Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/mqerkNNZ681M9QViMPTWDihhUD0.roa
File: mqerkNNZ681M9QViMPTWDihhUD0.roa (raw, json)
Hash identifier: LG9vNL+reU6lKgoUMhG8LX0Zmpqi3rDm3Z+BU2rmVmc=
Subject key identifier: 9A:A7:AB:90:D3:59:EB:CD:4C:F5:05:62:30:F4:D6:0E:28:61:50:3D
Certificate issuer: /CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Certificate serial: 01856E78D722784FE97ADCBD2E897075CFD3
Authority key identifier: 09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/mqerkNNZ681M9QViMPTWDihhUD0.roa
Signing time: Sun 01 Jan 2023 17:54:51 +0000
ROA not before: Sun 01 Jan 2023 17:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35393
IP address blocks: 185.158.44.0/22 maxlen: 24
185.111.228.0/22 maxlen: 24
188.208.198.0/23 maxlen: 24
94.247.24.0/21 maxlen: 24
92.39.240.0/20 maxlen: 24
84.246.224.0/21 maxlen: 24
2a02:23e0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d7:22:78:4f:e9:7a:dc:bd:2e:89:70:75:cf:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Validity
Not Before: Jan 1 17:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aa7ab90d359ebcd4cf5056230f4d60e2861503d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d3:99:a8:14:25:ce:b3:e1:04:36:36:62:41:
ca:a8:a4:3a:6c:7c:91:bd:e5:e3:51:9e:cd:d6:58:
62:b3:52:bb:ca:44:cc:ec:b6:f9:0e:a3:48:02:16:
db:ef:85:51:dd:a1:49:3f:f2:fc:69:db:01:61:b9:
25:f8:25:7a:6f:86:86:12:43:16:37:b8:2b:5d:fb:
23:0f:be:3f:18:7c:93:f0:6e:22:66:08:91:6f:f2:
f8:98:d6:39:46:ac:b4:d8:53:15:c3:f2:ee:7d:29:
4e:c2:22:e5:ed:d4:4a:75:41:ba:13:59:18:e8:99:
a4:4e:9b:24:27:5b:3b:82:a6:b5:26:06:82:dd:96:
bb:95:d3:2a:f6:f1:90:43:10:cb:60:d0:42:2e:11:
30:2b:35:23:4e:18:6a:53:d5:7a:77:30:d7:85:25:
49:6a:cc:00:49:c6:da:44:f1:50:f4:cd:8e:bc:e5:
48:eb:f6:05:51:ca:88:27:02:f7:9c:c3:17:25:0d:
69:b5:93:58:42:3f:71:0b:d6:3e:9f:69:15:18:3e:
e2:46:34:55:9b:38:72:94:7c:be:15:82:ba:ee:9b:
aa:19:0e:66:00:ab:2f:11:63:b4:0c:1f:84:66:a6:
bc:2d:1e:94:92:4e:cc:a7:d2:72:9a:e3:4f:cd:5e:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A7:AB:90:D3:59:EB:CD:4C:F5:05:62:30:F4:D6:0E:28:61:50:3D
X509v3 Authority Key Identifier:
keyid:09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/mqerkNNZ681M9QViMPTWDihhUD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.224.0/21
92.39.240.0/20
94.247.24.0/21
185.111.228.0/22
185.158.44.0/22
188.208.198.0/23
IPv6:
2a02:23e0::/32
Signature Algorithm: sha256WithRSAEncryption
61:f1:2e:0e:f1:63:34:eb:4d:2d:44:c7:3e:ea:c8:1a:f7:b7:
3f:6f:50:10:76:91:39:6a:1a:4b:eb:2a:8d:13:d7:e8:9c:6b:
