Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AIr9TNo6Tm5QKFWYwCd8OCPC2J4.roa
File: AIr9TNo6Tm5QKFWYwCd8OCPC2J4.roa (raw, json)
Hash identifier: lrzG14Wppn/B+yV04/a3Duqgdz6eSLjDn5Zod2Trjm4=
Subject key identifier: 00:8A:FD:4C:DA:3A:4E:6E:50:28:55:98:C0:27:7C:38:23:C2:D8:9E
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018B4348801A2477F191003DBAB1B9F9471F
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AIr9TNo6Tm5QKFWYwCd8OCPC2J4.roa
Signing time: Wed 18 Oct 2023 14:55:06 +0000
ROA not before: Wed 18 Oct 2023 14:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 83.60.0.0/16 maxlen: 16
88.13.0.0/16 maxlen: 16
79.144.0.0/16 maxlen: 16
88.16.0.0/16 maxlen: 16
83.33.0.0/16 maxlen: 16
195.53.193.0/24 maxlen: 24
83.47.0.0/16 maxlen: 16
2.138.0.0/16 maxlen: 16
88.10.0.0/16 maxlen: 16
195.53.218.0/23 maxlen: 23
83.37.0.0/16 maxlen: 16
81.37.0.0/16 maxlen: 16
81.40.0.0/16 maxlen: 16
80.30.0.0/16 maxlen: 16
83.57.0.0/16 maxlen: 16
83.39.0.0/16 maxlen: 16
81.39.0.0/16 maxlen: 16
81.32.0.0/16 maxlen: 16
83.32.0.0/16 maxlen: 16
83.59.0.0/16 maxlen: 16
81.36.0.0/16 maxlen: 16
83.63.0.0/16 maxlen: 16
83.53.0.0/16 maxlen: 16
195.53.0.0/16 maxlen: 16
79.147.0.0/16 maxlen: 16
88.9.0.0/16 maxlen: 16
2.137.0.0/16 maxlen: 16
83.55.0.0/16 maxlen: 16
79.146.0.0/16 maxlen: 16
88.11.0.0/16 maxlen: 16
81.38.0.0/16 maxlen: 16
83.38.0.0/16 maxlen: 16
88.1.0.0/16 maxlen: 16
213.99.44.0/24 maxlen: 24
83.52.0.0/16 maxlen: 16
195.55.110.0/24 maxlen: 24
213.99.59.0/24 maxlen: 24
88.15.0.0/16 maxlen: 16
88.8.0.0/16 maxlen: 16
81.35.0.0/16 maxlen: 16
83.35.0.0/16 maxlen: 16
88.25.0.0/16 maxlen: 16
83.34.0.0/16 maxlen: 16
81.34.0.0/16 maxlen: 16
88.0.0.0/16 maxlen: 16
83.54.0.0/16 maxlen: 16
79.145.0.0/16 maxlen: 16
80.31.0.0/16 maxlen: 16
83.58.0.0/16 maxlen: 16
88.24.0.0/16 maxlen: 16
88.14.0.0/16 maxlen: 16
81.41.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:48:80:1a:24:77:f1:91:00:3d:ba:b1:b9:f9:47:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Oct 18 14:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=008afd4cda3a4e6e50285598c0277c3823c2d89e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7a:9e:ad:8a:3c:dd:ab:54:e7:0b:05:f7:87:
78:db:f3:04:55:7f:a5:3e:6f:66:6a:c8:c6:56:20:
bd:ec:bc:db:86:93:4e:a8:fd:da:91:f2:10:c8:ae:
af:26:3a:a3:bd:8e:57:3f:49:ce:4d:c1:d4:fa:b8:
c8:d4:bd:9f:a5:e8:64:00:71:59:cf:56:21:a1:4f:
0b:03:d2:d1:ce:eb:77:2b:b6:93:4a:8f:a4:e2:0a:
0d:22:ee:77:03:69:75:08:b5:c2:18:d5:a8:53:59:
8b:e7:95:a6:83:00:b0:81:3f:78:4b:fc:5b:e2:0d:
92:7a:58:c5:6e:e8:49:4a:fc:24:3a:c8:ea:dc:25:
32:0e:02:d7:9f:1e:af:7c:74:f3:e4:75:ac:10:ad:
f3:b1:7b:d5:34:8e:c5:a9:5b:95:0f:92:5b:90:ac:
33:78:e5:75:5d:01:d7:ff:e6:47:1f:2c:2e:08:2a:
fc:04:87:e1:50:c9:20:57:4e:15:de:c8:0f:c3:e0:
4f:df:43:97:32:e8:7c:05:ed:b3:6f:41:57:1a:63:
53:98:24:c8:14:f8:40:b0:81:0c:e8:ab:78:64:35:
1b:0d:ff:b5:d3:2c:eb:01:21:e0:2b:4f:f6:4e:3e:
f4:02:ef:b4:c0:5a:59:c9:b9:ba:3b:a1:71:88:7e:
