Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/MQIqqyG9eI7GvoV6fMmGGWKIuHE.roa
File: MQIqqyG9eI7GvoV6fMmGGWKIuHE.roa (raw, json)
Hash identifier: ZC12YGJUXl/psVVFQbyFHgj5lUr3vl9PGdlQjPbuoLs=
Subject key identifier: 31:02:2A:AB:21:BD:78:8E:C6:BE:85:7A:7C:C9:86:19:62:88:B8:71
Certificate issuer: /CN=547841eeff20c78b33d411dae51a692adb892e31
Certificate serial: 018571FA15AADAE93012ADC12B321CAEC694
Authority key identifier: 54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/MQIqqyG9eI7GvoV6fMmGGWKIuHE.roa
Signing time: Mon 02 Jan 2023 10:14:52 +0000
ROA not before: Mon 02 Jan 2023 10:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199738
IP address blocks: 89.37.76.0/24 maxlen: 24
89.37.76.0/22 maxlen: 22
89.37.77.0/24 maxlen: 24
89.37.78.0/24 maxlen: 24
89.37.79.0/24 maxlen: 24
86.106.64.0/22 maxlen: 22
86.106.68.0/24 maxlen: 24
86.106.68.0/23 maxlen: 23
86.106.69.0/24 maxlen: 24
86.106.70.0/23 maxlen: 23
86.106.4.0/22 maxlen: 22
86.106.4.0/24 maxlen: 24
86.106.6.0/24 maxlen: 24
86.106.5.0/24 maxlen: 24
86.106.7.0/24 maxlen: 24
89.32.112.0/24 maxlen: 24
89.32.116.0/23 maxlen: 23
89.32.116.0/24 maxlen: 24
89.32.117.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:15:aa:da:e9:30:12:ad:c1:2b:32:1c:ae:c6:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=547841eeff20c78b33d411dae51a692adb892e31
Validity
Not Before: Jan 2 10:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31022aab21bd788ec6be857a7cc986196288b871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9c:67:aa:bf:dc:be:d9:b0:44:03:8b:3b:dd:
e9:01:81:69:aa:9f:f8:0c:04:71:5a:3c:36:56:dc:
ed:1e:cb:ae:f0:49:08:9c:a3:76:61:2f:f6:1f:58:
56:c6:7a:9d:27:2b:9b:da:52:e4:a6:b4:a1:95:d2:
38:79:6b:da:9e:fd:45:65:3d:f0:b9:dd:f2:de:bf:
0c:1d:a5:e8:3e:6b:7c:9a:9e:6b:5b:4c:59:c9:da:
28:a9:c4:64:df:f3:4e:e3:b5:fa:b0:1b:7f:08:82:
8d:4f:bf:b0:53:07:0f:6c:a4:04:17:48:4f:c8:9a:
8f:e9:1e:e0:f0:d2:97:2a:b1:cf:21:a3:a8:2e:9d:
a4:1f:52:e2:e5:4d:07:b8:a2:4e:5c:77:a4:51:6e:
40:e6:61:88:07:98:66:a8:0e:ef:8b:e2:90:8e:10:
d7:37:bc:e6:17:d9:5c:6c:b8:7b:05:06:7b:2f:45:
19:5e:da:59:e3:97:17:e9:02:36:c3:df:1e:60:b0:
d2:65:0c:5f:10:1c:99:c7:21:3e:b0:6d:55:55:8d:
0d:6f:ed:f5:ed:5e:0b:c0:8f:f0:14:d3:c9:6b:db:
3b:ff:1c:12:5e:77:8d:b3:7b:00:ce:fa:f6:44:6e:
cc:b4:af:fa:99:05:2d:10:d5:c9:54:f5:73:2b:1f:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:2A:AB:21:BD:78:8E:C6:BE:85:7A:7C:C9:86:19:62:88:B8:71
X509v3 Authority Key Identifier:
keyid:54:78:41:EE:FF:20:C7:8B:33:D4:11:DA:E5:1A:69:2A:DB:89:2E:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHhB7v8gx4sz1BHa5RppKtuJLjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/MQIqqyG9eI7GvoV6fMmGGWKIuHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c8d393-3e28-4f07-996b-366ba1700fe0/1/VHhB7v8gx4sz1BHa5RppKtuJLjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.4.0/22
