Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/mNtXBjnXYIlPNSVlTYIzMx9-LSI.roa
File: mNtXBjnXYIlPNSVlTYIzMx9-LSI.roa (raw, json)
Hash identifier: U9qTD9RNY5/HGnXUgsGr/e/xw10DT5jR33OKqygFwaY=
Subject key identifier: 98:DB:57:06:39:D7:60:89:4F:35:25:65:4D:82:33:33:1F:7E:2D:22
Certificate issuer: /CN=e495acbafe46ef2f4d6c51fcf23bd72f639cfd0b
Certificate serial: 0187B7139F286675073E93CF54C6A6607A36
Authority key identifier: E4:95:AC:BA:FE:46:EF:2F:4D:6C:51:FC:F2:3B:D7:2F:63:9C:FD:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/mNtXBjnXYIlPNSVlTYIzMx9-LSI.roa
Signing time: Tue 25 Apr 2023 06:22:09 +0000
ROA not before: Tue 25 Apr 2023 06:22:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12453
IP address blocks: 2.56.160.0/22 maxlen: 22
195.93.174.0/23 maxlen: 23
194.59.177.0/24 maxlen: 24
91.223.248.0/24 maxlen: 24
185.31.52.0/22 maxlen: 22
185.224.24.0/22 maxlen: 22
185.85.32.0/22 maxlen: 22
185.155.124.0/22 maxlen: 22
2a0d:5dc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:13:9f:28:66:75:07:3e:93:cf:54:c6:a6:60:7a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e495acbafe46ef2f4d6c51fcf23bd72f639cfd0b
Validity
Not Before: Apr 25 06:22:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98db570639d760894f3525654d8233331f7e2d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6c:d1:19:2f:4d:7b:3f:d5:8a:14:6e:9c:b7:
b6:7c:6e:a6:ce:38:e7:f2:c9:43:5c:44:b9:ce:05:
cb:46:4d:9b:3e:2c:1a:ea:e2:a5:cf:a2:01:2c:d8:
e6:fc:a2:41:69:9f:d0:fe:1b:28:54:7a:77:ce:43:
a7:76:de:3e:a9:b9:69:53:b4:82:61:91:93:b7:37:
50:a2:3a:ec:e9:38:63:a5:d7:7a:0b:81:38:75:a9:
21:5c:43:d5:47:16:fe:c6:01:c2:1d:a3:43:6d:6e:
b7:7a:66:ee:ff:0d:ec:b4:fb:49:cf:c3:ae:3d:b6:
c5:7c:a1:44:af:17:ab:c0:29:d0:09:44:53:3f:1f:
62:a0:16:e5:b8:c8:ce:47:88:41:44:68:16:5c:07:
9b:b0:30:be:f0:3f:6c:08:68:ad:ef:24:a7:5f:5b:
83:37:9c:2a:f6:82:33:48:c7:74:c5:52:9a:33:71:
4e:24:f2:b9:d8:08:c0:3f:f4:b6:3c:ad:96:d1:43:
b1:03:c0:3e:02:a4:97:a6:55:97:e4:d7:74:97:18:
bb:83:20:2c:03:6f:9b:08:b3:cb:fa:1c:bf:ca:98:
00:c3:ca:7e:9f:d7:37:fd:f3:9d:16:84:0f:3d:cd:
0f:86:32:46:58:df:91:ff:10:91:d7:a1:df:07:4c:
c0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DB:57:06:39:D7:60:89:4F:35:25:65:4D:82:33:33:1F:7E:2D:22
X509v3 Authority Key Identifier:
keyid:E4:95:AC:BA:FE:46:EF:2F:4D:6C:51:FC:F2:3B:D7:2F:63:9C:FD:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/mNtXBjnXYIlPNSVlTYIzMx9-LSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/440877-319d-4630-a691-7991b4e4bfa2/1/5JWsuv5G7y9NbFH88jvXL2Oc_Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.160.0/22
91.223.248.0/24
185.31.52.0/22
185.85.32.0/22
185.155.124.0/22
185.224.24.0/22
194.59.177.0/24
