Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/MynokVLAjkeTEbMeT_ZpDHRDSfo.roa
File: MynokVLAjkeTEbMeT_ZpDHRDSfo.roa (raw, json)
Hash identifier: aYEuDJ281MhOQKn9AKtSn+XpiVDKGQHFfavoRS2dmnI=
Subject key identifier: 33:29:E8:91:52:C0:8E:47:93:11:B3:1E:4F:F6:69:0C:74:43:49:FA
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01856F5DC4286DB50B25A50A5EFD563342A4
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/MynokVLAjkeTEbMeT_ZpDHRDSfo.roa
Signing time: Sun 01 Jan 2023 22:04:53 +0000
ROA not before: Sun 01 Jan 2023 22:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8562
IP address blocks: 217.76.160.0/20 maxlen: 20
193.154.144.0/20 maxlen: 20
90.152.128.0/17 maxlen: 17
84.20.184.0/22 maxlen: 22
176.66.64.0/18 maxlen: 18
2001:890:c000::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c4:28:6d:b5:0b:25:a5:0a:5e:fd:56:33:42:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 22:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3329e89152c08e479311b31e4ff6690c744349fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:cb:3f:86:30:43:21:d7:7c:c1:3d:d2:42:
69:52:c5:5c:d1:6d:af:7a:b9:19:01:59:fc:6c:db:
ea:bb:45:db:e4:44:34:f7:80:40:c3:cd:80:4f:68:
e6:bf:1c:5b:cf:a0:51:3a:ee:35:2c:5f:d1:73:1f:
3a:f9:b2:40:c2:51:f9:7b:b3:c3:87:44:cc:e6:8b:
f6:1a:1f:22:43:1e:07:80:fb:c5:3c:f8:6f:bd:f5:
b7:35:d3:f6:71:8d:a8:0f:17:12:bf:51:2f:2c:f7:
0e:d4:6f:4a:0c:b4:5f:03:4a:62:44:b7:27:17:04:
aa:b0:74:49:1b:51:e5:b4:7b:e4:63:fd:2d:23:db:
bf:18:3c:67:5c:f7:61:1b:2b:f2:05:27:57:c9:74:
ae:45:0b:29:b0:8b:1b:67:52:5c:83:77:b8:00:6a:
bf:bc:88:c0:6c:22:44:f9:7d:32:75:e6:52:21:bb:
57:cf:3c:22:4b:a4:88:74:6e:99:06:50:66:5e:78:
59:ad:1f:24:3b:9c:19:c4:9e:52:d4:f5:bd:91:9b:
65:e0:53:b4:30:d3:04:cf:f3:0b:ee:7e:94:74:23:
82:51:3b:4b:29:e7:2b:df:68:49:61:52:96:41:ea:
be:2b:a4:51:c9:83:38:55:9b:2d:ca:37:61:67:5c:
3c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:29:E8:91:52:C0:8E:47:93:11:B3:1E:4F:F6:69:0C:74:43:49:FA
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/MynokVLAjkeTEbMeT_ZpDHRDSfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.20.184.0/22
90.152.128.0/17
176.66.64.0/18
193.154.144.0/20
217.76.160.0/20
IPv6:
2001:890:c000::/34
Signature Algorithm: sha256WithRSAEncryption
10:2b:69:b3:2c:74:7b:bc:ae:b2:f5:be:7c:18:3c:ba:02:4b:
58:b3:a8:5a:30:19:b6:c4:46:33:cb:c6:19:91:f2:8d:d4:06:
4e:50:6d:a8:bd:68:03:80:05:5c:5a:b4:97:7c:4b:51:d6:4e:
af:29:72:5b:07:73:b0:2f:9d:9d:0c:5d:70:43:5e:8e:38:ac:
14:c1:54:11:64:5f:e7:6e:7c:7b:79:8c:82:46:5a:b5:9c:c6:
aa:5e:35:27:e2:a2:9b:aa:c4:bd:43:78:cb:a7:b0:67:ab:01:
7e:2b:78:f5:b2:3e:e9:aa:1b:45:32:e2:3b:1a:e1:d5:59:ed:
42:0c:4a:fa:99:bf:08:3c:23:f7:c2:75:be:7c:eb:d6:35:61:
de:ba:ba:8c:d8:d2:88:7e:fc:e2:57:04:cd:2c:b5:a7:5c:4a:
f7:28:e6:5d:eb:e1:e2:94:b4:10:f2:f2:0c:81:be:ef:47:bc:
c3:86:2f:ec:54:2d:36:4a:8f:01:51:f9:56:6d:6d:ef:d7:90:
28:c0:80:72:b9:ad:26:6b:cc:e1:da:10:ed:36:91:34:a6:22:
88:ea:7f:c8:05:50:30:71:8a:6c:39:7f:e7:0c:53:2f:07:f5:
9e:d3:5d:76:5d:40:88:76:f7:fb:33:3e:b6:4a:45:73:67:6e:
c7:f0:b3:90
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvXcQobbULJaUKXv1WM0KkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzI5ZTg5MTUyYzA4ZTQ3OTMxMWIzMWU0ZmY2NjkwYzc0NDM0OWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXbLP4YwQyHXfME90kJpUsVc0W2v
erkZAVn8bNvqu0Xb5EQ094BAw82AT2jmvxxbz6BROu41LF/Rcx86+bJAwlH5e7PD
h0TM5ov2Gh8iQx4HgPvFPPhvvfW3NdP2cY2oDxcSv1EvLPcO1G9KDLRfA0piRLcn
FwSqsHRJG1HltHvkY/0tI9u/GDxnXPdhGyvyBSdXyXSuRQspsIsbZ1Jcg3e4AGq/
vIjAbCJE+X0ydeZSIbtXzzwiS6SIdG6ZBlBmXnhZrR8kO5wZxJ5S1PW9kZtl4FO0
MNMEz/ML7n6UdCOCUTtLKecr32hJYVKWQeq+K6RRyYM4VZstyjdhZ1w8VQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDMp6JFSwI5HkxGzHk/2aQx0Q0n6MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvTXlub2tWTEFqa2VURWJNZVRfWnBESFJEU2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCVBS4AwQH
WpiAAwQGsEJAAwQEwZqQAwQE2UygMA4EAgACMAgDBgYgAQiQwDANBgkqhkiG9w0B
AQsFAAOCAQEAECtpsyx0e7yusvW+fBg8ugJLWLOoWjAZtsRGM8vGGZHyjdQGTlBt
qL1oA4AFXFq0l3xLUdZOrylyWwdzsC+dnQxdcENejjisFMFUEWRf5258e3mMgkZa
tZzGql41J+Kim6rEvUN4y6ewZ6sBfit49bI+6aobRTLiOxrh1VntQgxK+pm/CDwj
98J1vnzr1jVh3rq6jNjSiH784lcEzSy1p1xK9yjmXevh4pS0EPLyDIG+70e8w4Yv
7FQtNkqPAVH5Vm1t79eQKMCAcrmtJmvM4doQ7TaRNKYiiOp/yAVQMHGKbDl/5wxT
Lwf1ntNddl1AiHb3+zM+tkpFc2dux/CzkA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:49 2024 by rpki-client on console-ams.rpki-client.org