Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/m73Nav_VklOkWK86QWjbJOTtZvE.roa
File: m73Nav_VklOkWK86QWjbJOTtZvE.roa (raw, json)
Hash identifier: 5SzPEPBcP1YDrwGhZfHDwA2FPs7nxOPFWA5XH5MgA0Q=
Subject key identifier: 9B:BD:CD:6A:FF:D5:92:53:A4:58:AF:3A:41:68:DB:24:E4:ED:66:F1
Certificate issuer: /CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Certificate serial: 01856BCA31CE26BEF186A769E15AC60C027D
Authority key identifier: E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/m73Nav_VklOkWK86QWjbJOTtZvE.roa
Signing time: Sun 01 Jan 2023 05:24:51 +0000
ROA not before: Sun 01 Jan 2023 05:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197075
IP address blocks: 81.29.176.0/22 maxlen: 23
46.31.104.0/21 maxlen: 24
185.186.12.0/22 maxlen: 23
185.37.116.0/22 maxlen: 23
185.246.95.0/24 maxlen: 24
185.59.20.0/22 maxlen: 23
37.77.160.0/21 maxlen: 24
2a02:2420::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ca:31:ce:26:be:f1:86:a7:69:e1:5a:c6:0c:02:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6faa0d2f5dec0201f55e40979c1909b6db77c3b
Validity
Not Before: Jan 1 05:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bbdcd6affd59253a458af3a4168db24e4ed66f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2d:3a:bd:63:63:fa:a9:c5:f6:dd:ae:55:b5:
69:7a:7e:5b:10:dc:fc:cd:84:fa:8c:e9:55:66:39:
42:ee:91:37:7a:0d:cf:48:81:d1:78:c9:d1:a4:bf:
97:a5:f1:85:e0:95:ef:b9:95:ca:d7:d4:1a:42:37:
aa:78:14:1f:a0:b5:26:85:02:31:f9:79:a7:84:6f:
af:05:73:ac:3c:4e:1e:8c:53:2e:3b:71:7d:21:53:
af:aa:15:12:82:0c:59:46:df:0b:5b:a0:04:b7:44:
0c:74:2a:10:6f:e5:b4:08:0e:11:86:85:e4:0b:97:
56:00:47:e1:ad:5a:42:53:83:07:d6:67:b0:d4:4d:
fe:75:3c:c4:de:c9:d0:57:9b:ad:89:b0:5d:e4:93:
b4:ad:19:de:c1:58:0b:70:fd:fd:06:ca:c7:2b:4b:
0f:3a:ee:2a:61:e5:6c:5a:6d:61:08:e9:75:86:ec:
fc:45:77:33:a5:18:c5:a4:76:9f:ac:93:9f:b1:a6:
6c:e3:a6:02:bb:13:80:01:25:19:86:ca:37:ed:da:
86:7a:43:63:c1:1d:a9:c3:e0:ca:b8:1d:b9:a0:62:
27:5b:d3:4e:a9:91:c8:e5:20:7d:cd:2f:aa:51:8d:
cb:7d:1d:5a:45:7c:92:31:50:9f:bb:9f:85:c7:22:
11:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:BD:CD:6A:FF:D5:92:53:A4:58:AF:3A:41:68:DB:24:E4:ED:66:F1
X509v3 Authority Key Identifier:
keyid:E6:FA:A0:D2:F5:DE:C0:20:1F:55:E4:09:79:C1:90:9B:6D:B7:7C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5vqg0vXewCAfVeQJecGQm223fDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/m73Nav_VklOkWK86QWjbJOTtZvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/097748-5cc8-450f-9fbb-8c8d10e8eabc/1/5vqg0vXewCAfVeQJecGQm223fDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.160.0/21
46.31.104.0/21
81.29.176.0/22
