Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa
File: mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa (raw, json)
Hash identifier: ZMfwcusk2JYRlbnjjLeOACJs+CH8sS2FooI8rS6f8K8=
Subject key identifier: 9A:F0:EF:41:30:AC:70:04:6B:67:C7:C8:61:FA:DE:C9:0F:52:A7:93
Certificate issuer: /CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Certificate serial: 01890C2019FEB5FCB36361C23A7AF12FC9BF
Authority key identifier: C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa
Signing time: Fri 30 Jun 2023 11:46:17 +0000
ROA not before: Fri 30 Jun 2023 11:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197133
IP address blocks: 217.114.200.0/21 maxlen: 24
217.114.207.0/24 maxlen: 24
194.143.132.0/23 maxlen: 24
193.202.121.0/24 maxlen: 24
185.32.102.0/24 maxlen: 24
178.248.208.0/21 maxlen: 24
185.32.100.0/23 maxlen: 24
178.251.248.0/21 maxlen: 24
194.69.194.0/23 maxlen: 24
185.114.128.0/22 maxlen: 24
91.197.136.0/22 maxlen: 24
2a02:1740::/32 maxlen: 48
2a03:d280::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:20:19:fe:b5:fc:b3:63:61:c2:3a:7a:f1:2f:c9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1eb076d16702c7dbea972e2972ef576a1f2c873
Validity
Not Before: Jun 30 11:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af0ef4130ac70046b67c7c861fadec90f52a793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:2e:53:50:46:d8:8e:aa:6c:fe:7b:39:07:
1d:f2:1d:4c:ef:54:63:95:42:d2:90:0c:9d:0a:d1:
fd:67:f9:9e:a2:0b:92:8c:db:47:57:5b:95:8e:4c:
de:cc:54:e8:e8:0e:a1:f1:60:84:57:8d:4d:b6:ad:
b7:47:1b:78:5e:6a:3e:bd:28:2e:03:60:f6:7b:d5:
15:f1:7a:08:45:c7:a7:b1:0e:dc:02:a2:3e:af:2b:
52:45:99:63:78:a9:ae:0a:9a:d2:8b:9e:39:7b:9d:
0a:bd:8f:14:c7:55:54:f7:31:80:66:7a:f9:cd:ee:
14:83:93:a8:d3:d2:03:15:f5:24:ea:4b:10:7d:b5:
81:3d:58:3a:2e:d7:ba:1a:dc:4b:14:5b:6e:60:6a:
53:16:51:13:80:20:a7:69:cc:91:e0:d5:dc:ce:8f:
ba:39:02:e3:b1:84:22:9d:66:0d:fb:c1:ff:f8:4a:
42:8a:8e:21:ea:19:6e:d1:fb:86:62:fa:85:1a:ff:
51:80:8d:da:f3:6f:b0:72:e7:6b:f3:f2:87:58:61:
27:54:85:04:2d:46:f1:9d:cd:ca:45:0a:f7:3d:bb:
a7:49:43:e7:e7:4b:4b:23:c8:e6:82:60:bb:96:f1:
24:11:f7:fd:e0:ab:91:f4:bc:72:f9:30:ff:60:da:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F0:EF:41:30:AC:70:04:6B:67:C7:C8:61:FA:DE:C9:0F:52:A7:93
X509v3 Authority Key Identifier:
keyid:C1:EB:07:6D:16:70:2C:7D:BE:A9:72:E2:97:2E:F5:76:A1:F2:C8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wesHbRZwLH2-qXLily71dqHyyHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/mvDvQTCscARrZ8fIYfreyQ9Sp5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a43c6e-349c-4914-8da3-6c32a6ab1ef2/1/wesHbRZwLH2-qXLily71dqHyyHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.136.0/22
178.248.208.0/21
178.251.248.0/21
