Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3y47qZM15exSCkHSsU01_aVnHmA.roa
File: 3y47qZM15exSCkHSsU01_aVnHmA.roa (raw, json)
Hash identifier: Uuz+EHbQb+LiN+4xJ7l+fL3/y+gj3mpugaai58sFWG4=
Subject key identifier: DF:2E:3B:A9:93:35:E5:EC:52:0A:41:D2:B1:4D:35:FD:A5:67:1E:60
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018BB4D116EE58CEDF77157AC8EF25F18866
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3y47qZM15exSCkHSsU01_aVnHmA.roa
Signing time: Thu 09 Nov 2023 16:01:23 +0000
ROA not before: Thu 09 Nov 2023 16:01:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.92.0/24 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.93.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/24 maxlen: 24
195.49.209.0/24 maxlen: 24
195.49.210.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
109.233.108.0/22 maxlen: 32
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
77.240.38.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.139.0/24 maxlen: 32
185.4.180.0/22 maxlen: 24
195.210.46.0/23 maxlen: 24
91.201.214.0/23 maxlen: 24
185.22.64.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:d1:16:ee:58:ce:df:77:15:7a:c8:ef:25:f1:88:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Nov 9 16:01:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2e3ba99335e5ec520a41d2b14d35fda5671e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:54:50:50:3c:74:b0:e9:d6:9f:0e:f8:41:
5f:1f:9f:89:ff:50:9f:11:a1:68:21:b2:34:e2:ad:
85:5e:e8:5f:9b:7d:b3:5f:bf:00:37:3d:1b:8e:9c:
0b:89:67:ea:2d:68:4f:aa:ff:18:40:d6:a7:6a:06:
c9:8d:0c:b8:b3:ef:fc:7c:9d:2e:1d:d0:30:11:60:
ad:be:67:29:2f:cd:26:f7:b1:f7:49:3c:b1:f1:0c:
ec:dd:9b:27:27:fb:76:11:69:29:f9:3d:58:65:6d:
fa:55:d1:db:83:98:34:d9:54:ba:2c:11:d1:3b:99:
09:93:e8:d1:77:53:82:00:bd:05:49:be:e2:a7:aa:
fb:a1:5b:1f:62:a7:44:38:90:39:94:32:27:4a:08:
55:03:b8:3d:67:b1:af:01:f6:89:f4:4b:60:52:a1:
3e:2c:1d:8f:cd:c6:c9:f4:d7:e9:e3:52:84:d5:e1:
37:e2:bf:5e:f9:4a:19:0a:63:6f:22:22:46:f3:f8:
09:85:36:73:9c:97:f9:1b:cd:31:8d:15:12:39:0c:
81:c6:59:3f:6f:98:76:02:8d:2b:71:8d:3a:2e:87:
a2:84:1f:ed:5b:2e:30:82:94:61:1b:23:c4:90:68:
bb:23:e8:e2:02:1a:21:c4:21:7a:d7:69:f6:0d:cc:
34:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2E:3B:A9:93:35:E5:EC:52:0A:41:D2:B1:4D:35:FD:A5:67:1E:60
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3y47qZM15exSCkHSsU01_aVnHmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.209.0-195.49.215.255
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
11:ea:29:b6:11:91:78:9d:d3:fd:62:e6:4e:59:81:f5:f2:69:
80:bd:c5:81:67:de:59:61:dd:fe:f4:65:02:19:d9:89:42:be:
b3:72:af:a2:4f:7d:68:4b:10:7e:25:de:bc:c1:bf:d5:e4:00:
b1:39:9c:36:91:a5:bb:87:95:56:ae:ed:b2:84:3c:4e:71:48:
d2:a2:db:30:b2:71:2b:35:eb:19:d3:11:d6:91:e6:66:62:46:
ed:9c:01:9a:34:d8:48:43:7f:9d:ab:a7:40:b6:04:d4:fa:64:
e3:5c:da:fb:a6:a7:58:d1:d5:d9:59:70:9b:37:be:42:52:f5:
df:f4:d1:e2:21:1f:43:3d:5d:c9:0c:7c:59:92:4d:03:b3:dd:
9c:3a:33:22:9d:80:b6:c3:7e:0c:39:a1:fc:54:83:ad:36:66:
fa:78:85:01:36:13:a0:62:76:19:c2:a1:63:fc:c8:80:fd:33:
b7:58:f1:c4:ed:39:67:95:07:34:3e:a4:5e:22:c1:f3:7a:a8:
8c:e6:75:bb:c7:29:1b:20:36:fd:f4:65:7c:56:39:a6:fd:ae:
e7:41:7b:37:7a:8f:81:da:0b:1c:80:28:fe:77:7c:51:57:9a:
73:f4:92:1d:97:f6:47:20:46:24:f9:1d:c3:a2:b7:86:92:b2:
4b:90:6b:0b
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYu00RbuWM7fdxV6yO8l8YhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMxMTA5MTYwMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJlM2JhOTkzMzVlNWVjNTIwYTQxZDJiMTRkMzVmZGE1NjcxZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyBUUFA8dLDp1p8O+EFfH5+J/1Cf
EaFoIbI04q2FXuhfm32zX78ANz0bjpwLiWfqLWhPqv8YQNanagbJjQy4s+/8fJ0u
HdAwEWCtvmcpL80m97H3STyx8Qzs3ZsnJ/t2EWkp+T1YZW36VdHbg5g02VS6LBHR
O5kJk+jRd1OCAL0FSb7ip6r7oVsfYqdEOJA5lDInSghVA7g9Z7GvAfaJ9EtgUqE+
LB2PzcbJ9Nfp41KE1eE34r9e+UoZCmNvIiJG8/gJhTZznJf5G80xjRUSOQyBxlk/
b5h2Ao0rcY06LoeihB/tWy4wgpRhGyPEkGi7I+jiAhohxCF612n2Dcw0hwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFN8uO6mTNeXsUgpB0rFNNf2lZx5gMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvM3k0N3FaTTE1ZXhTQ2tIU3NVMDFfYVZuSG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAFN
8CYDBAFN81ADBAFOKGwDBAJZ2yADBAJbk1wDBAJbk2gDBAFbydYDBAJb14gDBANe
94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5ZkgDBAK5kgADBALCJ0ADBAHC
bjYwDAMEAMMx0QMEA8Mx0AMEAcNdmAMEAcPSLjANBAIAAjAHAwUAKgBdoDANBgkq
hkiG9w0BAQsFAAOCAQEAEeopthGReJ3T/WLmTlmB9fJpgL3FgWfeWWHd/vRlAhnZ
iUK+s3Kvok99aEsQfiXevMG/1eQAsTmcNpGlu4eVVq7tsoQ8TnFI0qLbMLJxKzXr
GdMR1pHmZmJG7ZwBmjTYSEN/naunQLYE1Ppk41za+6anWNHV2Vlwmze+QlL13/TR
4iEfQz1dyQx8WZJNA7PdnDozIp2AtsN+DDmh/FSDrTZm+niFATYToGJ2GcKhY/zI
gP0zt1jxxO05Z5UHND6kXiLB83qojOZ1u8cpGyA2/fRlfFY5pv2u50F7N3qPgdoL
HIAo/nd8UVeac/SSHZf2RyBGJPkdw6K3hpKyS5BrCw==
-----END CERTIFICATE-----
Generated at Sun Nov 26 13:52:57 2023 by rpki-client on console-fra.rpki-client.org