195.93.174.0/23
IPv6:
2a0d:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
77:16:1f:7d:c7:1b:ee:ad:dd:b7:df:09:69:68:f2:5d:45:2c:
71:d5:61:f9:e2:06:8f:af:68:f7:c4:b5:3a:4b:c5:65:ec:24:
ac:f2:23:3c:20:50:0e:de:89:d2:69:24:2d:63:d1:2f:82:31:
0f:1f:d3:16:24:19:2d:06:71:0a:cf:50:fe:7d:47:e7:ee:c3:
18:ee:7d:0c:b9:4d:11:b8:66:fb:e8:45:d8:73:8d:a4:0a:d8:
37:25:67:16:bf:5d:f2:4f:d1:7a:e6:62:93:98:2d:73:d4:07:
ef:8c:05:de:e2:35:d7:f3:24:22:e2:74:43:12:85:bc:d4:84:
f9:a4:b1:1d:91:a8:50:4c:8d:71:5a:59:66:b8:d9:44:ea:cf:
5b:e3:c6:89:ec:c4:4e:b4:c9:16:de:7e:ae:74:70:b8:1d:97:
72:03:e0:94:44:61:0c:c7:c8:d0:45:5a:2d:9b:b8:80:a2:d3:
89:e6:26:4a:aa:e5:6b:24:b8:fe:16:75:67:c0:d1:83:ef:51:
ae:cb:c8:8c:b5:6f:cb:4f:2f:29:bb:08:36:43:b8:f5:6d:19:
4c:00:d9:4d:6f:2c:f9:c8:22:71:a2:f7:dd:3a:db:73:b9:81:
11:4a:22:e3:da:ed:7a:08:43:b6:88:79:44:67:ec:93:ae:0b:
91:b4:54:e4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYe3E58oZnUHPpPPVMamYHo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OTVhY2JhZmU0NmVmMmY0ZDZjNTFmY2YyM2JkNzJmNjM5
Y2ZkMGIwHhcNMjMwNDI1MDYyMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRiNTcwNjM5ZDc2MDg5NGYzNTI1NjU0ZDgyMzMzMzFmN2UyZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGzRGS9Nez/VihRunLe2fG6mzjjn
8slDXES5zgXLRk2bPiwa6uKlz6IBLNjm/KJBaZ/Q/hsoVHp3zkOndt4+qblpU7SC
YZGTtzdQojrs6Thjpdd6C4E4dakhXEPVRxb+xgHCHaNDbW63embu/w3stPtJz8Ou
PbbFfKFErxerwCnQCURTPx9ioBbluMjOR4hBRGgWXAebsDC+8D9sCGit7ySnX1uD
N5wq9oIzSMd0xVKaM3FOJPK52AjAP/S2PK2W0UOxA8A+AqSXplWX5Nd0lxi7gyAs
A2+bCLPL+hy/ypgAw8p+n9c3/fOdFoQPPc0PhjJGWN+R/xCR16HfB0zAhwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJjbVwY512CJTzUlZU2CMzMffi0iMB8GA1UdIwQY
MBaAFOSVrLr+Ru8vTWxR/PI71y9jnP0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUpXc3V2NUc3eTlOYkZIODhqdlhMMk9jX1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80NDA4NzctMzE5ZC00NjMwLWE2OTEt
Nzk5MWI0ZTRiZmEyLzEvbU50WEJqblhZSWxQTlNWbFRZSXpNeDktTFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy80NDA4NzctMzE5ZC00NjMwLWE2OTEtNzk5MWI0ZTRiZmEy
LzEvNUpXc3V2NUc3eTlOYkZIODhqdlhMMk9jX1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCAjigAwQA
W9/4AwQCuR80AwQCuVUgAwQCuZt8AwQCueAYAwQAwjuxAwQBw12uMA0EAgACMAcD
BQMqDV3AMA0GCSqGSIb3DQEBCwUAA4IBAQB3Fh99xxvurd233wlpaPJdRSxx1WH5
4gaPr2j3xLU6S8Vl7CSs8iM8IFAO3onSaSQtY9EvgjEPH9MWJBktBnEKz1D+fUfn
7sMY7n0MuU0RuGb76EXYc42kCtg3JWcWv13yT9F65mKTmC1z1AfvjAXe4jXX8yQi
4nRDEoW81IT5pLEdkahQTI1xWllmuNlE6s9b48aJ7MROtMkW3n6udHC4HZdyA+CU
RGEMx8jQRVotm7iAotOJ5iZKquVrJLj+FnVnwNGD71Guy8iMtW/LTy8puwg2Q7j1
bRlMANlNbyz5yCJxovfdOttzuYERSiLj2u16CEO2iHlEZ+yTrguRtFTk
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:17 2024 by rpki-client on console-fra.rpki-client.org