Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AVJ36fD46dDR-z2jf3Nv8j6KZts.roa
File: AVJ36fD46dDR-z2jf3Nv8j6KZts.roa (raw, json)
Hash identifier: DaF00rjgJnW91xJhiJH2e98TWmSH2u1a4uD145dEjSI=
Subject key identifier: 01:52:77:E9:F0:F8:E9:D0:D1:FB:3D:A3:7F:73:6F:F2:3E:8A:66:DB
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BD8543FC02D2F7326DDFC58A304401D68
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AVJ36fD46dDR-z2jf3Nv8j6KZts.roa
Signing time: Thu 16 Nov 2023 13:31:21 +0000
ROA not before: Thu 16 Nov 2023 13:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:54:3f:c0:2d:2f:73:26:dd:fc:58:a3:04:40:1d:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 16 13:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015277e9f0f8e9d0d1fb3da37f736ff23e8a66db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9c:24:58:b8:de:ca:a4:4c:9e:d5:21:36:e5:
cf:02:6d:5e:c6:48:1f:64:69:17:c0:d8:ba:12:38:
42:da:70:ca:0f:5a:3e:f3:83:ab:a4:e4:4e:b7:40:
3b:9d:a0:9d:68:06:5b:a6:83:6d:97:97:8f:ae:4c:
b7:e6:64:d8:b4:96:17:63:bf:0b:e2:ea:03:87:d1:
4b:42:ce:ce:5f:b8:c8:7f:74:b8:39:09:18:28:b6:
a3:90:8a:60:02:87:bb:94:ee:64:df:9f:56:d4:ec:
97:19:f0:a7:6b:53:b2:81:a7:aa:3e:1d:15:f7:3e:
c6:21:de:64:cc:c5:00:d8:15:7f:a7:93:69:00:c9:
24:8e:16:0e:c5:5c:fc:2f:91:f9:3f:37:af:57:eb:
ce:ce:97:37:ff:a4:d2:f0:87:a9:b2:e2:be:95:ad:
6a:85:5f:e5:85:9b:34:98:b3:91:f7:6e:06:fd:ec:
bb:a4:f3:66:96:3e:e8:81:fa:58:c4:05:aa:ee:0d:
be:0b:7d:de:bd:37:7f:9d:77:c9:cf:af:6f:0f:cf:
14:e1:e1:20:d3:80:2a:1b:8e:16:be:9a:3f:86:bb:
58:cd:35:26:3c:a7:ac:e6:0e:1f:66:c3:62:1e:e5:
03:35:db:08:d4:c8:bc:82:8e:20:3c:d5:81:fd:05:
fb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:52:77:E9:F0:F8:E9:D0:D1:FB:3D:A3:7F:73:6F:F2:3E:8A:66:DB
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AVJ36fD46dDR-z2jf3Nv8j6KZts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
6a:86:80:19:f3:d8:0b:aa:ae:51:43:a5:63:c9:ea:0e:a3:33:
f2:1f:d5:21:ec:66:f9:17:4f:85:c7:b4:61:aa:ba:2c:bb:78:
30:61:ce:1f:eb:f4:a6:18:a8:f6:12:ed:ba:aa:28:bd:87:f5:
31:f0:74:66:9d:70:fb:12:4b:42:09:49:a8:61:c5:59:60:62:
2f:d0:dc:20:bd:4f:d8:3a:df:bf:26:a8:dc:9e:20:93:d9:68:
11:44:35:ac:bd:b1:89:34:94:05:17:33:cd:4c:b5:ce:d6:9c:
69:ba:9b:53:53:31:e0:f9:35:a4:fd:f0:ed:ec:b4:55:fb:c5:
60:b7:8a:32:3f:44:f2:ea:70:9c:a8:02:a1:e4:89:45:5f:f7:
f3:2f:be:a8:e3:76:8a:71:60:f5:d5:a0:7c:9c:30:83:79:d4:
1a:ee:3a:dc:c2:e7:66:bf:59:16:be:0a:fe:be:b5:fa:26:04:
87:ce:f6:44:17:2d:03:79:6b:4b:cf:6d:af:89:eb:b4:6f:51:
9f:e3:18:7c:96:cc:e5:72:04:8f:77:5a:2c:e8:94:5a:9c:e3:
dd:4c:b2:9d:b0:bf:32:f3:45:a2:0f:2d:a1:e2:35:ed:9b:0d:
48:d0:23:8a:d1:71:07:3b:d0:d2:7d:6d:4d:78:ea:6b:8d:21:
f6:56:49:83
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYvYVD/ALS9zJt38WKMEQB1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTE2MTMzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTUyNzdlOWYwZjhlOWQwZDFmYjNkYTM3ZjczNmZmMjNlOGE2NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZwkWLjeyqRMntUhNuXPAm1exkgf
ZGkXwNi6EjhC2nDKD1o+84OrpOROt0A7naCdaAZbpoNtl5ePrky35mTYtJYXY78L
4uoDh9FLQs7OX7jIf3S4OQkYKLajkIpgAoe7lO5k359W1OyXGfCna1OygaeqPh0V
9z7GId5kzMUA2BV/p5NpAMkkjhYOxVz8L5H5PzevV+vOzpc3/6TS8IepsuK+la1q
hV/lhZs0mLOR924G/ey7pPNmlj7ogfpYxAWq7g2+C33evTd/nXfJz69vD88U4eEg
04AqG44Wvpo/hrtYzTUmPKes5g4fZsNiHuUDNdsI1Mi8go4gPNWB/QX7lQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFAFSd+nw+OnQ0fs9o39zb/I+imbbMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQVZKMzZmRDQ2ZERSLXoyamYzTnY4ajZLWnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQAWSIbAwQA
WSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQAXXJPAwQAXXLCAwQC
wRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEBCwUAA4IBAQBqhoAZ
89gLqq5RQ6VjyeoOozPyH9Uh7Gb5F0+Fx7Rhqrosu3gwYc4f6/SmGKj2Eu26qii9
h/Ux8HRmnXD7EktCCUmoYcVZYGIv0NwgvU/YOt+/JqjcniCT2WgRRDWsvbGJNJQF
FzPNTLXO1pxpuptTUzHg+TWk/fDt7LRV+8Vgt4oyP0Ty6nCcqAKh5IlFX/fzL76o
43aKcWD11aB8nDCDedQa7jrcwudmv1kWvgr+vrX6JgSHzvZEFy0DeWtLz22vieu0
b1Gf4xh8lszlcgSPd1os6JRanOPdTLKdsL8y80WiDy2h4jXtmw1I0COK0XEHO9DS
fW1NeOprjSH2VkmD
-----END CERTIFICATE-----
Generated at Sat Nov 18 09:12:52 2023 by rpki-client on console-ams.rpki-client.org