Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/MXbwMaduKfW9AHu4kAuBfKZKj44.roa
File: MXbwMaduKfW9AHu4kAuBfKZKj44.roa (raw, json)
Hash identifier: iDsjfeRxlE0yonDH2uwUKGdKVYPT7PjsPbaBJPtSQUQ=
Subject key identifier: 31:76:F0:31:A7:6E:29:F5:BD:00:7B:B8:90:0B:81:7C:A6:4A:8F:8E
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 01857015000886F37DDD40434AD54B0583B0
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/MXbwMaduKfW9AHu4kAuBfKZKj44.roa
Signing time: Mon 02 Jan 2023 01:25:02 +0000
ROA not before: Mon 02 Jan 2023 01:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49360
IP address blocks: 45.90.232.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
91.214.72.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.122.0/24 maxlen: 24
5.83.120.0/22 maxlen: 22
2a0a:d3c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:00:08:86:f3:7d:dd:40:43:4a:d5:4b:05:83:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Jan 2 01:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3176f031a76e29f5bd007bb8900b817ca64a8f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:30:74:b9:20:dd:0b:94:00:2e:3c:bd:7a:
02:4d:13:26:7a:b0:07:b7:70:86:05:bf:18:76:16:
c2:4d:48:df:66:17:4c:b1:47:1c:51:66:6b:c8:6f:
55:61:7e:c2:a0:4d:79:41:43:9e:ac:66:7c:1a:47:
7f:93:46:ff:5a:2b:87:0e:cb:4a:a2:0f:eb:f9:3f:
18:bb:c4:a7:f2:19:c4:78:42:c5:57:2b:f9:9e:f7:
33:55:53:da:87:70:e6:d8:d7:57:61:de:57:73:e2:
66:8a:d8:25:60:95:12:b1:ce:38:d0:e5:a4:1a:3a:
ca:fd:c6:4b:55:bf:a7:31:48:3a:d8:20:fb:e2:98:
40:7d:de:ca:6a:0c:27:68:bd:06:45:da:26:6f:bf:
1e:d3:66:b7:b9:1f:13:20:f8:2a:33:94:fd:c8:4b:
c1:fc:69:05:f5:fd:e4:1d:1a:fe:f0:c3:13:69:3d:
0f:86:6c:a7:b0:e4:15:25:c6:66:26:01:fd:f3:dc:
06:e6:2e:f2:3d:8b:f6:a7:83:54:16:9a:5f:80:45:
4a:26:13:fc:77:56:23:21:e4:fd:22:85:bb:af:5b:
ad:a6:20:5a:b8:73:2a:05:3c:15:7d:44:31:e2:fc:
15:0b:6f:3a:2f:f1:da:72:84:12:92:f3:64:ff:e0:
13:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:F0:31:A7:6E:29:F5:BD:00:7B:B8:90:0B:81:7C:A6:4A:8F:8E
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/MXbwMaduKfW9AHu4kAuBfKZKj44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.120.0/22
31.7.144.0/20
45.90.232.0/22
91.214.72.0/22
185.29.248.0/22
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:c2:cf:fe:3d:d3:8a:e6:4c:63:e4:b7:50:64:17:4a:7f:cc:
12:9d:f5:61:75:bb:33:cd:3e:37:36:df:e3:a8:0a:f2:02:9e:
b6:93:85:93:92:15:de:21:d2:75:0f:ca:5f:ce:26:99:54:3e:
20:74:db:47:ac:cc:ab:04:27:60:1b:ad:93:eb:5c:3e:0b:8b:
f7:aa:1e:29:35:3b:c5:b9:56:a0:43:ab:19:33:ca:11:e4:2e:
79:cf:2c:df:45:30:8e:9b:26:76:a7:23:1d:04:49:c9:43:74:
7e:d9:f3:57:a7:61:85:9c:84:87:90:f8:27:cd:e0:37:9b:a6:
1a:99:c4:f1:78:5a:3d:49:5e:aa:b4:45:95:67:2a:64:32:ab:
44:ea:84:3a:56:d2:b0:09:19:7f:56:d9:e0:35:f1:c3:9b:7a:
9f:9b:7d:d0:5c:53:68:c4:3e:3e:58:e3:22:24:69:51:91:be:
af:21:4d:95:5a:81:b1:e5:19:67:2f:f0:30:c9:ae:f4:f3:ee:
10:b6:44:a5:9a:5d:19:86:2b:1e:43:0f:8d:b7:eb:6b:86:24:
ff:bd:88:8c:bd:74:eb:97:9e:73:62:cd:a2:fd:58:5b:df:ab:
8c:8b:2d:fb:53:04:6f:86:50:a0:7d:c8:61:9f:05:f9:22:09:
c6:4f:5f:46
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwFQAIhvN93UBDStVLBYOwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjMwMTAyMDEyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc2ZjAzMWE3NmUyOWY1YmQwMDdiYjg5MDBiODE3Y2E2NGE4ZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopQwdLkg3QuUAC48vXoCTRMmerAH
t3CGBb8YdhbCTUjfZhdMsUccUWZryG9VYX7CoE15QUOerGZ8Gkd/k0b/WiuHDstK
og/r+T8Yu8Sn8hnEeELFVyv5nvczVVPah3Dm2NdXYd5Xc+JmitglYJUSsc440OWk
GjrK/cZLVb+nMUg62CD74phAfd7KagwnaL0GRdomb78e02a3uR8TIPgqM5T9yEvB
/GkF9f3kHRr+8MMTaT0PhmynsOQVJcZmJgH989wG5i7yPYv2p4NUFppfgEVKJhP8
d1YjIeT9IoW7r1utpiBauHMqBTwVfUQx4vwVC286L/HacoQSkvNk/+ATiQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDF28DGnbin1vQB7uJALgXymSo+OMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvTVhid01hZHVLZlc5QUh1NGtBdUJmS1pLajQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCBVN4AwQE
HweQAwQCLVroAwQCW9ZIAwQCuR34MA0EAgACMAcDBQMqCtPAMA0GCSqGSIb3DQEB
CwUAA4IBAQBbws/+PdOK5kxj5LdQZBdKf8wSnfVhdbszzT43Nt/jqAryAp62k4WT
khXeIdJ1D8pfziaZVD4gdNtHrMyrBCdgG62T61w+C4v3qh4pNTvFuVagQ6sZM8oR
5C55zyzfRTCOmyZ2pyMdBEnJQ3R+2fNXp2GFnISHkPgnzeA3m6YamcTxeFo9SV6q
tEWVZypkMqtE6oQ6VtKwCRl/VtngNfHDm3qfm33QXFNoxD4+WOMiJGlRkb6vIU2V
WoGx5RlnL/Awya708+4QtkSlml0ZhiseQw+Nt+trhiT/vYiMvXTrl55zYs2i/Vhb
36uMiy37UwRvhlCgfchhnwX5IgnGT19G
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:43 2023 by rpki-client on console-fra.rpki-client.org