Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/CCofLse3SwVdavk3ds8dFsNjDmY.roa
File: CCofLse3SwVdavk3ds8dFsNjDmY.roa (raw, json)
Hash identifier: 1e3CkZ583uiEWxWuVnYGFLBF8tauP0OIH5MFcyaTEpo=
Subject key identifier: 08:2A:1F:2E:C7:B7:4B:05:5D:6A:F9:37:76:CF:1D:16:C3:63:0E:66
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 01856BC1010310E0BB84A02B07E156CF4C74
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/CCofLse3SwVdavk3ds8dFsNjDmY.roa
Signing time: Sun 01 Jan 2023 05:14:48 +0000
ROA not before: Sun 01 Jan 2023 05:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48716
IP address blocks: 185.146.0.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.102.72.0/22 maxlen: 24
78.40.108.0/23 maxlen: 24
195.93.152.0/23 maxlen: 24
195.49.208.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
77.240.38.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
194.110.54.0/23 maxlen: 24
94.247.128.0/21 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.136.0/23 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.139.0/24 maxlen: 32
195.210.46.0/23 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
185.35.222.0/23 maxlen: 24
194.39.67.0/24 maxlen: 24
194.39.66.0/24 maxlen: 24
91.201.214.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:01:03:10:e0:bb:84:a0:2b:07:e1:56:cf:4c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 1 05:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=082a1f2ec7b74b055d6af93776cf1d16c3630e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f9:96:ae:3a:f9:84:16:b9:11:ee:d4:09:da:
cf:6f:12:fa:21:f2:eb:c0:5f:e9:60:e7:3e:05:77:
b3:81:56:c8:a1:6d:65:2d:1c:83:07:95:18:78:88:
0d:dc:c0:51:25:3d:a4:5f:16:5a:71:73:4c:a1:05:
e2:e2:10:70:37:89:06:97:a4:14:34:ba:87:37:43:
93:46:09:ea:b3:ed:7c:72:15:d8:83:76:73:c4:f6:
c8:83:19:58:b4:b9:6c:db:9f:b9:27:b3:b5:59:12:
63:73:8f:52:b7:90:32:38:67:d0:5f:20:21:da:fc:
33:7f:c7:b6:e8:17:89:e9:c0:76:94:30:97:27:b3:
dc:22:5f:27:47:82:c4:8e:0f:f1:a0:71:3c:cd:fd:
12:09:82:89:a9:aa:43:11:a5:aa:25:58:9d:a7:0f:
ec:ee:cd:d3:03:3a:20:e6:4e:8c:20:74:ee:ec:63:
91:1b:30:e4:d1:7b:63:42:9a:70:5f:62:d7:1a:2a:
9b:30:8e:a1:41:4f:c4:ac:37:6d:c5:12:cb:b3:8f:
f0:83:f8:55:b2:ad:ca:75:4f:e3:6f:c9:43:f4:24:
87:41:35:0f:9c:8f:3d:32:92:01:24:f5:9e:0e:30:
77:5e:bf:f4:85:d8:ab:1c:32:b1:d5:e2:6d:76:80:
54:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2A:1F:2E:C7:B7:4B:05:5D:6A:F9:37:76:CF:1D:16:C3:63:0E:66
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/CCofLse3SwVdavk3ds8dFsNjDmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
