Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MndnHbNZhV0fYBqJPMj9KrK6N7s.roa
File: MndnHbNZhV0fYBqJPMj9KrK6N7s.roa (raw, json)
Hash identifier: kyrykJnwgS8wjj3pL2T9tclyG5iXQMmQ1HT/Jq7Ag2M=
Subject key identifier: 32:77:67:1D:B3:59:85:5D:1F:60:1A:89:3C:C8:FD:2A:B2:BA:37:BB
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 018571956505AFA8E515CC319DCAA83D2053
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MndnHbNZhV0fYBqJPMj9KrK6N7s.roa
Signing time: Mon 02 Jan 2023 08:24:54 +0000
ROA not before: Mon 02 Jan 2023 08:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399587
IP address blocks: 80.243.130.0/23 maxlen: 24
80.243.128.0/21 maxlen: 24
80.243.128.0/23 maxlen: 24
46.3.40.0/21 maxlen: 24
46.232.64.0/22 maxlen: 24
46.3.48.0/21 maxlen: 24
46.3.48.0/20 maxlen: 20
46.3.56.0/21 maxlen: 24
46.3.72.0/21 maxlen: 21
46.3.80.0/21 maxlen: 22
46.3.86.0/23 maxlen: 24
46.232.20.0/22 maxlen: 24
46.3.20.0/22 maxlen: 24
46.3.32.0/21 maxlen: 24
46.3.32.0/19 maxlen: 24
46.3.32.0/20 maxlen: 20
46.3.164.0/22 maxlen: 24
46.3.160.0/22 maxlen: 24
46.3.96.0/20 maxlen: 24
46.3.120.0/21 maxlen: 22
46.3.208.0/21 maxlen: 21
46.3.216.0/22 maxlen: 24
46.3.216.0/21 maxlen: 22
46.3.224.0/21 maxlen: 22
46.3.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:65:05:af:a8:e5:15:cc:31:9d:ca:a8:3d:20:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 2 08:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3277671db359855d1f601a893cc8fd2ab2ba37bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:85:fa:2b:82:63:2b:85:c4:7a:3e:0b:4b:56:
c7:b8:df:62:13:8a:7b:97:ac:76:fe:ab:70:2a:6a:
5d:48:70:50:76:f3:4f:3f:ae:12:00:2d:88:6b:b4:
72:1a:71:96:c0:6f:46:d1:39:ac:fd:e5:36:5a:54:
58:89:aa:5f:98:e7:59:41:f8:7e:66:dc:8e:2c:73:
a2:44:cd:d5:76:70:8a:a7:63:ae:9b:6b:97:66:b8:
14:1a:bf:79:4d:b8:00:c2:39:8f:4c:26:79:1d:10:
08:d1:c6:ae:d9:a0:b1:5a:53:53:96:3d:bc:bb:e5:
ac:94:6a:9d:b8:c9:91:c5:22:e6:ec:4a:7c:18:6d:
96:fd:3e:02:d4:5f:5e:86:c2:fe:90:c1:f2:3d:51:
93:12:08:e5:4c:f3:4c:31:62:a3:ff:88:2e:6f:6f:
d5:bd:c5:6a:99:9b:3c:fc:63:df:ec:78:3a:c2:85:
e3:6f:6c:88:f6:9f:c0:21:a0:de:75:24:e1:4d:67:
f7:04:e2:d1:bc:a9:7f:2a:68:44:9d:9e:59:2f:0d:
ed:bd:7e:4d:a6:3c:7a:2e:7a:e0:a7:4d:a9:fe:20:
3b:e4:4b:b2:3c:5f:e1:20:00:6d:ce:bd:e7:41:96:
9a:df:07:81:e6:e3:32:9c:7b:c3:1b:6d:7c:76:ec:
37:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:77:67:1D:B3:59:85:5D:1F:60:1A:89:3C:C8:FD:2A:B2:BA:37:BB
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/MndnHbNZhV0fYBqJPMj9KrK6N7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.20.0/22
