Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa
File: MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa (raw, json)
Hash identifier: 1aQ7en5Z+FY5xTdImJIo7JJqpau4Dz1PdWJ55VHjkTM=
Subject key identifier: 30:9E:57:5A:E4:2F:06:51:BC:4D:7D:99:1B:F6:02:B0:1A:FE:A5:59
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0186A30964C369CC0E31FEFCD5421DC1D24F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa
Signing time: Thu 02 Mar 2023 15:55:47 +0000
ROA not before: Thu 02 Mar 2023 15:55:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202485
IP address blocks: 92.52.217.0/24 maxlen: 24
88.209.254.0/24 maxlen: 24
83.137.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:09:64:c3:69:cc:0e:31:fe:fc:d5:42:1d:c1:d2:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 2 15:55:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=309e575ae42f0651bc4d7d991bf602b01afea559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9c:46:83:44:02:cd:90:7c:4e:44:28:71:48:
56:97:84:22:23:60:2c:59:6c:84:bc:17:c7:ea:5c:
f7:c4:54:68:f5:f4:4e:b2:26:b4:e2:ef:b6:5b:20:
31:96:c8:75:9e:09:a1:61:4f:d3:d8:5f:48:90:cf:
9f:7a:d6:ba:7c:21:3b:34:5c:ca:5d:28:6f:df:4c:
fc:51:88:85:f6:92:37:46:b2:f8:5d:d7:9e:8c:0e:
87:3c:65:5b:2b:f8:75:7c:87:95:a0:d2:49:e6:96:
1d:23:fc:28:d2:9c:6d:48:e9:46:59:56:57:a1:07:
7e:67:ad:30:2e:a0:2c:92:86:4d:5b:84:fe:d1:54:
8c:ab:3c:83:11:37:8d:42:50:69:86:3a:6d:37:93:
56:ee:74:8c:49:fb:8c:de:09:aa:8d:12:19:a6:61:
d2:b0:96:85:7e:f3:77:03:9d:12:61:53:c7:75:e6:
aa:5f:e5:50:1b:d8:9e:b8:40:af:9c:23:fc:97:45:
f6:76:de:98:c6:5b:fc:bb:a0:ee:4b:df:5b:ec:5b:
cc:14:5b:31:23:be:57:ae:6c:f8:fd:33:35:b2:fe:
63:a7:d5:64:2c:52:16:1a:34:ac:ae:33:ac:6e:c8:
5a:54:07:b4:cd:04:09:30:58:f8:c2:fb:07:d2:39:
33:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9E:57:5A:E4:2F:06:51:BC:4D:7D:99:1B:F6:02:B0:1A:FE:A5:59
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MJ5XWuQvBlG8TX2ZG_YCsBr-pVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.156.0/24
88.209.254.0/24
92.52.217.0/24
Signature Algorithm: sha256WithRSAEncryption
44:20:98:f2:2e:d2:6f:6d:36:60:77:e4:78:07:f1:0f:f2:bf:
db:2d:ef:70:20:76:28:c9:e3:29:18:89:99:9f:27:ba:2b:6c:
3d:f3:a2:62:e3:f7:20:f1:82:eb:8d:3d:c2:4b:36:3e:9c:f6:
8d:ab:67:57:6a:65:1f:a4:5c:d3:dd:dc:e1:a9:e7:90:16:3e:
b6:d1:29:03:60:58:f5:8e:c4:6a:9f:f5:51:60:30:96:f8:e5:
4d:31:5d:3e:84:4a:da:98:fb:6b:24:0a:1f:96:d9:5a:67:91:
25:7b:29:21:28:75:13:33:95:44:d1:4f:0e:fe:90:1d:cd:ac:
cc:6a:af:2c:a4:ba:6c:a6:62:2e:9d:8e:67:7a:63:88:59:7f:
53:32:dd:b8:e1:d6:85:cb:b9:d6:1c:f2:c8:f2:b7:e4:02:ed:
fe:d7:b4:e8:bf:e6:5f:b5:d4:5e:f2:8f:12:34:0b:e4:01:ba:
21:23:92:ff:ba:6b:eb:6e:8a:72:9f:42:61:f7:60:f1:1f:6d:
03:2f:cc:9b:a7:12:75:54:fb:51:f4:8c:c6:ca:ba:46:cf:97:
28:91:13:97:82:7f:2a:a5:49:ca:0f:aa:90:2e:b5:b3:3d:97:
55:24:41:00:df:ad:4c:85:c6:9f:4b:54:da:e1:86:49:0f:0e:
13:26:61:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYajCWTDacwOMf781UIdwdJPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwMzAyMTU1NTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDllNTc1YWU0MmYwNjUxYmM0ZDdkOTkxYmY2MDJiMDFhZmVhNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpxGg0QCzZB8TkQocUhWl4QiI2As
WWyEvBfH6lz3xFRo9fROsia04u+2WyAxlsh1ngmhYU/T2F9IkM+feta6fCE7NFzK
XShv30z8UYiF9pI3RrL4XdeejA6HPGVbK/h1fIeVoNJJ5pYdI/wo0pxtSOlGWVZX
oQd+Z60wLqAskoZNW4T+0VSMqzyDETeNQlBphjptN5NW7nSMSfuM3gmqjRIZpmHS
sJaFfvN3A50SYVPHdeaqX+VQG9ieuECvnCP8l0X2dt6Yxlv8u6DuS99b7FvMFFsx
I75Xrmz4/TM1sv5jp9VkLFIWGjSsrjOsbshaVAe0zQQJMFj4wvsH0jkzGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDCeV1rkLwZRvE19mRv2ArAa/qVZMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTUo1WFd1UXZCbEc4VFgyWkdfWUNzQnItcFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4mcAwQA
WNH+AwQAXDTZMA0GCSqGSIb3DQEBCwUAA4IBAQBEIJjyLtJvbTZgd+R4B/EP8r/b
Le9wIHYoyeMpGImZnye6K2w986Ji4/cg8YLrjT3CSzY+nPaNq2dXamUfpFzT3dzh
qeeQFj620SkDYFj1jsRqn/VRYDCW+OVNMV0+hEramPtrJAofltlaZ5EleykhKHUT
M5VE0U8O/pAdzazMaq8spLpspmIunY5nemOIWX9TMt244daFy7nWHPLI8rfkAu3+
17Tov+ZftdRe8o8SNAvkAbohI5L/umvrbopyn0Jh92DxH20DL8ybpxJ1VPtR9IzG
yrpGz5cokROXgn8qpUnKD6qQLrWzPZdVJEEA361MhcafS1Ta4YZJDw4TJmHk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:51 2023 by rpki-client on console-ams.rpki-client.org