Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/MLn3WUVHSbza_Y2lC7rMh7G2WfQ.roa
File: MLn3WUVHSbza_Y2lC7rMh7G2WfQ.roa (raw, json)
Hash identifier: kc9rmtpmHHkuypHwXfWQ7HgUbmWqTHAZYYIUKPBG/5A=
Subject key identifier: 30:B9:F7:59:45:47:49:BC:DA:FD:8D:A5:0B:BA:CC:87:B1:B6:59:F4
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 01856E0ADD5E3E21CADC1A59998763694720
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/MLn3WUVHSbza_Y2lC7rMh7G2WfQ.roa
Signing time: Sun 01 Jan 2023 15:54:43 +0000
ROA not before: Sun 01 Jan 2023 15:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206825
IP address blocks: 185.36.112.0/22 maxlen: 22
185.186.116.0/22 maxlen: 22
195.181.254.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
195.192.252.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
178.157.95.0/24 maxlen: 24
185.207.240.0/22 maxlen: 22
103.197.8.0/22 maxlen: 22
212.103.52.0/22 maxlen: 22
46.102.102.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
212.237.254.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:dd:5e:3e:21:ca:dc:1a:59:99:87:63:69:47:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Jan 1 15:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30b9f759454749bcdafd8da50bbacc87b1b659f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a5:32:ce:33:ef:c0:d2:bd:ad:3f:eb:2e:f6:
29:2e:df:50:ea:4d:16:ff:de:15:a7:12:90:57:a0:
9f:b9:33:26:09:d1:52:aa:44:9a:f6:78:ee:86:4c:
6c:65:37:b7:f4:2e:ba:8b:e2:f9:f6:c6:f3:be:56:
9b:d7:93:63:57:ab:88:71:62:ea:95:e4:ba:c5:69:
19:6a:6a:ec:3e:1d:e0:e4:64:26:77:20:ca:1a:2e:
e4:13:c6:6b:e3:26:e1:1b:d7:dd:b7:0e:90:fe:38:
b7:46:29:5c:89:e6:21:47:41:65:09:b3:30:58:8e:
93:69:6a:0c:7a:7a:bc:4f:3f:ce:02:ea:70:9a:bf:
d1:80:50:ef:ed:db:69:a3:df:65:33:6d:46:8b:fe:
e7:a1:78:5b:49:4e:cf:28:76:51:da:1c:32:4d:43:
be:f0:0e:91:70:f3:4c:c8:0f:1f:5e:74:a3:4e:7c:
1b:b4:d6:f5:ef:7c:92:72:3e:01:12:47:46:81:ae:
ff:69:73:06:a4:6d:ad:bb:e6:9f:be:d1:03:d9:bd:
55:62:c4:c3:06:d5:3f:c3:3a:5d:26:5c:0f:6c:8c:
66:10:79:23:c5:10:23:17:0a:a5:96:53:1b:04:82:
b1:96:87:91:c2:7f:4e:b9:6d:20:35:8d:65:d9:6d:
2e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B9:F7:59:45:47:49:BC:DA:FD:8D:A5:0B:BA:CC:87:B1:B6:59:F4
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/MLn3WUVHSbza_Y2lC7rMh7G2WfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
94.177.133.0/24
103.197.8.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
07:71:f1:7a:84:dc:ae:03:a9:30:d3:dd:7f:eb:be:25:48:71:
63:08:9f:aa:3b:8b:e6:b6:17:4c:f7:50:40:8c:43:0c:03:00:
a1:f1:ff:76:53:19:73:f2:9d:e8:c5:2e:f1:3e:46:af:30:38:
0f:d5:3a:b2:8c:7d:73:b4:55:2a:df:6f:fd:5a:e9:10:b1:2b:
59:f0:04:6d:46:e1:98:50:99:12:1e:49:7c:8f:35:f2:d4:da:
55:3b:84:6a:af:70:8a:26:2f:71:a4:c9:ff:a0:19:a5:2e:52:
60:98:9b:40:f2:d8:0c:2d:8b:44:dc:3a:fb:01:b0:0c:dd:79:
e0:13:69:ed:94:9b:d0:8f:ff:5a:d3:a9:a9:3a:0f:4f:16:fe:
8f:48:bd:46:5a:f3:74:53:16:fe:66:55:99:61:86:bf:52:62:
cf:ba:da:52:8d:82:05:48:92:49:eb:4a:7a:ad:56:86:08:8b:
cf:98:ac:86:0d:e6:60:86:2b:a3:50:f1:a0:4f:fa:67:65:9e:
6b:43:98:c0:66:53:d2:a5:3f:0d:4d:45:fa:e9:6b:55:3b:0f:
65:2b:fb:cf:eb:a0:8e:9a:8b:89:37:e1:72:2d:56:07:1c:56:
67:4b:82:ef:43:54:e8:af:9c:5c:0c:78:43:aa:77:60:b9:e0:
90:fc:39:b0
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYVuCt1ePiHK3BpZmYdjaUcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjMwMTAxMTU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGI5Zjc1OTQ1NDc0OWJjZGFmZDhkYTUwYmJhY2M4N2IxYjY1OWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKUyzjPvwNK9rT/rLvYpLt9Q6k0W
/94VpxKQV6CfuTMmCdFSqkSa9njuhkxsZTe39C66i+L59sbzvlab15NjV6uIcWLq
leS6xWkZamrsPh3g5GQmdyDKGi7kE8Zr4ybhG9fdtw6Q/ji3RilcieYhR0FlCbMw
WI6TaWoMenq8Tz/OAupwmr/RgFDv7dtpo99lM21Gi/7noXhbSU7PKHZR2hwyTUO+
8A6RcPNMyA8fXnSjTnwbtNb173yScj4BEkdGga7/aXMGpG2tu+afvtED2b1VYsTD
BtU/wzpdJlwPbIxmEHkjxRAjFwqlllMbBIKxloeRwn9OuW0gNY1l2W0u/QIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFDC591lFR0m82v2NpQu6zIextln0MB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvTUxuM1dVVkhTYnphX1kybEM3ck1oN0cyV2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYjAMAwQAHw4d
AwQAHw4eAwQALmZmAwQAUND/AwQAXrGFAwQCZ8UIAwQAsp1fAwQCuQsQAwQCuSRw
AwQCubp0AwQCuc/wAwQAw7X+AwQAw8D8AwQC1Gc0AwQA1O3+AwQA2T3/MA0EAgAC
MAcDBQAqA09AMA0GCSqGSIb3DQEBCwUAA4IBAQAHcfF6hNyuA6kw091/674lSHFj
CJ+qO4vmthdM91BAjEMMAwCh8f92Uxlz8p3oxS7xPkavMDgP1TqyjH1ztFUq32/9
WukQsStZ8ARtRuGYUJkSHkl8jzXy1NpVO4Rqr3CKJi9xpMn/oBmlLlJgmJtA8tgM
LYtE3Dr7AbAM3XngE2ntlJvQj/9a06mpOg9PFv6PSL1GWvN0Uxb+ZlWZYYa/UmLP
utpSjYIFSJJJ60p6rVaGCIvPmKyGDeZghiujUPGgT/pnZZ5rQ5jAZlPSpT8NTUX6
6WtVOw9lK/vP66COmouJN+FyLVYHHFZnS4LvQ1Tor5xcDHhDqndgueCQ/Dmw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:59 2023 by rpki-client on console-fra.rpki-client.org