ac:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:8A:FD:4C:DA:3A:4E:6E:50:28:55:98:C0:27:7C:38:23:C2:D8:9E
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/AIr9TNo6Tm5QKFWYwCd8OCPC2J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.137.0.0-2.138.255.255
79.144.0.0/14
80.30.0.0/15
81.32.0.0/16
81.34.0.0-81.41.255.255
83.32.0.0/14
83.37.0.0-83.39.255.255
83.47.0.0/16
83.52.0.0/14
83.57.0.0-83.60.255.255
83.63.0.0/16
88.0.0.0/15
88.8.0.0/14
88.13.0.0-88.16.255.255
88.24.0.0/15
195.53.0.0/16
195.55.110.0/24
213.99.44.0/24
213.99.59.0/24
Signature Algorithm: sha256WithRSAEncryption
91:22:d3:36:0d:25:78:d7:61:ef:65:cc:0d:be:52:54:b3:ca:
7c:5e:8f:6b:53:f8:19:df:19:4c:f5:08:53:ef:27:c5:2b:89:
69:72:77:f4:34:bf:58:ee:fc:cb:40:41:f8:18:f7:47:5c:32:
26:f2:48:42:a8:a6:14:7a:f3:d7:89:6a:4e:35:10:54:1f:e5:
c8:02:f4:a4:39:2a:4a:fc:74:c9:12:f7:f0:bc:39:f7:12:eb:
19:ff:87:95:5f:ba:27:39:f5:af:18:25:9f:96:ab:0a:1d:b4:
4e:22:2c:26:0e:68:b4:db:43:a6:4e:1b:13:ea:35:da:7a:71:
ef:27:cf:e9:56:e7:69:ef:46:f4:9a:9c:8e:3e:e8:9c:45:9f:
6c:76:f8:f9:c6:be:56:0f:e6:40:20:ea:d6:fb:c9:4e:eb:e0:
d4:d1:bd:36:1b:9f:1d:bd:5c:18:8c:49:3e:2a:af:9f:1e:ad:
89:87:1f:f1:9f:39:04:98:c1:33:0f:80:79:60:8b:6d:34:b2:
f4:b3:e5:c3:a9:22:8d:ae:42:91:c0:a0:1b:66:42:55:53:24:
a2:d2:a8:c8:23:98:3e:8f:bd:a4:58:5a:32:d8:90:ed:42:36:
a4:aa:e5:1e:d8:df:20:1a:f9:10:12:58:fe:fc:58:69:ad:20:
e3:6d:4e:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYtDSIAaJHfxkQA9urG5+UcfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMxMDE4MTQ1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDhhZmQ0Y2RhM2E0ZTZlNTAyODU1OThjMDI3N2MzODIzYzJkODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnqerYo83atU5wsF94d42/MEVX+l
Pm9masjGViC97LzbhpNOqP3akfIQyK6vJjqjvY5XP0nOTcHU+rjI1L2fpehkAHFZ
z1YhoU8LA9LRzut3K7aTSo+k4goNIu53A2l1CLXCGNWoU1mL55WmgwCwgT94S/xb
4g2SeljFbuhJSvwkOsjq3CUyDgLXnx6vfHTz5HWsEK3zsXvVNI7FqVuVD5JbkKwz
eOV1XQHX/+ZHHywuCCr8BIfhUMkgV04V3sgPw+BP30OXMuh8Be2zb0FXGmNTmCTI
FPhAsIEM6Kt4ZDUbDf+10yzrASHgK0/2Tj70Au+0wFpZybm6O6FxiH6s8QIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFACK/UzaOk5uUChVmMAnfDgjwtieMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvQUlyOVRObzZUbTVRS0ZXWXdDZDhPQ1BDMko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzCBjAQCAAEwgYUwCgMD
AAKJAwMAAooDAwJPkAMDAVAeAwMAUSAwCgMDAVEiAwMBUSgDAwJTIDAKAwMAUyUD
AwNTIAMDAFMvAwMCUzQwCgMDAFM5AwMAUzwDAwBTPwMDAVgAAwMCWAgwCgMDAFgN
AwMAWBADAwFYGAMDAMM1AwQAwzduAwQA1WMsAwQA1WM7MA0GCSqGSIb3DQEBCwUA
A4IBAQCRItM2DSV412HvZcwNvlJUs8p8Xo9rU/gZ3xlM9QhT7yfFK4lpcnf0NL9Y
7vzLQEH4GPdHXDIm8khCqKYUevPXiWpONRBUH+XIAvSkOSpK/HTJEvfwvDn3EusZ
/4eVX7onOfWvGCWflqsKHbROIiwmDmi020OmThsT6jXaenHvJ8/pVudp70b0mpyO
PuicRZ9sdvj5xr5WD+ZAIOrW+8lO6+DU0b02G58dvVwYjEk+Kq+fHq2Jhx/xnzkE
mMEzD4B5YIttNLL0s+XDqSKNrkKRwKAbZkJVUySi0qjII5g+j72kWFoy2JDtQjak
quUe2N8gGvkQElj+/FhprSDjbU7q
-----END CERTIFICATE-----
Generated at Wed Oct 18 16:10:28 2023 by rpki-client on console-ams.rpki-client.org