85:9f:0b:ee:db:5e:98:db:3e:3d:c2:f9:45:50:3b:ec:e4:00:
9c:f7:50:a6:e1:a0:f1:57:bc:d4:f0:e5:73:4e:ae:ba:f8:ad:
83:42:d9:b0:70:34:e0:1e:8a:00:47:5f:3e:e8:5a:1b:14:40:
92:15:8f:d8:9d:cf:eb:bc:09:9a:9a:05:e8:0d:42:c5:b1:b3:
ef:5c:a7:2b:e7:1c:90:ee:9b:50:47:be:b0:97:d9:db:db:4c:
19:1e:9d:5c:7e:99:24:a0:eb:9a:5b:79:74:1e:7b:c6:70:ce:
0e:c2:be:19:dd:a1:c7:34:06:39:0d:69:d9:05:8b:cf:21:98:
66:41:2c:74:6d:b9:8f:30:ba:6a:e6:b0:1c:cd:30:d7:cc:59:
ed:b0:0a:88:1c:f9:9f:46:23:8c:11:14:57:44:8a:2f:23:16:
68:4f:04:96:9c:d4:18:b6:b5:7a:90:cb:52:78:49:a7:f3:71:
fb:46:d0:36:1f:76:ae:6a:f8:de:ff:4b:62:cb:55:44:ee:cf:
35:55:ee:e5:ef:63:db:46:00:cf:50:1a:f3:da:40:65:d3:54:
d3:70:55:de
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVueNcieE/pety9Lolwdc/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjRiZjM3ZjM5ZWVjNjI5ODJjNGI2MzcwOWZhYjVkMTQ2
YzczNzMwHhcNMjMwMTAxMTc1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWE3YWI5MGQzNTllYmNkNGNmNTA1NjIzMGY0ZDYwZTI4NjE1MDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNOZqBQlzrPhBDY2YkHKqKQ6bHyR
veXjUZ7N1lhis1K7ykTM7Lb5DqNIAhbb74VR3aFJP/L8adsBYbkl+CV6b4aGEkMW
N7grXfsjD74/GHyT8G4iZgiRb/L4mNY5Rqy02FMVw/LufSlOwiLl7dRKdUG6E1kY
6JmkTpskJ1s7gqa1JgaC3Za7ldMq9vGQQxDLYNBCLhEwKzUjThhqU9V6dzDXhSVJ
aswAScbaRPFQ9M2OvOVI6/YFUcqIJwL3nMMXJQ1ptZNYQj9xC9Y+n2kVGD7iRjRV
mzhylHy+FYK67puqGQ5mAKsvEWO0DB+EZqa8LR6Ukk7Mp9JymuNPzV4KCwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJqnq5DTWevNTPUFYjD01g4oYVA9MB8GA1UdIwQY
MBaAFAm0vzfznuximCxLY3Cfq10UbHNzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JTX05fT2U3R0tZTEV0amNKLXJYUlJzYzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzE2ZDktNDczZi00YWYzLWExZDMt
MjRlNmMwZDRmYWQ3LzEvbXFlcmtOTlo2ODFNOVFWaU1QVFdEaWhoVUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzE2ZDktNDczZi00YWYzLWExZDMtMjRlNmMwZDRmYWQ3
LzEvQ2JTX05fT2U3R0tZTEV0amNKLXJYUlJzYzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVPbgAwQE
XCfwAwQDXvcYAwQCuW/kAwQCuZ4sAwQBvNDGMA0EAgACMAcDBQAqAiPgMA0GCSqG
SIb3DQEBCwUAA4IBAQBh8S4O8WM0600tRMc+6sga97c/b1AQdpE5ahpL6yqNE9fo
nGuFnwvu216Y2z49wvlFUDvs5ACc91Cm4aDxV7zU8OVzTq66+K2DQtmwcDTgHooA
R18+6FobFECSFY/Ync/rvAmamgXoDULFsbPvXKcr5xyQ7ptQR76wl9nb20wZHp1c
fpkkoOuaW3l0HnvGcM4Owr4Z3aHHNAY5DWnZBYvPIZhmQSx0bbmPMLpq5rAczTDX
zFntsAqIHPmfRiOMERRXRIovIxZoTwSWnNQYtrV6kMtSeEmn83H7RtA2H3auavje
/0tiy1VE7s81Ve7l72PbRgDPUBrz2kBl01TTcFXe
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:53 2024 by rpki-client on console-ams.rpki-client.org