78.40.108.0/23
89.219.32.0/22
91.201.214.0/23
91.215.136.0/23
91.215.139.0/24
94.247.128.0/21
109.233.108.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:12:f6:11:84:7d:f8:d0:e1:1f:5f:4d:8f:97:c6:e7:d4:88:
04:1f:0c:74:f2:98:d2:b6:a3:9b:51:eb:fe:00:dc:ca:cd:b0:
a3:63:00:0d:a5:97:e0:35:fb:6b:e2:4c:44:de:e2:bc:4d:dd:
30:a0:bb:26:10:83:f0:dd:a3:74:4e:24:4c:ea:e3:de:7c:9b:
09:6d:48:f1:a7:56:27:1c:5f:f1:c4:fe:8e:81:32:d9:50:b0:
02:67:d3:c7:e4:ef:88:f4:06:c4:7c:52:17:e9:85:e0:68:4c:
11:05:a7:c8:bc:61:91:bb:7a:86:14:61:02:a6:c6:07:1d:84:
39:0f:aa:24:e3:fe:16:e7:9d:e5:0c:c6:13:5e:fb:1e:bc:1b:
69:b3:6a:93:3c:a9:30:df:1e:f5:62:f6:d8:f1:cc:3d:56:7f:
b8:e8:1a:b9:cd:d0:26:fe:80:b1:fb:e7:95:41:29:be:d6:1e:
f2:23:f9:e5:4b:33:f7:d3:d0:55:e2:a6:74:9f:5e:09:28:f2:
31:3a:3d:a4:0d:84:7a:8f:f3:d7:3b:44:2c:8c:27:70:2e:55:
21:5b:e5:4a:82:b9:3c:27:4a:94:66:34:70:b2:5d:3b:3d:b3:
3e:f3:b0:8f:54:87:4f:84:b7:b0:1c:61:7f:28:63:37:25:e8:
79:9d:e6:4e
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVrwQEDEOC7hKArB+FWz0x0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjMwMTAxMDUxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODJhMWYyZWM3Yjc0YjA1NWQ2YWY5Mzc3NmNmMWQxNmMzNjMwZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPmWrjr5hBa5Ee7UCdrPbxL6IfLr
wF/pYOc+BXezgVbIoW1lLRyDB5UYeIgN3MBRJT2kXxZacXNMoQXi4hBwN4kGl6QU
NLqHN0OTRgnqs+18chXYg3ZzxPbIgxlYtLls25+5J7O1WRJjc49St5AyOGfQXyAh
2vwzf8e26BeJ6cB2lDCXJ7PcIl8nR4LEjg/xoHE8zf0SCYKJqapDEaWqJVidpw/s
7s3TAzog5k6MIHTu7GORGzDk0XtjQppwX2LXGiqbMI6hQU/ErDdtxRLLs4/wg/hV
sq3KdU/jb8lD9CSHQTUPnI89MpIBJPWeDjB3Xr/0hdirHDKx1eJtdoBUSQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAgqHy7Ht0sFXWr5N3bPHRbDYw5mMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvQ0NvZkxzZTNTd1ZkYXZrM2RzOGRGc05qRG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAU3wJgME
AU4obAMEAlnbIAMEAVvJ1gMEAVvXiAMEAFvXiwMEA173gAMEAm3pbAMEArkWQAME
Abkj3gMEArlmSAMEArmSAAMEAsInQAMEAcJuNgMEA8Mx0AMEAcNdmAMEAcPSLjAN
BAIAAjAHAwUAKgBdoDANBgkqhkiG9w0BAQsFAAOCAQEAbRL2EYR9+NDhH19Nj5fG
59SIBB8MdPKY0rajm1Hr/gDcys2wo2MADaWX4DX7a+JMRN7ivE3dMKC7JhCD8N2j
dE4kTOrj3nybCW1I8adWJxxf8cT+joEy2VCwAmfTx+TviPQGxHxSF+mF4GhMEQWn
yLxhkbt6hhRhAqbGBx2EOQ+qJOP+Fued5QzGE177HrwbabNqkzypMN8e9WL22PHM
PVZ/uOgauc3QJv6AsfvnlUEpvtYe8iP55Usz99PQVeKmdJ9eCSjyMTo9pA2Eeo/z
1ztELIwncC5VIVvlSoK5PCdKlGY0cLJdOz2zPvOwj1SHT4S3sBxhfyhjNyXoeZ3m
Tg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:05 2023 by rpki-client on console-fra.rpki-client.org