185.32.100.0-185.32.102.255
185.114.128.0/22
193.202.121.0/24
194.69.194.0/23
194.143.132.0/23
217.114.200.0/21
IPv6:
2a02:1740::/32
2a03:d280::/32
Signature Algorithm: sha256WithRSAEncryption
4b:be:45:95:39:91:56:83:22:b5:6d:91:d1:90:fd:8a:7c:52:
79:bd:be:23:4e:02:d4:64:9c:1e:39:af:2a:f4:a0:c5:49:0c:
f8:a1:67:ce:75:a9:10:06:52:a2:57:0b:62:27:53:0c:58:78:
c0:08:bb:fe:a7:59:3c:e9:ef:e4:99:0c:f0:a6:0b:f1:b4:c4:
1a:42:4c:cc:d2:cf:64:88:d0:aa:29:82:e9:08:fc:5b:43:ea:
40:14:b0:f1:c8:a1:ba:90:18:68:7c:91:a6:a1:c1:17:7e:c0:
d4:46:1f:90:97:44:5f:f0:76:b0:d0:c8:6d:f9:53:f5:88:a6:
96:bb:e3:ad:e5:f6:16:e5:c7:9d:0e:78:d0:28:bc:67:4f:08:
0b:3e:82:75:6f:d3:79:bf:d9:86:0b:63:34:15:26:75:a4:ed:
61:52:c1:45:d3:81:fc:2f:ad:e0:14:fd:83:0b:47:57:b7:90:
69:2c:08:5e:d0:24:b1:a6:33:67:51:99:03:1d:bd:28:39:62:
33:82:db:2b:a1:45:70:ca:1c:a1:5e:ea:cf:d2:55:44:7a:e0:
3f:43:74:bf:d5:03:fd:9f:22:d6:00:06:4a:88:13:bf:d3:d1:
62:4c:b0:79:e9:24:b3:dc:53:0f:19:f5:93:a7:8c:44:65:30:
44:8a:64:ce
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYkMIBn+tfyzY2HCOnrxL8m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZWIwNzZkMTY3MDJjN2RiZWE5NzJlMjk3MmVmNTc2YTFm
MmM4NzMwHhcNMjMwNjMwMTE0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYwZWY0MTMwYWM3MDA0NmI2N2M3Yzg2MWZhZGVjOTBmNTJhNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKAuU1BG2I6qbP57OQcd8h1M71Rj
lULSkAydCtH9Z/meoguSjNtHV1uVjkzezFTo6A6h8WCEV41Ntq23Rxt4Xmo+vSgu
A2D2e9UV8XoIRcensQ7cAqI+rytSRZljeKmuCprSi545e50KvY8Ux1VU9zGAZnr5
ze4Ug5Oo09IDFfUk6ksQfbWBPVg6Lte6GtxLFFtuYGpTFlETgCCnacyR4NXczo+6
OQLjsYQinWYN+8H/+EpCio4h6hlu0fuGYvqFGv9RgI3a82+wcudr8/KHWGEnVIUE
LUbxnc3KRQr3PbunSUPn50tLI8jmgmC7lvEkEff94KuR9Lxy+TD/YNrJFwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJrw70EwrHAEa2fHyGH63skPUqeTMB8GA1UdIwQY
MBaAFMHrB20WcCx9vqly4pcu9Xah8shzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMt
NmMzMmE2YWIxZWYyLzEvbXZEdlFUQ3NjQVJyWjhmSVlmcmV5UTlTcDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNDNjNmUtMzQ5Yy00OTE0LThkYTMtNmMzMmE2YWIxZWYy
LzEvd2VzSGJSWndMSDItcVhMaWx5NzFkcUh5eUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQCW8WIAwQD
svjQAwQDsvv4MAwDBAK5IGQDBAC5IGYDBAK5coADBADBynkDBAHCRcIDBAHCj4QD
BAPZcsgwFAQCAAIwDgMFACoCF0ADBQAqA9KAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
vkWVOZFWgyK1bZHRkP2KfFJ5vb4jTgLUZJweOa8q9KDFSQz4oWfOdakQBlKiVwti
J1MMWHjACLv+p1k86e/kmQzwpgvxtMQaQkzM0s9kiNCqKYLpCPxbQ+pAFLDxyKG6
kBhofJGmocEXfsDURh+Ql0Rf8Haw0Mht+VP1iKaWu+Ot5fYW5cedDnjQKLxnTwgL
PoJ1b9N5v9mGC2M0FSZ1pO1hUsFF04H8L63gFP2DC0dXt5BpLAhe0CSxpjNnUZkD
Hb0oOWIzgtsroUVwyhyhXurP0lVEeuA/Q3S/1QP9nyLWAAZKiBO/09FiTLB56SSz
3FMPGfWTp4xEZTBEimTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:22 2024 by rpki-client on console-ams.rpki-client.org