Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mWzXLFDyLLBlGUNE8zvcD5sqRKY.roa
File: mWzXLFDyLLBlGUNE8zvcD5sqRKY.roa (raw, json)
Hash identifier: TYa0wZbNg+87I6RfwzSw+JSTXjP507sbxvuMNwllDIE=
Subject key identifier: 99:6C:D7:2C:50:F2:2C:B0:65:19:43:44:F3:3B:DC:0F:9B:2A:44:A6
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018642196EEAE3E3009115E6B1ABC2E19666
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mWzXLFDyLLBlGUNE8zvcD5sqRKY.roa
Signing time: Sat 11 Feb 2023 20:10:08 +0000
ROA not before: Sat 11 Feb 2023 20:10:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21769
IP address blocks: 185.199.116.0/22 maxlen: 22
103.41.44.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
45.127.248.0/22 maxlen: 22
185.195.212.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:42:19:6e:ea:e3:e3:00:91:15:e6:b1:ab:c2:e1:96:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 11 20:10:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=996cd72c50f22cb065194344f33bdc0f9b2a44a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0b:31:84:bc:54:93:a5:5e:a9:2a:1b:ad:4a:
77:f3:d0:b0:da:d0:fe:70:4c:68:6f:84:20:14:13:
9e:dc:e6:db:c9:8e:9d:14:3e:69:4b:a9:0d:8b:2b:
a3:cf:3c:d5:44:b9:8f:83:4a:39:70:7b:e1:55:cf:
f5:b5:0d:ec:8d:d3:01:cb:c2:79:d1:c4:17:6a:f6:
6e:6f:1e:04:ca:dc:1e:21:9e:0e:29:ff:2e:ce:89:
43:0c:38:ab:07:d5:35:f0:58:16:77:db:ce:1e:ec:
88:44:c5:b8:ad:f3:8c:84:31:5d:5a:53:42:b9:d5:
81:9e:65:54:91:85:e7:ef:5d:36:5b:c0:b3:bf:1c:
a8:cf:76:5c:27:17:51:ca:5b:0e:f6:0f:33:c0:d0:
4f:56:43:2a:d8:2e:ac:44:5e:0b:0f:c0:53:aa:ce:
38:00:79:8a:13:85:ef:16:b7:a3:dd:a7:63:d3:be:
08:30:02:f5:15:25:d7:29:c5:ad:dc:26:8b:cf:a2:
7b:82:58:3a:14:19:d3:7d:ee:14:89:70:a1:11:2e:
be:26:2f:bd:89:1a:a6:cc:89:88:c9:f7:c2:86:26:
02:bb:4a:78:94:35:2f:71:24:ae:3e:5b:1e:6e:62:
ec:44:af:2a:ad:c8:b5:96:e2:88:58:87:69:4f:63:
08:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6C:D7:2C:50:F2:2C:B0:65:19:43:44:F3:3B:DC:0F:9B:2A:44:A6
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mWzXLFDyLLBlGUNE8zvcD5sqRKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
4b:5b:b7:9a:9f:b5:53:e1:f9:f7:37:b5:67:75:2e:56:fb:da:
b4:a9:20:e0:ae:8b:92:b6:14:c0:70:ad:92:c3:1e:49:0f:19:
31:56:4e:29:24:7a:3c:d2:b3:5a:be:f9:a3:71:04:99:1f:42:
a2:ad:8f:dc:6c:44:c0:66:b3:a3:0c:f4:06:7e:28:c6:69:55:
04:b7:bd:86:70:39:4c:78:2d:43:a1:4f:b9:22:d7:1a:9b:36:
06:cd:1f:55:6d:3a:9c:58:5b:31:89:c5:2a:f1:a6:b1:68:6b:
49:b6:e9:12:62:7e:98:80:7c:95:20:cc:13:87:d7:d9:9c:bf:
7e:60:40:0e:c6:fa:95:e1:8e:85:25:44:cb:e8:91:e7:1e:8c:
37:fa:3a:9e:e9:00:4c:f2:5c:f1:09:b7:23:63:a1:c1:34:fa:
90:b5:5e:ab:83:6f:f4:f1:1a:ed:5b:64:31:a5:d3:38:5b:6a:
93:54:97:80:d9:fa:be:ae:34:68:03:27:69:14:27:9a:b2:67:
b1:6f:22:29:68:aa:0d:ee:55:9b:74:cd:20:1f:82:e5:35:59:
c0:1e:73:80:17:49:69:72:0f:f3:a6:b7:84:50:33:9d:da:a0:
dc:fa:4f:e9:ae:f3:b4:87:71:ff:93:31:35:b4:1d:82:d8:a8:
73:f0:a8:fe
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYZCGW7q4+MAkRXmsavC4ZZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjMwMjExMjAxMDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZjZDcyYzUwZjIyY2IwNjUxOTQzNDRmMzNiZGMwZjliMmE0NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwsxhLxUk6VeqSobrUp389Cw2tD+
cExob4QgFBOe3ObbyY6dFD5pS6kNiyujzzzVRLmPg0o5cHvhVc/1tQ3sjdMBy8J5
0cQXavZubx4EytweIZ4OKf8uzolDDDirB9U18FgWd9vOHuyIRMW4rfOMhDFdWlNC
udWBnmVUkYXn7102W8Czvxyoz3ZcJxdRylsO9g8zwNBPVkMq2C6sRF4LD8BTqs44
AHmKE4XvFrej3adj074IMAL1FSXXKcWt3CaLz6J7glg6FBnTfe4UiXChES6+Ji+9
iRqmzImIyffChiYCu0p4lDUvcSSuPlsebmLsRK8qrci1luKIWIdpT2MIiwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJls1yxQ8iywZRlDRPM73A+bKkSmMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbVd6WExGRHlMTEJsR1VORTh6dmNENXNxUktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLX/4AwQC
ZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQCwl0EMA0E
AgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQBLW7ean7VT4fn3N7VndS5W
+9q0qSDgrouSthTAcK2Swx5JDxkxVk4pJHo80rNavvmjcQSZH0KirY/cbETAZrOj
DPQGfijGaVUEt72GcDlMeC1DoU+5ItcamzYGzR9VbTqcWFsxicUq8aaxaGtJtukS
Yn6YgHyVIMwTh9fZnL9+YEAOxvqV4Y6FJUTL6JHnHow3+jqe6QBM8lzxCbcjY6HB
NPqQtV6rg2/08RrtW2QxpdM4W2qTVJeA2fq+rjRoAydpFCeasmexbyIpaKoN7lWb
dM0gH4LlNVnAHnOAF0lpcg/zpreEUDOd2qDc+k/prvO0h3H/kzE1tB2C2Khz8Kj+
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:50 2024 by rpki-client on console-fra.rpki-client.org