Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/0qYlseZRSirG3A6QDw_FohylyXI.roa
File: 0qYlseZRSirG3A6QDw_FohylyXI.roa (raw, json)
Hash identifier: zEfmPEGYBYbChPiEfh3/oavBNL+qToq7Ye0vAzdkDJg=
Subject key identifier: D2:A6:25:B1:E6:51:4A:2A:C6:DC:0E:90:0F:0F:C5:A2:1C:A5:C9:72
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 0186703660C1DFFA1AB0DC27E95155A078A9
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/0qYlseZRSirG3A6QDw_FohylyXI.roa
Signing time: Mon 20 Feb 2023 19:04:17 +0000
ROA not before: Mon 20 Feb 2023 19:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
77.240.38.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/24 maxlen: 24
91.215.136.0/23 maxlen: 24
91.215.139.0/24 maxlen: 32
185.4.180.0/22 maxlen: 24
195.210.46.0/23 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
91.201.214.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:36:60:c1:df:fa:1a:b0:dc:27:e9:51:55:a0:78:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Feb 20 19:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a625b1e6514a2ac6dc0e900f0fc5a21ca5c972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:14:1c:de:a3:33:a6:b1:9a:1c:a3:5d:e9:6e:
22:c0:98:bb:42:b1:52:56:76:e1:4b:42:b3:f7:6d:
d0:54:d9:e5:c0:74:f3:84:93:83:5d:c3:58:75:99:
ad:59:5a:1b:58:63:85:27:5b:06:58:49:77:13:03:
c7:1d:6b:0f:7c:b3:59:f6:d9:0c:83:40:64:47:5c:
9d:c2:63:db:c9:14:08:90:0e:e4:74:2a:24:ae:39:
19:e9:75:ad:4c:35:c2:96:de:5e:15:85:30:64:fa:
1a:81:a4:b2:0c:f3:86:78:03:4e:19:f6:8c:4c:f4:
50:7e:83:aa:d9:92:82:71:2e:10:a6:40:27:28:7c:
9b:68:f3:18:d8:da:00:d4:16:54:4d:bc:0e:c5:f8:
bd:c8:e6:bf:37:f1:ba:70:1d:3c:32:9b:66:e1:24:
66:f9:fb:f6:d8:1a:eb:8f:3a:e0:38:f4:69:12:4c:
db:65:a3:8a:b4:6b:5c:77:33:00:cb:b0:38:af:bb:
4f:9c:c7:45:ca:59:c1:7e:ff:cf:48:7f:cc:4e:36:
b7:db:d6:d9:1b:98:06:df:2e:11:bc:3f:64:af:a9:
71:e6:eb:83:b0:26:be:7e:8e:f8:2d:0e:ba:40:8e:
e8:a0:57:db:c2:6a:fc:aa:21:ca:aa:04:e8:14:64:
38:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A6:25:B1:E6:51:4A:2A:C6:DC:0E:90:0F:0F:C5:A2:1C:A5:C9:72
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/0qYlseZRSirG3A6QDw_FohylyXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/23
91.215.139.0/24
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:cd:1f:77:be:ac:c4:4f:99:42:df:0a:39:08:9f:ba:53:ac:
8d:bc:9d:eb:55:22:53:79:c7:56:49:c9:c4:30:4a:95:56:4b:
69:e1:e1:c0:d5:c9:56:55:cd:6f:f9:80:3d:c3:1b:d8:46:dd:
62:a5:da:59:e1:e2:af:2a:77:e0:ec:9e:88:f3:2a:6a:e3:1f:
3c:2a:d7:a8:c0:58:4f:3a:92:85:de:df:55:56:67:dc:8d:fa:
af:e0:da:8e:8e:ae:f3:6a:fd:bc:03:13:3c:32:5f:ba:3e:8f:
e1:b5:59:32:16:4e:61:25:01:7c:d3:eb:7e:5b:1a:8e:25:93:
d6:ab:28:5c:ea:69:34:8c:35:2e:97:64:80:16:6e:c7:f3:ab:
ff:a9:f1:e1:ef:b4:1c:68:b0:1a:63:ba:fa:66:35:bc:67:78:
8d:4a:15:dd:b6:28:a4:4f:83:cd:56:0d:02:ca:c5:61:3c:62:
97:89:9c:74:73:8c:e1:fc:8f:b7:10:10:5f:bf:64:a3:a9:84:
a2:62:06:d4:49:0a:da:1f:7b:71:fa:f0:3a:1a:f3:ba:d3:b3:
dd:7c:37:9c:19:6c:11:69:32:cc:5a:f5:a8:4b:09:ff:4c:02:
b7:fb:6e:06:88:19:9e:90:0a:e0:df:9b:3d:2e:9e:f5:f7:e9:
ca:b8:ee:20
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYZwNmDB3/oasNwn6VFVoHipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMwMjIwMTkwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE2MjViMWU2NTE0YTJhYzZkYzBlOTAwZjBmYzVhMjFjYTVjOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhQc3qMzprGaHKNd6W4iwJi7QrFS
VnbhS0Kz923QVNnlwHTzhJODXcNYdZmtWVobWGOFJ1sGWEl3EwPHHWsPfLNZ9tkM
g0BkR1ydwmPbyRQIkA7kdCokrjkZ6XWtTDXClt5eFYUwZPoagaSyDPOGeANOGfaM
TPRQfoOq2ZKCcS4QpkAnKHybaPMY2NoA1BZUTbwOxfi9yOa/N/G6cB08Mptm4SRm
+fv22BrrjzrgOPRpEkzbZaOKtGtcdzMAy7A4r7tPnMdFylnBfv/PSH/MTja329bZ
G5gG3y4RvD9kr6lx5uuDsCa+fo74LQ66QI7ooFfbwmr8qiHKqgToFGQ41wIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNKmJbHmUUoqxtwOkA8PxaIcpclyMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvMHFZbHNlWlJTaXJHM0E2UUR3X0ZvaHlseVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQBTfAm
AwQBTihsAwQCWdsgAwQBW8nWAwQBW9eIAwQAW9eLAwQDXveAAwQCbelsAwQCuQS0
AwQCuRZAAwQBuSPeAwQCuWZIAwQCuZIAAwQCwidAAwQBwm42AwQDwzHQAwQBw12Y
AwQBw9IuMA0EAgACMAcDBQAqAF2gMA0GCSqGSIb3DQEBCwUAA4IBAQB8zR93vqzE
T5lC3wo5CJ+6U6yNvJ3rVSJTecdWScnEMEqVVktp4eHA1clWVc1v+YA9wxvYRt1i
pdpZ4eKvKnfg7J6I8ypq4x88KteowFhPOpKF3t9VVmfcjfqv4NqOjq7zav28AxM8
Ml+6Po/htVkyFk5hJQF80+t+WxqOJZPWqyhc6mk0jDUul2SAFm7H86v/qfHh77Qc
aLAaY7r6ZjW8Z3iNShXdtiikT4PNVg0CysVhPGKXiZx0c4zh/I+3EBBfv2SjqYSi
YgbUSQraH3tx+vA6GvO607PdfDecGWwRaTLMWvWoSwn/TAK3+24GiBmekArg35s9
Lp719+nKuO4g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:05 2023 by rpki-client on console-fra.rpki-client.org