Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/1-bFi6wjtVJ2_JYKGMuYItUeDfqY.roa
File: 1-bFi6wjtVJ2_JYKGMuYItUeDfqY.roa (raw, json)
Hash identifier: JGgjGSwtoOUFeqyDSve/blgvVDtVqowVn1xpyM2Hp6o=
Subject key identifier: F9:B1:62:EB:08:ED:54:9D:BF:25:82:86:32:E6:08:B5:47:83:7E:A6
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 01876FBECF06BBD1D25A2275FCC77B002A2A
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/1-bFi6wjtVJ2_JYKGMuYItUeDfqY.roa
Signing time: Tue 11 Apr 2023 09:56:28 +0000
ROA not before: Tue 11 Apr 2023 09:56:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
77.240.38.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.139.0/24 maxlen: 32
185.4.180.0/22 maxlen: 24
195.210.46.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
91.201.214.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:be:cf:06:bb:d1:d2:5a:22:75:fc:c7:7b:00:2a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Apr 11 09:56:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b162eb08ed549dbf25828632e608b547837ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d8:93:fd:f0:ff:6d:c5:d8:35:68:0b:ba:2f:
e2:ce:11:4a:26:0d:38:9f:14:65:4e:2f:d1:d6:f1:
9a:17:f5:3f:1b:5b:a0:e5:17:8a:e4:9c:2a:2e:ca:
63:eb:2e:41:a3:84:9f:c3:34:56:5d:98:f0:e7:32:
6f:74:15:df:cc:fd:08:b1:c4:f4:42:cb:ac:3f:30:
4b:70:a3:76:0a:3e:64:79:c3:a9:c8:87:61:17:a1:
84:a5:1e:4d:99:8c:ef:5a:2f:8e:6b:f9:29:2f:d2:
e7:d2:4a:03:39:a3:32:2c:e6:d2:ca:e9:b2:c8:90:
f9:30:87:91:d7:b0:e4:f6:74:c4:a5:26:df:8b:54:
4a:5d:12:36:a7:35:1e:8f:e4:0e:bf:99:d4:c8:b0:
8a:87:28:dd:b9:3a:31:3a:94:3e:39:37:9a:c8:44:
56:cc:b1:a8:1f:7c:97:53:9a:ba:6a:d4:96:49:7f:
6c:97:e5:93:59:b9:a8:3f:09:43:11:45:d0:3d:30:
1b:35:86:76:2b:72:84:d9:ed:65:4e:17:1c:c3:52:
cd:7e:55:71:7f:7e:5f:7d:be:c1:d4:84:f4:8a:08:
4a:50:12:fb:9b:44:f4:0e:7a:91:a5:77:52:f1:58:
6c:e3:c4:e4:1d:ce:ab:8a:65:f8:89:df:e9:25:88:
0c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B1:62:EB:08:ED:54:9D:BF:25:82:86:32:E6:08:B5:47:83:7E:A6
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/1-bFi6wjtVJ2_JYKGMuYItUeDfqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:22:c3:f1:f0:cb:85:7b:b1:22:0b:93:ff:d8:ed:dc:1c:da:
64:af:d5:41:32:54:e7:f1:4f:70:cd:4e:e8:71:35:54:53:31:
08:c5:7b:aa:7a:9c:9e:05:5e:cd:66:5d:3e:dc:a6:63:be:46:
9f:31:ee:a9:98:2f:81:99:1a:44:e6:28:60:0c:3c:28:23:61:
ee:83:bd:80:ff:30:60:41:a0:11:97:4d:49:13:83:76:93:52:
c7:86:94:08:00:84:b2:36:2e:72:97:7d:4f:a9:f8:9a:e9:97:
eb:2a:29:33:48:a3:48:48:28:6d:52:8c:17:e4:c5:3a:d3:55:
d5:6f:b7:fe:33:27:bd:31:7a:0a:64:6c:90:66:16:3a:5e:92:
aa:5b:b9:5e:aa:09:0c:ac:a4:e9:66:d4:b9:ac:09:0f:70:11:
aa:3b:e1:56:f1:67:d7:2d:77:32:38:6f:00:e3:b0:e1:a7:ae:
28:9d:4d:22:35:ee:50:40:04:f0:47:a9:6c:09:32:24:fd:88:
9c:6a:40:0a:fc:9a:95:e3:9e:e1:ec:05:33:cd:ba:7e:46:19:
68:c0:b0:b9:fa:bf:f1:73:21:96:4f:0c:08:1e:28:dd:41:6c:
0d:b6:73:ae:f4:4b:e0:39:3d:8e:84:25:d2:00:09:6d:13:da:
57:92:84:81
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgISAYdvvs8Gu9HSWiJ1/Md7ACoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMwNDExMDk1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWIxNjJlYjA4ZWQ1NDlkYmYyNTgyODYzMmU2MDhiNTQ3ODM3ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9iT/fD/bcXYNWgLui/izhFKJg04
nxRlTi/R1vGaF/U/G1ug5ReK5JwqLspj6y5Bo4SfwzRWXZjw5zJvdBXfzP0IscT0
QsusPzBLcKN2Cj5kecOpyIdhF6GEpR5NmYzvWi+Oa/kpL9Ln0koDOaMyLObSyumy
yJD5MIeR17Dk9nTEpSbfi1RKXRI2pzUej+QOv5nUyLCKhyjduToxOpQ+OTeayERW
zLGoH3yXU5q6atSWSX9sl+WTWbmoPwlDEUXQPTAbNYZ2K3KE2e1lThccw1LNflVx
f35ffb7B1IT0ighKUBL7m0T0DnqRpXdS8Vhs48TkHc6rimX4id/pJYgMRQIDAQAB
o4ICejCCAnYwHQYDVR0OBBYEFPmxYusI7VSdvyWChjLmCLVHg36mMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvMS1iRmk2d2p0VkoyX0pZS0dNdVlJdFVlRGZxWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWYvMzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIx
Ny8xL0dFZTFuU0hxTnJNR0w4cUF6blhCWVdyMUVaby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjgYIKwYBBQUHAQcBAf8EfzB9MGwEAgABMGYDBAFN8CYD
BAFOKGwDBAJZ2yADBAFbydYDBAJb14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkAD
BAG5I94DBAK5ZkgDBAK5kgADBALCJ0ADBAHCbjYDBAPDMdADBAHDXZgDBAHD0i4w
DQQCAAIwBwMFACoAXaAwDQYJKoZIhvcNAQELBQADggEBAD4iw/Hwy4V7sSILk//Y
7dwc2mSv1UEyVOfxT3DNTuhxNVRTMQjFe6p6nJ4FXs1mXT7cpmO+Rp8x7qmYL4GZ
GkTmKGAMPCgjYe6DvYD/MGBBoBGXTUkTg3aTUseGlAgAhLI2LnKXfU+p+Jrpl+sq
KTNIo0hIKG1SjBfkxTrTVdVvt/4zJ70xegpkbJBmFjpekqpbuV6qCQyspOlm1Lms
CQ9wEao74VbxZ9ctdzI4bwDjsOGnriidTSI17lBABPBHqWwJMiT9iJxqQAr8mpXj
nuHsBTPNun5GGWjAsLn6v/FzIZZPDAgeKN1BbA22c670S+A5PY6EJdIACW0T2leS
hIE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:52 2023 by rpki-client on console-ams.rpki-client.org