
d1:f6:35:16:c1:ed:fd:27:52:6c:94:02:55:f8:75:ce:e7:e9:
b0:8f:ac:5b:59:01:58:e4:9e:c9:ab:09:12:74:01:01:2f:1e:
90:d0:7c:11:23:27:cb:b8:83:23:97:44:c5:e5:d3:df:b0:91:
e7:74:e8:01:b2:71:ca:82:b7:cb:b8:a6:27:92:6f:2a:10:94:
13:0c:26:94:4a:0b:8f:c3:84:1c:b7:61:0b:97:6c:ba:e3:59:
62:69:98:cd:3d:25:9d:95:a5:76:54:cf:ff:1e:28:4b:19:25:
97:3f:e1:45:c3:45:bf:27:5f:5f:8f:83:56:aa:50:d9:23:85:
2a:44:8d:87:01:20:c5:c0:97:e9:a4:4b:6d:80:ae:66:43:ce:
1a:7a:ca:9b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwy88dvw1FLWYF+Y39qh2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY0YmJmZTc3NmE1ZWJiYzZhZjE1M2QxZjE3YjVjNjdjNGJmYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5zhkP2VICFFi0aUeQ+MfrPOqibb
gtZRYJoVjjpjRdHy4Qd77R6NhabbsPGJNVox8K5k5RksHwRJKH0yiuZ7d7+ItjjW
a2WwIX2Jr8ZuooUngA5ngNMaN+uOehCenmPudOFl0Eo1ac+nl3jCD6hRUyID/kSt
NTLHuNEtcQgZcPY6p7AUWGDkwfSDKILAi6ZNAI0AhOUKGHSOf1V6NktttveT/zeQ
BTrXb0gTw0aMjpMVPis15DszvUVx6lUZOITDFh6fSn5ttemwYvuRDSECrwbuwM4Y
CwOyoMLINiqgnhdDVUfcbSFN5fKyShxzQXXXnku2AN9pwPqorxZqrzCJkwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJlku/53al67xq8VPR8XtcZ8S/osMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvbVdTN19uZHFYcnZHcnhVOUh4ZTF4bnhMLWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCUeQIMAoD
AwCDcwMDAIN0AwQAwBCYAwQAwBCaAwQAwJZUMA0GCSqGSIb3DQEBCwUAA4IBAQAr
ULCyPbJpuGZxwEiA0jsKFuODa0t5cvrK+az1jO1YDL7hqZBmdgPGTHzIBeN7t6Rv
Ia4UjMo0cbkUhrKZPu+uutMQYxwWO1xCJQ0786Jlee+1JwQB9Q4hrpA7zx39o9XU
OSIOKT/KQQ8ixl3R9jUWwe39J1JslAJV+HXO5+mwj6xbWQFY5J7JqwkSdAEBLx6Q
0HwRIyfLuIMjl0TF5dPfsJHndOgBsnHKgrfLuKYnkm8qEJQTDCaUSguPw4Qct2EL
l2y641liaZjNPSWdlaV2VM//HihLGSWXP+FFw0W/J19fj4NWqlDZI4UqRI2HASDF
wJfppEttgK5mQ84aesqb
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:02 2024 by rpki-client on console-fra.rpki-client.org