Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mAl3I-LEWFhhwocBh7N81VsOn40.roa
File: mAl3I-LEWFhhwocBh7N81VsOn40.roa (raw, json)
Hash identifier: rTo0ikWAW+5HAPvzCTVDL45KsVX/wdzvfclwAF1vQ5g=
Subject key identifier: 98:09:77:23:E2:C4:58:58:61:C2:87:01:87:B3:7C:D5:5B:0E:9F:8D
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 018940173C1D635236770E57D480C7C4E85F
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mAl3I-LEWFhhwocBh7N81VsOn40.roa
Signing time: Mon 10 Jul 2023 13:56:51 +0000
ROA not before: Mon 10 Jul 2023 13:56:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31122
IP address blocks: 78.137.128.0/18 maxlen: 18
93.92.8.0/21 maxlen: 21
92.51.192.0/18 maxlen: 18
84.203.0.0/16 maxlen: 16
185.53.32.0/24 maxlen: 24
185.53.35.0/24 maxlen: 24
83.147.128.0/18 maxlen: 18
212.126.32.0/19 maxlen: 19
46.183.104.0/23 maxlen: 23
212.126.60.0/22 maxlen: 22
185.233.176.0/22 maxlen: 22
94.247.48.0/21 maxlen: 21
92.51.208.0/20 maxlen: 20
185.182.72.0/22 maxlen: 22
185.242.236.0/23 maxlen: 23
89.234.64.0/18 maxlen: 18
176.52.216.0/22 maxlen: 22
176.52.220.0/23 maxlen: 23
80.93.16.0/20 maxlen: 20
185.205.228.0/22 maxlen: 22
217.78.0.0/20 maxlen: 20
37.46.16.0/21 maxlen: 21
2a0a:e780::/29 maxlen: 30
2001:1bb8::/32 maxlen: 32
2a00:15b8:400::/40 maxlen: 40
2a00:15b8::/32 maxlen: 32
2a02:220::/32 maxlen: 32
2a01:258::/32 maxlen: 32
2a01:8aa0::/32 maxlen: 32
2a0b:bc0::/29 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:17:3c:1d:63:52:36:77:0e:57:d4:80:c7:c4:e8:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Jul 10 13:56:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98097723e2c4585861c2870187b37cd55b0e9f8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:de:1b:66:4e:56:88:48:ea:3d:4a:39:0d:c7:
d1:9c:0b:d8:c4:c0:3a:31:7d:05:4d:ca:21:f2:19:
61:11:0d:bb:a8:9c:65:64:11:17:fc:8e:8e:c9:fd:
ba:c1:6f:24:70:7f:ea:4c:97:2b:24:c2:f1:0f:c3:
cc:11:f7:4b:98:3a:5f:9f:34:6b:61:31:cf:a2:2d:
72:d3:31:57:df:eb:30:4b:7c:f2:80:e1:a4:c0:96:
6f:f4:ee:82:70:f4:3c:f8:ce:4e:72:83:2a:75:da:
76:f0:30:c2:ef:02:95:e2:b2:fe:4a:95:fc:3f:45:
8f:73:d0:fe:c3:dd:23:8e:8b:42:3f:79:e5:33:67:
7e:23:dc:90:77:46:f0:32:76:57:d1:36:45:a6:07:
77:b3:45:38:da:e3:25:60:db:83:49:ee:98:3f:25:
e0:cb:b5:1f:f5:87:a3:09:50:63:8c:29:77:86:41:
ab:a3:f3:ce:89:b4:72:28:8c:7c:50:f4:93:e0:11:
f6:45:6c:ac:59:92:98:55:ac:53:5b:dc:07:33:35:
e3:90:b3:15:5b:e9:65:5e:cd:06:c4:b7:41:5a:99:
fd:c2:26:f9:0a:30:37:b2:6d:4e:65:25:48:79:ea:
56:6e:c7:46:6b:cc:6d:ed:09:73:a6:5f:86:b1:d5:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:09:77:23:E2:C4:58:58:61:C2:87:01:87:B3:7C:D5:5B:0E:9F:8D
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/mAl3I-LEWFhhwocBh7N81VsOn40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/21
46.183.104.0/23
78.137.128.0/18
80.93.16.0/20
