Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Mx8TKwRm0nlNVm7OnnziMlfcCeY.roa
File: Mx8TKwRm0nlNVm7OnnziMlfcCeY.roa (raw, json)
Hash identifier: FRMaT9AsdAJ5tXWuvmfsc9oHZxz1tOTKdsW0zE/faPk=
Subject key identifier: 33:1F:13:2B:04:66:D2:79:4D:56:6E:CE:9E:7C:E2:32:57:DC:09:E6
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 0188435DF6AB4914D41F8A92B7813E470999
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Mx8TKwRm0nlNVm7OnnziMlfcCeY.roa
Signing time: Mon 22 May 2023 12:10:11 +0000
ROA not before: Mon 22 May 2023 12:10:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49571
IP address blocks: 188.72.15.0/24 maxlen: 24
188.72.16.0/24 maxlen: 24
188.72.12.0/24 maxlen: 24
188.72.17.0/24 maxlen: 24
188.72.21.0/24 maxlen: 24
188.72.22.0/24 maxlen: 24
188.72.18.0/24 maxlen: 24
188.72.30.0/24 maxlen: 24
188.72.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:5d:f6:ab:49:14:d4:1f:8a:92:b7:81:3e:47:09:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: May 22 12:10:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=331f132b0466d2794d566ece9e7ce23257dc09e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:e9:11:20:d2:3b:a8:ba:91:a8:dc:4d:dd:
5c:d1:46:b0:34:64:57:ad:64:79:60:42:2d:f5:1e:
44:a2:e1:44:64:38:0d:c2:4e:84:09:8b:56:31:d9:
b8:bd:5a:7e:52:86:49:58:b8:8b:06:a1:0d:83:74:
b0:92:4e:8b:c8:4d:62:9e:4f:29:7e:56:94:ca:21:
16:04:81:37:a2:98:43:80:86:27:7f:0f:dc:fe:50:
cc:2f:a0:47:4e:7e:88:01:57:43:fe:5d:5f:5b:c3:
0a:85:61:06:4b:79:5d:44:f1:3b:f9:bf:0c:e9:d2:
31:79:6a:2b:c0:a9:47:2c:5a:8d:8e:17:09:9b:3c:
38:46:b2:c5:84:f2:3b:e9:aa:dd:88:69:25:08:46:
3c:89:73:2d:91:74:ec:94:e8:1f:c7:9a:63:68:e3:
2e:59:45:ff:cf:d5:99:81:9c:8e:04:ad:26:71:64:
e3:b6:f4:8b:29:e2:c5:0a:2b:d7:ce:86:b2:e1:ab:
18:85:5d:b9:59:f8:95:7f:5b:f5:d8:ab:8b:bf:4b:
83:f6:31:a2:4d:0c:07:cf:d2:ab:bc:b4:7e:42:eb:
9a:cc:c5:29:1e:da:02:38:22:e1:62:fb:70:e5:3b:
78:b8:63:e2:a0:9b:5c:6a:41:9f:ee:39:00:e4:2e:
fb:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1F:13:2B:04:66:D2:79:4D:56:6E:CE:9E:7C:E2:32:57:DC:09:E6
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Mx8TKwRm0nlNVm7OnnziMlfcCeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.12.0/24
188.72.15.0-188.72.18.255
188.72.21.0-188.72.22.255
188.72.30.0/23
Signature Algorithm: sha256WithRSAEncryption
61:2e:e1:6c:96:c4:c6:36:b1:2f:ec:46:a3:05:07:e8:af:86:
ce:0a:78:34:db:6c:71:79:f7:ec:27:91:6c:d4:cd:08:35:0b:
a7:05:3a:2a:05:ac:db:15:7d:05:48:82:4f:a0:a1:e7:d0:83:
c9:e8:a5:9e:d6:7b:3d:29:b0:d0:25:8c:bc:6e:49:f3:ef:d8:
09:a1:76:d1:e0:94:bc:4e:7d:51:6d:1a:98:80:23:0a:78:0b:
ab:23:78:1b:3c:d9:1b:e6:a8:08:5a:ca:26:ac:7b:0d:b8:21:
00:7e:5f:e3:2e:61:61:dc:88:14:3a:16:34:d6:a3:80:e3:c2:
ff:75:0b:f8:c0:f3:07:f0:b3:8e:74:3a:22:01:8d:f6:e2:15:
60:74:77:ad:67:ee:7b:65:e0:2b:5f:ad:36:59:57:5f:69:7e:
3c:5e:cb:ee:95:6e:6a:8d:4c:a0:aa:71:27:d6:ad:8d:fc:50:
59:5b:ac:79:b5:dc:28:12:ae:54:62:bf:ac:22:53:3f:cc:f4:
c4:98:57:68:36:d8:1a:56:e0:56:8c:dd:34:d1:24:69:5d:b0:
6b:6e:d4:4d:b0:8a:5c:c8:e6:39:be:db:a3:ec:ac:29:e0:98:
1a:f1:33:76:6a:9b:8c:ef:fa:93:f4:cf:07:12:02:67:e3:2f:
fd:b7:16:fb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYhDXfarSRTUH4qSt4E+RwmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwNTIyMTIxMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFmMTMyYjA0NjZkMjc5NGQ1NjZlY2U5ZTdjZTIzMjU3ZGMwOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyrpESDSO6i6kajcTd1c0UawNGRX
rWR5YEIt9R5EouFEZDgNwk6ECYtWMdm4vVp+UoZJWLiLBqENg3Swkk6LyE1ink8p
flaUyiEWBIE3ophDgIYnfw/c/lDML6BHTn6IAVdD/l1fW8MKhWEGS3ldRPE7+b8M
6dIxeWorwKlHLFqNjhcJmzw4RrLFhPI76ardiGklCEY8iXMtkXTslOgfx5pjaOMu
WUX/z9WZgZyOBK0mcWTjtvSLKeLFCivXzoay4asYhV25WfiVf1v12KuLv0uD9jGi
TQwHz9KrvLR+QuuazMUpHtoCOCLhYvtw5Tt4uGPioJtcakGf7jkA5C77EwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDMfEysEZtJ5TVZuzp584jJX3AnmMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvTXg4VEt3Um0wbmxOVm03T25uemlNbGZjQ2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAvEgMMAwD
BAC8SA8DBAC8SBIwDAMEALxIFQMEALxIFgMEAbxIHjANBgkqhkiG9w0BAQsFAAOC
AQEAYS7hbJbExjaxL+xGowUH6K+Gzgp4NNtscXn37CeRbNTNCDULpwU6KgWs2xV9
BUiCT6Ch59CDyeilntZ7PSmw0CWMvG5J8+/YCaF20eCUvE59UW0amIAjCngLqyN4
GzzZG+aoCFrKJqx7DbghAH5f4y5hYdyIFDoWNNajgOPC/3UL+MDzB/CzjnQ6IgGN
9uIVYHR3rWfue2XgK1+tNllXX2l+PF7L7pVuao1MoKpxJ9atjfxQWVusebXcKBKu
VGK/rCJTP8z0xJhXaDbYGlbgVozdNNEkaV2wa27UTbCKXMjmOb7bo+ysKeCYGvEz
dmqbjO/6k/TPBxICZ+Mv/bcW+w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:53 2024 by rpki-client on console.sobornost.net