185.37.116.0/22
185.59.20.0/22
185.186.12.0/22
185.246.95.0/24
IPv6:
2a02:2420::/32
Signature Algorithm: sha256WithRSAEncryption
01:99:9c:28:45:f2:22:6a:9d:d4:e9:cd:0d:f5:0a:8b:c2:98:
03:b5:c1:80:ad:c2:27:b0:cd:49:7c:28:c4:89:78:28:27:6d:
c5:00:61:9f:f7:3d:3b:3e:46:d2:e8:35:f9:89:16:f0:b3:b5:
a8:d8:85:a9:52:ad:a8:26:65:99:ab:87:14:a9:b3:0c:9b:99:
af:a6:1f:7d:a6:29:34:7a:8d:93:53:94:c8:2c:d1:09:ba:b4:
84:32:bf:1e:a7:29:1c:b4:73:93:d3:f0:7c:11:e9:cb:ef:3c:
7d:80:0d:b1:f0:a2:d4:b2:2d:d3:0f:11:d9:06:96:1d:7f:9f:
46:6c:bd:c3:13:ae:b4:d6:90:68:4e:cc:68:dc:f4:3a:fa:7e:
42:08:31:cc:f3:85:84:a0:75:db:65:48:aa:3c:05:a7:13:0c:
e8:2d:e2:45:45:4a:cc:bd:28:8c:c9:b0:6b:c6:3a:6f:b1:5f:
c2:74:81:a0:ea:9c:69:5b:27:53:af:5f:12:ba:98:56:89:42:
c2:66:2e:48:d3:ca:9e:06:25:dc:a8:71:18:4a:29:03:c9:d8:
99:92:c6:db:16:d9:3e:78:8c:2e:84:10:a0:a6:c6:6b:a7:70:
fe:a9:04:90:92:b1:6a:87:2d:b0:be:42:e9:e6:95:fc:4e:d8:
57:bf:a3:01
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVryjHOJr7xhqdp4VrGDAJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZmFhMGQyZjVkZWMwMjAxZjU1ZTQwOTc5YzE5MDliNmRi
NzdjM2IwHhcNMjMwMTAxMDUyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmJkY2Q2YWZmZDU5MjUzYTQ1OGFmM2E0MTY4ZGIyNGU0ZWQ2NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi06vWNj+qnF9t2uVbVpen5bENz8
zYT6jOlVZjlC7pE3eg3PSIHReMnRpL+XpfGF4JXvuZXK19QaQjeqeBQfoLUmhQIx
+XmnhG+vBXOsPE4ejFMuO3F9IVOvqhUSggxZRt8LW6AEt0QMdCoQb+W0CA4RhoXk
C5dWAEfhrVpCU4MH1mew1E3+dTzE3snQV5utibBd5JO0rRnewVgLcP39BsrHK0sP
Ou4qYeVsWm1hCOl1huz8RXczpRjFpHafrJOfsaZs46YCuxOAASUZhso37dqGekNj
wR2pw+DKuB25oGInW9NOqZHI5SB9zS+qUY3LfR1aRXySMVCfu5+FxyIRWwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJu9zWr/1ZJTpFivOkFo2yTk7WbxMB8GA1UdIwQY
MBaAFOb6oNL13sAgH1XkCXnBkJttt3w7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmIt
OGM4ZDEwZThlYWJjLzEvbTczTmF2X1ZrbE9rV0s4NlFXamJKT1R0WnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8wOTc3NDgtNWNjOC00NTBmLTlmYmItOGM4ZDEwZThlYWJj
LzEvNXZxZzB2WGV3Q0FmVmVRSmVjR1FtMjIzZkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDJU2gAwQD
Lh9oAwQCUR2wAwQCuSV0AwQCuTsUAwQCuboMAwQAufZfMA0EAgACMAcDBQAqAiQg
MA0GCSqGSIb3DQEBCwUAA4IBAQABmZwoRfIiap3U6c0N9QqLwpgDtcGArcInsM1J
fCjEiXgoJ23FAGGf9z07PkbS6DX5iRbws7Wo2IWpUq2oJmWZq4cUqbMMm5mvph99
pik0eo2TU5TILNEJurSEMr8epykctHOT0/B8EenL7zx9gA2x8KLUsi3TDxHZBpYd
f59GbL3DE6601pBoTsxo3PQ6+n5CCDHM84WEoHXbZUiqPAWnEwzoLeJFRUrMvSiM
ybBrxjpvsV/CdIGg6pxpWydTr18SuphWiULCZi5I08qeBiXcqHEYSikDydiZksbb
Ftk+eIwuhBCgpsZrp3D+qQSQkrFqhy2wvkLp5pX8TthXv6MB
-----END CERTIFICATE-----
Generated at Mon Dec 4 08:52:26 2023 by rpki-client on console-ams.rpki-client.org