Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/mqcowlR00NTEE5q9YRV5_FouP5A.roa
File: mqcowlR00NTEE5q9YRV5_FouP5A.roa (raw, json)
Hash identifier: 0etx6qlf3VTH6YrUkRtiw0Q5CFeAnF12LP43eeJUqV8=
Subject key identifier: 9A:A7:28:C2:54:74:D0:D4:C4:13:9A:BD:61:15:79:FC:5A:2E:3F:90
Certificate issuer: /CN=d897faea94815e0520b46f185c3ebec29b376ef0
Certificate serial: 01856C9CD74489C75A0A1E5515EA6BE08F62
Authority key identifier: D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/mqcowlR00NTEE5q9YRV5_FouP5A.roa
Signing time: Sun 01 Jan 2023 09:14:56 +0000
ROA not before: Sun 01 Jan 2023 09:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212882
IP address blocks: 95.130.188.0/22 maxlen: 22
91.237.218.0/24 maxlen: 24
185.14.110.0/24 maxlen: 24
185.14.111.0/24 maxlen: 24
185.14.108.0/24 maxlen: 24
185.14.109.0/24 maxlen: 24
95.130.184.0/22 maxlen: 23
95.130.186.0/23 maxlen: 23
2a03:ac40:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d7:44:89:c7:5a:0a:1e:55:15:ea:6b:e0:8f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d897faea94815e0520b46f185c3ebec29b376ef0
Validity
Not Before: Jan 1 09:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aa728c25474d0d4c4139abd611579fc5a2e3f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cf:e2:e9:45:ad:48:0a:33:6b:74:1b:b0:2e:
c1:7e:18:ab:03:db:35:d5:d5:ba:07:c4:47:e8:2b:
32:dc:93:cf:32:fb:a7:9f:27:20:7e:1c:22:99:20:
60:3c:05:d2:f5:4b:f4:90:dd:4e:75:6c:5e:bb:e9:
48:09:54:e2:95:ea:b6:7e:89:7c:34:65:93:79:af:
71:cb:cf:03:b7:27:a4:dd:82:63:64:4e:46:b7:19:
dd:9c:a0:bd:6b:bc:b2:49:61:8c:6f:11:5b:1b:45:
da:69:98:5b:a5:ba:ad:da:52:87:96:0d:c4:78:79:
c0:b5:1f:5c:b9:ac:b0:2a:cb:27:b4:b5:38:e6:9d:
2c:74:2a:d2:bc:9e:87:68:bf:5d:64:41:30:6c:1b:
bd:62:fe:99:eb:f3:48:47:9d:67:46:af:73:c8:20:
d5:16:ad:c8:7d:29:2a:a3:ba:7e:5c:df:a6:f4:d6:
17:5a:0e:bd:83:83:b1:fb:8b:00:bd:d2:a8:f1:78:
b2:9b:26:26:9a:2c:73:88:35:f5:44:6e:98:85:40:
aa:14:05:c1:00:c6:1a:a5:38:c2:68:09:af:ae:f1:
ed:fa:ce:a8:25:69:22:0c:ab:95:95:b9:3e:f1:a8:
32:a9:c2:1c:66:6c:d3:66:e1:da:4f:74:4c:67:ba:
04:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A7:28:C2:54:74:D0:D4:C4:13:9A:BD:61:15:79:FC:5A:2E:3F:90
X509v3 Authority Key Identifier:
keyid:D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/mqcowlR00NTEE5q9YRV5_FouP5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/2Jf66pSBXgUgtG8YXD6-wps3bvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.218.0/24
95.130.184.0/21
