Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/MsHOwPwwdXd6_1NfOxHiBjhZvDc.roa
File: MsHOwPwwdXd6_1NfOxHiBjhZvDc.roa (raw, json)
Hash identifier: dGgiUjrWMfQBr+sd3LnHJdWQi95M9zNv0tX1Ymb00pg=
Subject key identifier: 32:C1:CE:C0:FC:30:75:77:7A:FF:53:5F:3B:11:E2:06:38:59:BC:37
Certificate issuer: /CN=c2f5fd3023055249f213d15cba000ca026bb6fa3
Certificate serial: 018571B9FA0680E8FB4B9CA5F82529363EE9
Authority key identifier: C2:F5:FD:30:23:05:52:49:F2:13:D1:5C:BA:00:0C:A0:26:BB:6F:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvX9MCMFUknyE9FcugAMoCa7b6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/MsHOwPwwdXd6_1NfOxHiBjhZvDc.roa
Signing time: Mon 02 Jan 2023 09:04:51 +0000
ROA not before: Mon 02 Jan 2023 09:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29479
IP address blocks: 109.233.56.0/24 maxlen: 24
109.233.58.0/24 maxlen: 24
109.233.57.0/24 maxlen: 24
109.233.63.0/24 maxlen: 24
109.233.59.0/24 maxlen: 24
109.233.62.0/24 maxlen: 24
109.233.61.0/24 maxlen: 24
109.233.60.0/24 maxlen: 24
2a01:8dc0:112::/48 maxlen: 48
2a01:8dc0:110::/48 maxlen: 48
2a01:8dc0:109::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b9:fa:06:80:e8:fb:4b:9c:a5:f8:25:29:36:3e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2f5fd3023055249f213d15cba000ca026bb6fa3
Validity
Not Before: Jan 2 09:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32c1cec0fc3075777aff535f3b11e2063859bc37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:49:72:24:d6:3d:68:27:38:68:6a:fd:72:1b:
d7:90:f0:d0:80:3d:13:8e:d3:7d:80:8b:ab:67:b9:
7c:a6:ac:53:b2:63:52:2c:e3:73:2c:1c:a3:66:1e:
1a:63:45:2f:78:a8:67:0d:46:e9:7c:88:77:4f:11:
4a:43:a6:d0:87:09:18:96:11:5f:55:01:7c:ae:8b:
82:16:cd:53:c2:72:0f:ae:c4:34:c3:cf:65:0d:8c:
ac:7e:d9:ef:df:1c:ec:71:b0:27:69:08:81:37:0a:
df:36:29:0c:60:21:89:30:b4:74:ca:f1:3e:d2:9d:
3c:88:bb:ce:ba:98:7a:52:95:78:9d:d9:c6:a8:5b:
4f:ee:c6:5a:3d:63:65:04:5c:f8:f9:e8:01:d3:e6:
6b:c5:61:af:16:21:cf:d7:20:8a:39:52:a1:80:71:
64:46:3d:e5:c9:1b:c2:03:9d:3f:98:44:70:d8:a8:
44:53:03:81:9f:c4:9e:36:d3:2d:b1:34:f0:92:8d:
b6:09:f3:c0:9a:4c:f5:e4:0c:5a:ee:26:eb:c7:89:
5e:72:80:3f:00:7b:8a:70:9f:cf:99:2c:c8:d3:44:
c8:79:cf:6a:77:b5:fe:b2:f1:a0:04:57:d4:0a:7c:
06:bd:0c:8a:4b:73:5e:6f:2e:44:c1:f1:fb:ef:6e:
0c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C1:CE:C0:FC:30:75:77:7A:FF:53:5F:3B:11:E2:06:38:59:BC:37
X509v3 Authority Key Identifier:
keyid:C2:F5:FD:30:23:05:52:49:F2:13:D1:5C:BA:00:0C:A0:26:BB:6F:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvX9MCMFUknyE9FcugAMoCa7b6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/MsHOwPwwdXd6_1NfOxHiBjhZvDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/cc02e1-8b36-42a3-b756-be3485706a7f/1/wvX9MCMFUknyE9FcugAMoCa7b6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.56.0/21
