Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/9BfMR4tNHU15TH2lzDYnHab9TVk.roa
File: 9BfMR4tNHU15TH2lzDYnHab9TVk.roa (raw, json)
Hash identifier: QAO1EzSP5aygwxNIp5NAQYtHCVNFXEHRAiOZzxyEy4k=
Subject key identifier: F4:17:CC:47:8B:4D:1D:4D:79:4C:7D:A5:CC:36:27:1D:A6:FD:4D:59
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018A88952548271ED7D8B72C2A9139C35A15
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/9BfMR4tNHU15TH2lzDYnHab9TVk.roa
Signing time: Tue 12 Sep 2023 08:49:50 +0000
ROA not before: Tue 12 Sep 2023 08:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
85.254.58.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:95:25:48:27:1e:d7:d8:b7:2c:2a:91:39:c3:5a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 12 08:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f417cc478b4d1d4d794c7da5cc36271da6fd4d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7d:28:d6:12:60:37:45:93:fe:cc:ba:79:3b:
d7:31:8e:e8:a7:31:3d:28:5b:6c:41:37:71:6a:9e:
f3:43:0b:c7:a7:f2:8b:0c:50:ee:45:31:88:f9:6d:
16:0b:17:4a:a0:5f:91:bd:30:91:f0:4d:7e:08:44:
e6:7a:ef:c8:4d:dc:dc:a3:e4:50:ce:66:84:12:b3:
f1:36:82:70:24:90:dd:58:f9:56:c0:28:48:64:93:
20:c1:81:24:bf:f3:cd:f3:f5:7d:00:10:26:b8:16:
eb:35:01:db:09:c6:4f:7c:6e:0e:54:c1:c2:89:44:
16:b2:18:f3:7b:c4:ec:7c:68:48:14:ff:9d:75:e2:
48:e1:71:e8:95:9c:e5:31:79:d8:fa:66:e7:af:b9:
5b:cb:91:5a:f4:4b:9c:93:bc:9d:4e:5e:88:39:90:
b4:fc:d2:0f:36:d7:2b:ad:85:4d:e0:0f:ed:91:dd:
f7:7f:93:a3:e0:bf:af:85:66:05:59:9f:3d:79:f7:
46:87:89:cd:db:1d:7c:35:47:11:e5:63:25:73:e3:
5a:36:56:d1:37:1c:a0:60:6c:a4:79:af:26:1a:b3:
92:6e:1e:db:e2:34:88:96:1f:fa:4a:3f:d2:bb:e6:
46:b9:dc:7c:bb:66:61:9d:5a:e5:94:51:f6:9b:1b:
13:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:17:CC:47:8B:4D:1D:4D:79:4C:7D:A5:CC:36:27:1D:A6:FD:4D:59
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/9BfMR4tNHU15TH2lzDYnHab9TVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
ae:60:68:bc:66:7d:be:f4:bc:27:1c:f5:37:dc:28:70:d4:01:
63:ba:90:3e:b5:14:83:5f:e6:6a:cc:fc:f5:9c:fd:56:a7:06:
27:11:43:07:33:94:e9:60:13:8a:6f:1d:0d:9c:de:ec:c4:53:
48:77:9a:89:c8:3a:53:a7:b0:27:07:7f:9f:19:6d:d1:2f:2d:
53:10:e6:5d:bc:00:e4:68:ab:85:93:ed:bf:89:08:c6:41:fe:
b6:ce:bc:19:0c:2d:06:57:e9:61:2b:2b:98:5a:fb:53:66:07:
48:ee:dd:b3:86:10:ac:d1:5d:45:f3:95:a5:ab:b1:da:e6:eb:
76:87:65:db:fe:4e:a0:00:fd:59:a4:0e:05:fc:9e:7b:17:b2:
f6:50:75:07:41:5c:6a:e1:10:c3:1f:ba:30:96:2f:24:71:2e:
a5:84:fd:37:ec:b3:9b:d2:49:a5:54:a2:36:f7:d4:a2:9f:88:
90:f2:da:a4:10:a1:af:df:36:fc:2a:f3:5c:49:91:26:31:42:
f0:1d:7c:d8:40:22:27:d6:78:1c:0f:1d:01:2d:ed:bf:36:a8:
58:b3:63:ae:9d:86:05:e0:f1:a4:f4:97:35:24:eb:8e:e1:ba:
05:aa:36:7a:61:80:65:22:49:63:1b:3d:dd:a3:24:7c:d5:81:
e4:b0:22:7e
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYqIlSVIJx7X2LcsKpE5w1oVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwOTEyMDg0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDE3Y2M0NzhiNGQxZDRkNzk0YzdkYTVjYzM2MjcxZGE2ZmQ0ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx30o1hJgN0WT/sy6eTvXMY7opzE9
KFtsQTdxap7zQwvHp/KLDFDuRTGI+W0WCxdKoF+RvTCR8E1+CETmeu/ITdzco+RQ
zmaEErPxNoJwJJDdWPlWwChIZJMgwYEkv/PN8/V9ABAmuBbrNQHbCcZPfG4OVMHC
iUQWshjze8TsfGhIFP+ddeJI4XHolZzlMXnY+mbnr7lby5Fa9Euck7ydTl6IOZC0
/NIPNtcrrYVN4A/tkd33f5Oj4L+vhWYFWZ89efdGh4nN2x18NUcR5WMlc+NaNlbR
NxygYGykea8mGrOSbh7b4jSIlh/6Sj/Su+ZGudx8u2ZhnVrllFH2mxsTRwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPQXzEeLTR1NeUx9pcw2Jx2m/U1ZMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvOUJmTVI0dE5IVTE1VEgybHpEWW5IYWI5VFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCuYGi8Zn2+9LwnHPU33Chw1AFjupA+tRSDX+ZqzPz1nP1WpwYnEUMHM5TpYBOK
bx0NnN7sxFNId5qJyDpTp7AnB3+fGW3RLy1TEOZdvADkaKuFk+2/iQjGQf62zrwZ
DC0GV+lhKyuYWvtTZgdI7t2zhhCs0V1F85Wlq7Ha5ut2h2Xb/k6gAP1ZpA4F/J57
F7L2UHUHQVxq4RDDH7owli8kcS6lhP037LOb0kmlVKI299Sin4iQ8tqkEKGv3zb8
KvNcSZEmMULwHXzYQCIn1ngcDx0BLe2/NqhYs2OunYYF4PGk9Jc1JOuO4boFqjZ6
YYBlIkljGz3doyR81YHksCJ+
-----END CERTIFICATE-----
Generated at Tue Sep 19 10:03:58 2023 by rpki-client on console-ams.rpki-client.org