46.3.32.0/19
46.3.72.0-46.3.87.255
46.3.96.0/20
46.3.120.0/21
46.3.160.0/21
46.3.208.0-46.3.231.255
46.232.20.0/22
46.232.64.0/22
80.243.128.0/21
Signature Algorithm: sha256WithRSAEncryption
91:db:f5:52:23:cd:d1:31:27:ec:22:b8:ed:14:d1:07:e0:0a:
5a:74:f7:57:03:b7:4f:73:ef:3f:bf:75:17:fa:3d:15:b1:13:
5e:be:1d:07:64:a0:dd:18:f3:96:28:90:d9:7a:36:37:e1:b4:
32:82:af:58:9c:8a:92:c0:56:7a:ca:23:01:d7:ac:91:ea:a4:
35:24:d7:1d:5c:38:3b:5c:c7:91:c0:b6:00:7e:18:61:d7:96:
9b:5e:3e:da:c8:77:b4:48:79:44:b0:9e:b0:d5:13:cb:01:c2:
60:83:93:b2:05:62:16:cd:4e:2c:79:4b:61:ec:0f:ae:34:88:
43:82:c6:24:6c:13:07:7f:21:a2:07:9a:da:35:de:20:fe:d1:
5d:22:94:33:21:4e:c1:cc:ee:f9:47:75:9c:fd:c7:6e:7e:eb:
21:9c:ec:9f:20:cd:bd:f8:fa:7c:21:7f:15:3f:6c:2f:f4:44:
bf:2e:a6:ca:89:41:07:6b:a8:1b:b4:36:f5:5a:0e:e4:59:2c:
8d:b8:88:41:5c:53:a8:55:91:ed:8f:cb:fb:87:d7:27:8e:19:
6c:8e:f1:20:15:04:69:8c:0b:89:89:06:37:5f:27:da:c5:75:
b3:ed:c8:c1:e9:a7:ce:88:48:e0:be:99:18:c2:2b:1e:94:af:
2b:4f:a5:83
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVxlWUFr6jlFcwxncqoPSBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjMwMTAyMDgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc3NjcxZGIzNTk4NTVkMWY2MDFhODkzY2M4ZmQyYWIyYmEzN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloX6K4JjK4XEej4LS1bHuN9iE4p7
l6x2/qtwKmpdSHBQdvNPP64SAC2Ia7RyGnGWwG9G0Tms/eU2WlRYiapfmOdZQfh+
ZtyOLHOiRM3VdnCKp2Oum2uXZrgUGr95TbgAwjmPTCZ5HRAI0cau2aCxWlNTlj28
u+WslGqduMmRxSLm7Ep8GG2W/T4C1F9ehsL+kMHyPVGTEgjlTPNMMWKj/4gub2/V
vcVqmZs8/GPf7Hg6woXjb2yI9p/AIaDedSThTWf3BOLRvKl/KmhEnZ5ZLw3tvX5N
pjx6Lnrgp02p/iA75EuyPF/hIABtzr3nQZaa3weB5uMynHvDG218duw3NwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDJ3Zx2zWYVdH2AaiTzI/Sqyuje7MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvTW5kbkhiTlpoVjBmWUJxSlBNajlLcks2TjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCLgMUAwQF
LgMgMAwDBAMuA0gDBAMuA1ADBAQuA2ADBAMuA3gDBAMuA6AwDAMEBC4D0AMEAy4D
4AMEAi7oFAMEAi7oQAMEA1DzgDANBgkqhkiG9w0BAQsFAAOCAQEAkdv1UiPN0TEn
7CK47RTRB+AKWnT3VwO3T3PvP791F/o9FbETXr4dB2Sg3RjzliiQ2Xo2N+G0MoKv
WJyKksBWesojAdeskeqkNSTXHVw4O1zHkcC2AH4YYdeWm14+2sh3tEh5RLCesNUT
ywHCYIOTsgViFs1OLHlLYewPrjSIQ4LGJGwTB38hogea2jXeIP7RXSKUMyFOwczu
+Ud1nP3Hbn7rIZzsnyDNvfj6fCF/FT9sL/REvy6myolBB2uoG7Q29VoO5FksjbiI
QVxTqFWR7Y/L+4fXJ44ZbI7xIBUEaYwLiYkGN18n2sV1s+3IwemnzohI4L6ZGMIr
HpSvK0+lgw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:36 2023 by rpki-client on console-fra.rpki-client.org