185.14.108.0/22
IPv6:
2a03:ac40:1::/48
Signature Algorithm: sha256WithRSAEncryption
a2:51:1a:4f:9c:55:1a:22:ca:4d:66:d0:57:fb:c6:b2:11:43:
33:18:8c:f9:43:9e:c4:5c:6d:d8:c9:5f:68:c3:d1:d9:6c:92:
c3:a1:82:4e:b1:da:38:ab:8d:ea:15:72:fe:8b:10:f4:93:27:
8a:8f:af:f5:02:6d:e0:e9:d3:bf:16:0d:83:b9:22:13:52:fd:
64:d6:65:cb:03:12:85:80:39:a1:cc:d4:9a:84:e3:e2:0f:42:
a1:38:3c:34:47:b0:c3:81:9d:b8:93:84:f6:7d:5d:c9:15:70:
a6:b1:d7:26:ee:3a:06:89:76:07:b4:52:59:38:0d:bc:2c:5f:
69:47:15:35:50:de:10:58:d1:d2:71:f1:5e:9b:e1:25:79:93:
3e:3f:e4:b1:9a:29:04:1d:61:04:b3:19:8d:b1:e5:b4:f2:ce:
4c:fe:df:af:aa:0b:c3:63:ab:5d:43:9c:5b:45:70:47:64:9a:
6b:ef:3f:c5:a0:71:13:52:5e:fa:56:8a:49:54:80:85:22:86:
d2:c3:dc:34:5d:6f:bb:bb:0b:44:08:aa:7f:22:90:d2:b6:00:
d4:65:e5:30:2a:e5:eb:ff:7d:e8:34:c7:5c:1a:b5:73:63:38:
87:98:1d:5d:1d:db:14:07:00:e2:a9:5f:ca:c6:0c:ec:58:79:
5d:8e:4e:37
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVsnNdEicdaCh5VFepr4I9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTdmYWVhOTQ4MTVlMDUyMGI0NmYxODVjM2ViZWMyOWIz
NzZlZjAwHhcNMjMwMTAxMDkxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWE3MjhjMjU0NzRkMGQ0YzQxMzlhYmQ2MTE1NzlmYzVhMmUzZjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/i6UWtSAoza3QbsC7BfhirA9s1
1dW6B8RH6Csy3JPPMvunnycgfhwimSBgPAXS9Uv0kN1OdWxeu+lICVTileq2fol8
NGWTea9xy88Dtyek3YJjZE5GtxndnKC9a7yySWGMbxFbG0XaaZhbpbqt2lKHlg3E
eHnAtR9cuaywKssntLU45p0sdCrSvJ6HaL9dZEEwbBu9Yv6Z6/NIR51nRq9zyCDV
Fq3IfSkqo7p+XN+m9NYXWg69g4Ox+4sAvdKo8XiymyYmmixziDX1RG6YhUCqFAXB
AMYapTjCaAmvrvHt+s6oJWkiDKuVlbk+8agyqcIcZmzTZuHaT3RMZ7oEuwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJqnKMJUdNDUxBOavWEVefxaLj+QMB8GA1UdIwQY
MBaAFNiX+uqUgV4FILRvGFw+vsKbN27wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzct
YzgxM2NlMGY1ZTQ3LzEvbXFjb3dsUjAwTlRFRTVxOVlSVjVfRm91UDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3
LzEvMkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW+3aAwQD
X4K4AwQCuQ5sMA8EAgACMAkDBwAqA6xAAAEwDQYJKoZIhvcNAQELBQADggEBAKJR
Gk+cVRoiyk1m0Ff7xrIRQzMYjPlDnsRcbdjJX2jD0dlsksOhgk6x2jirjeoVcv6L
EPSTJ4qPr/UCbeDp078WDYO5IhNS/WTWZcsDEoWAOaHM1JqE4+IPQqE4PDRHsMOB
nbiThPZ9XckVcKax1ybuOgaJdge0Ulk4DbwsX2lHFTVQ3hBY0dJx8V6b4SV5kz4/
5LGaKQQdYQSzGY2x5bTyzkz+36+qC8Njq11DnFtFcEdkmmvvP8WgcRNSXvpWiklU
gIUihtLD3DRdb7u7C0QIqn8ikNK2ANRl5TAq5ev/feg0x1watXNjOIeYHV0d2xQH
AOKpX8rGDOxYeV2OTjc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:33 2024 by rpki-client on console-ams.rpki-client.org