86.106.64.0/21
89.32.112.0/24
89.32.116.0/23
89.37.76.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:52:30:09:40:6b:99:bf:21:96:88:23:be:38:c5:56:7b:ac:
91:20:70:42:ed:83:63:76:4f:73:ee:66:f6:67:87:d3:ad:8e:
c9:75:34:1a:75:89:fe:93:69:4f:75:c6:d0:5f:84:0f:fa:6c:
6b:42:c4:46:25:27:f0:ec:ed:08:c9:80:c9:8d:9a:00:1f:c0:
c0:82:68:38:48:e7:30:ee:35:77:fc:06:3c:42:82:d1:b2:02:
6c:c3:09:6b:05:50:06:7a:64:6c:70:9a:84:72:5f:79:39:a7:
ff:0b:53:f1:60:52:30:61:b1:b5:f2:ba:23:06:3e:d0:fa:b2:
f7:0d:9a:18:07:32:a2:bd:7b:de:99:cc:21:25:8a:3e:cb:2e:
d8:a1:07:a8:0f:74:ab:64:b7:82:49:54:c7:19:43:ca:74:33:
b5:32:52:c2:a6:ac:6c:ec:a0:fb:5b:65:af:bb:c9:52:46:e6:
0e:b7:6c:82:14:d8:c6:6a:0f:57:c7:97:79:f5:4c:3b:ea:22:
59:d3:eb:90:be:9f:52:83:c3:c2:ae:77:be:66:22:2c:c4:9c:
63:70:0f:4c:14:4e:2b:42:9f:b2:cb:90:c4:f1:5b:85:4c:84:
90:14:5d:af:96:4e:17:62:e6:f0:91:fc:a0:bd:b7:7b:74:ce:
fe:0d:09:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVx+hWq2ukwEq3BKzIcrsaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Nzg0MWVlZmYyMGM3OGIzM2Q0MTFkYWU1MWE2OTJhZGI4
OTJlMzEwHhcNMjMwMTAyMTAxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTAyMmFhYjIxYmQ3ODhlYzZiZTg1N2E3Y2M5ODYxOTYyODhiODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5xnqr/cvtmwRAOLO93pAYFpqp/4
DARxWjw2VtztHsuu8EkInKN2YS/2H1hWxnqdJyub2lLkprShldI4eWvanv1FZT3w
ud3y3r8MHaXoPmt8mp5rW0xZydooqcRk3/NO47X6sBt/CIKNT7+wUwcPbKQEF0hP
yJqP6R7g8NKXKrHPIaOoLp2kH1Li5U0HuKJOXHekUW5A5mGIB5hmqA7vi+KQjhDX
N7zmF9lcbLh7BQZ7L0UZXtpZ45cX6QI2w98eYLDSZQxfEByZxyE+sG1VVY0Nb+31
7V4LwI/wFNPJa9s7/xwSXneNs3sAzvr2RG7MtK/6mQUtENXJVPVzKx+znwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDECKqshvXiOxr6FenzJhhliiLhxMB8GA1UdIwQY
MBaAFFR4Qe7/IMeLM9QR2uUaaSrbiS4xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmIt
MzY2YmExNzAwZmUwLzEvTVFJcXF5RzllSTdHdm9WNmZNbUdHV0tJdUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jOGQzOTMtM2UyOC00ZjA3LTk5NmItMzY2YmExNzAwZmUw
LzEvVkhoQjd2OGd4NHN6MUJIYTVScHBLdHVKTGpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVmoEAwQD
VmpAAwQAWSBwAwQBWSB0AwQCWSVMMA0GCSqGSIb3DQEBCwUAA4IBAQAeUjAJQGuZ
vyGWiCO+OMVWe6yRIHBC7YNjdk9z7mb2Z4fTrY7JdTQadYn+k2lPdcbQX4QP+mxr
QsRGJSfw7O0IyYDJjZoAH8DAgmg4SOcw7jV3/AY8QoLRsgJswwlrBVAGemRscJqE
cl95Oaf/C1PxYFIwYbG18rojBj7Q+rL3DZoYBzKivXvemcwhJYo+yy7YoQeoD3Sr
ZLeCSVTHGUPKdDO1MlLCpqxs7KD7W2Wvu8lSRuYOt2yCFNjGag9Xx5d59Uw76iJZ
0+uQvp9Sg8PCrne+ZiIsxJxjcA9MFE4rQp+yy5DE8VuFTISQFF2vlk4XYubwkfyg
vbd7dM7+DQmd
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:12 2024 by rpki-client on console-ams.rpki-client.org