IPv6:
2a01:8dc0:109::/48
2a01:8dc0:110::/48
2a01:8dc0:112::/48
Signature Algorithm: sha256WithRSAEncryption
8c:58:89:b8:ee:19:52:1c:58:0b:ff:2f:01:53:7e:c5:11:8e:
26:52:28:0e:88:ab:08:c4:c9:10:6d:bc:d0:aa:ec:c3:20:69:
65:b3:d3:86:da:87:19:ce:fe:8b:58:a0:1b:5b:06:e0:d8:22:
a1:b6:03:8c:98:68:d6:bf:3b:13:56:4d:93:83:29:89:7f:bf:
bf:c0:b1:50:d2:d1:bb:0b:aa:b7:21:99:33:40:8b:86:68:58:
81:41:d8:ff:93:82:e3:57:1f:a2:31:26:de:b9:e1:49:ae:34:
32:08:94:09:d7:62:a6:95:57:b8:af:e1:68:ea:f0:35:76:50:
df:e1:0e:67:59:2a:3d:2a:f7:b9:52:cb:12:f4:44:61:b1:54:
ed:63:6d:86:b9:ac:f9:19:0d:9a:c9:fb:0a:02:82:4f:2c:00:
4f:08:96:1d:b9:59:d8:a6:48:13:d9:b6:c5:f8:b5:97:50:b1:
8c:c0:77:14:c2:d2:78:73:0c:ae:0c:7c:8c:f3:52:3f:e3:3d:
20:31:e1:4a:20:dc:27:b3:cc:c7:61:a2:bd:24:24:8d:05:99:
59:88:50:64:78:74:a7:e4:09:ec:53:a3:a6:0e:0f:60:fa:56:
7b:3a:7a:d4:5a:7e:41:4d:0d:b4:69:70:ae:d6:fb:74:94:03:
5b:4a:80:33
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVxufoGgOj7S5yl+CUpNj7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZjVmZDMwMjMwNTUyNDlmMjEzZDE1Y2JhMDAwY2EwMjZi
YjZmYTMwHhcNMjMwMTAyMDkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmMxY2VjMGZjMzA3NTc3N2FmZjUzNWYzYjExZTIwNjM4NTliYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0lyJNY9aCc4aGr9chvXkPDQgD0T
jtN9gIurZ7l8pqxTsmNSLONzLByjZh4aY0UveKhnDUbpfIh3TxFKQ6bQhwkYlhFf
VQF8rouCFs1TwnIPrsQ0w89lDYysftnv3xzscbAnaQiBNwrfNikMYCGJMLR0yvE+
0p08iLvOuph6UpV4ndnGqFtP7sZaPWNlBFz4+egB0+ZrxWGvFiHP1yCKOVKhgHFk
Rj3lyRvCA50/mERw2KhEUwOBn8SeNtMtsTTwko22CfPAmkz15Axa7ibrx4lecoA/
AHuKcJ/PmSzI00TIec9qd7X+svGgBFfUCnwGvQyKS3Neby5EwfH7724MRQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDLBzsD8MHV3ev9TXzsR4gY4Wbw3MB8GA1UdIwQY
MBaAFML1/TAjBVJJ8hPRXLoADKAmu2+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3ZYOU1DTUZVa255RTlGY3VnQU1vQ2E3YjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9jYzAyZTEtOGIzNi00MmEzLWI3NTYt
YmUzNDg1NzA2YTdmLzEvTXNIT3dQd3dkWGQ2XzFOZk94SGlCamhadkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9jYzAyZTEtOGIzNi00MmEzLWI3NTYtYmUzNDg1NzA2YTdm
LzEvd3ZYOU1DTUZVa255RTlGY3VnQU1vQ2E3YjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQDbek4MCEE
AgACMBsDBwAqAY3AAQkDBwAqAY3AARADBwAqAY3AARIwDQYJKoZIhvcNAQELBQAD
ggEBAIxYibjuGVIcWAv/LwFTfsURjiZSKA6IqwjEyRBtvNCq7MMgaWWz04bahxnO
/otYoBtbBuDYIqG2A4yYaNa/OxNWTZODKYl/v7/AsVDS0bsLqrchmTNAi4ZoWIFB
2P+TguNXH6IxJt654UmuNDIIlAnXYqaVV7iv4Wjq8DV2UN/hDmdZKj0q97lSyxL0
RGGxVO1jbYa5rPkZDZrJ+woCgk8sAE8Ilh25WdimSBPZtsX4tZdQsYzAdxTC0nhz
DK4MfIzzUj/jPSAx4Uog3CezzMdhor0kJI0FmVmIUGR4dKfkCexTo6YOD2D6Vns6
etRafkFNDbRpcK7W+3SUA1tKgDM=
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:29 2024 by rpki-client on console.sobornost.net