83.147.128.0/18
84.203.0.0/16
89.234.64.0/18
92.51.192.0/18
93.92.8.0/21
94.247.48.0/21
176.52.216.0-176.52.221.255
185.53.32.0/24
185.53.35.0/24
185.182.72.0/22
185.205.228.0/22
185.233.176.0/22
185.242.236.0/23
212.126.32.0/19
217.78.0.0/20
IPv6:
2001:1bb8::/32
2a00:15b8::/32
2a01:258::/32
2a01:8aa0::/32
2a02:220::/32
2a0a:e780::/29
2a0b:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:ef:a4:36:3f:7a:a5:14:b8:59:ea:35:32:55:7d:27:76:29:
63:56:86:8c:61:0d:e8:2d:3b:a4:54:86:d2:04:8e:b9:7c:18:
66:2a:ed:c5:f2:4a:53:b5:5f:70:4c:ba:48:44:30:a1:5d:01:
cd:9c:29:cc:93:1c:c4:af:2b:7d:68:62:03:a5:60:17:85:20:
a7:6f:c1:b6:25:fc:79:83:ff:8f:11:1a:79:1f:01:f4:d3:cd:
63:89:3a:7b:45:ad:cb:bd:00:75:60:17:a3:20:f6:6b:32:97:
ba:61:0c:68:39:3c:4c:73:ce:93:b4:46:f8:e7:fe:9a:0b:f1:
7a:41:02:3a:dc:8e:e7:ad:95:8e:47:52:1a:09:7f:7f:20:10:
41:ac:1e:01:1f:d9:19:a2:a3:3e:c0:0a:4e:a0:30:f9:32:79:
d6:ed:27:90:0a:98:69:2b:7d:01:4c:88:f4:c0:bf:d9:31:c2:
a2:94:a9:bb:c3:07:23:2b:c5:93:57:16:f4:72:f9:65:45:db:
92:25:34:5d:34:e6:a5:8c:e4:16:92:56:54:4b:95:1f:dc:dc:
59:9c:a0:2d:3b:a8:c0:f5:64:a3:7f:de:48:fb:be:ef:ad:27:
65:84:c1:52:c6:aa:aa:44:1a:73:74:27:9a:6b:dd:02:31:3e:
68:1d:13:e7
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYlAFzwdY1I2dw5X1IDHxOhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjMwNzEwMTM1NjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODA5NzcyM2UyYzQ1ODU4NjFjMjg3MDE4N2IzN2NkNTViMGU5ZjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6t4bZk5WiEjqPUo5DcfRnAvYxMA6
MX0FTcoh8hlhEQ27qJxlZBEX/I6Oyf26wW8kcH/qTJcrJMLxD8PMEfdLmDpfnzRr
YTHPoi1y0zFX3+swS3zygOGkwJZv9O6CcPQ8+M5OcoMqddp28DDC7wKV4rL+SpX8
P0WPc9D+w90jjotCP3nlM2d+I9yQd0bwMnZX0TZFpgd3s0U42uMlYNuDSe6YPyXg
y7Uf9YejCVBjjCl3hkGro/POibRyKIx8UPST4BH2RWysWZKYVaxTW9wHMzXjkLMV
W+llXs0GxLdBWpn9wib5CjA3sm1OZSVIeepWbsdGa8xt7Qlzpl+GsdVW3wIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFJgJdyPixFhYYcKHAYezfNVbDp+NMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvbUFsM0ktTEVXRmhod29jQmg3TjgxVnNPbjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujB/BAIAATB5AwQDJS4Q
AwQBLrdoAwQGTomAAwQEUF0QAwQGU5OAAwMAVMsDBAZZ6kADBAZcM8ADBANdXAgD
BANe9zAwDAMEA7A02AMEAbA03AMEALk1IAMEALk1IwMEArm2SAMEArnN5AMEArnp
sAMEAbny7AMEBdR+IAMEBNlOADA3BAIAAjAxAwUAIAEbuAMFACoAFbgDBQAqAQJY
AwUAKgGKoAMFACoCAiADBQMqCueAAwUDKgsLwDANBgkqhkiG9w0BAQsFAAOCAQEA
LO+kNj96pRS4Weo1MlV9J3YpY1aGjGEN6C07pFSG0gSOuXwYZirtxfJKU7VfcEy6
SEQwoV0BzZwpzJMcxK8rfWhiA6VgF4Ugp2/BtiX8eYP/jxEaeR8B9NPNY4k6e0Wt
y70AdWAXoyD2azKXumEMaDk8THPOk7RG+Of+mgvxekECOtyO562VjkdSGgl/fyAQ
QaweAR/ZGaKjPsAKTqAw+TJ51u0nkAqYaSt9AUyI9MC/2THCopSpu8MHIyvFk1cW
9HL5ZUXbkiU0XTTmpYzkFpJWVEuVH9zcWZygLTuowPVko3/eSPu+760nZYTBUsaq
qkQac3QnmmvdAjE+aB0T5w==
-----END CERTIFICATE-----
Generated at Wed Aug 23 10:03:09 2023 by rpki-client on console-fra.rpki-client.org