Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/T9bXlLkYXhnhdwn9s-qY7wgHbMo.roa
File: T9bXlLkYXhnhdwn9s-qY7wgHbMo.roa (raw, json)
Hash identifier: Ziwqh+v3gozzyOLSfFpHLEWKzesPZwCFNWJPCMF5T8I=
Subject key identifier: 4F:D6:D7:94:B9:18:5E:19:E1:77:09:FD:B3:EA:98:EF:08:07:6C:CA
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 018C7BB9A729585CDD1C9872AF3EEC1A7E5D
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/T9bXlLkYXhnhdwn9s-qY7wgHbMo.roa
Signing time: Mon 18 Dec 2023 07:00:13 +0000
ROA not before: Mon 18 Dec 2023 07:00:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.16.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
91.206.86.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.216.0/24 maxlen: 24
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:b9:a7:29:58:5c:dd:1c:98:72:af:3e:ec:1a:7e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Dec 18 07:00:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fd6d794b9185e19e17709fdb3ea98ef08076cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4e:30:5f:00:70:93:bf:7e:8b:1a:d6:81:6e:
d7:13:3e:b7:fa:a0:ba:2f:e2:7e:bb:e5:f2:b5:f5:
09:7b:f4:75:1c:aa:04:b7:ea:35:ee:bf:d6:e6:5a:
a4:7b:78:ba:33:c8:e5:74:f2:91:39:8f:0c:92:0f:
25:1c:bd:73:7b:ba:fd:08:05:74:c1:4e:70:24:9c:
94:fb:46:a4:85:c2:da:d1:e5:2f:23:ea:0e:ee:3b:
c5:bd:d3:3b:a9:66:24:d3:0b:c2:8d:55:dd:ee:65:
a9:1c:15:0e:3d:53:b7:ba:3f:b7:fc:d3:37:8a:86:
1b:45:c2:75:c6:41:7d:a5:9e:d4:77:b9:6e:aa:f4:
6d:56:41:60:e3:73:34:2d:71:22:d6:4c:61:03:78:
fc:cd:08:4f:37:ce:97:34:ab:9a:51:9f:09:8e:2a:
19:b5:ea:b3:f0:ad:cc:3e:1e:1f:0d:e6:9c:e3:07:
44:8b:a8:fe:45:91:17:f5:29:56:c1:cd:8c:bc:f0:
aa:b1:e5:2a:3f:5c:d4:1f:77:db:00:14:57:01:d6:
08:c9:32:fe:70:6c:8f:02:24:80:57:02:8c:9d:f7:
23:df:28:5d:c3:2b:e0:55:a5:d7:b5:28:a0:20:00:
61:f7:13:c6:27:60:c6:65:58:5c:8d:db:b6:7f:0e:
22:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D6:D7:94:B9:18:5E:19:E1:77:09:FD:B3:EA:98:EF:08:07:6C:CA
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/T9bXlLkYXhnhdwn9s-qY7wgHbMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/24
193.58.216.0/24
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
61:41:45:fc:88:b4:33:28:79:15:7c:37:10:88:00:fa:b5:db:
e8:a8:e3:aa:08:1b:ee:45:2f:93:f8:54:78:df:a2:a7:84:a9:
d9:43:f0:82:59:44:30:cb:b8:1a:ba:6e:0e:d1:3f:6b:52:1b:
ca:31:21:c5:d4:48:fe:1d:7e:99:3e:b4:f8:16:be:8d:78:ee:
17:b5:56:2f:cf:a1:23:13:8d:e2:51:bf:0d:55:86:c9:75:81:
47:b5:c9:78:11:70:d9:ab:5c:45:14:63:97:95:ab:b0:cb:ed:
b1:4c:8e:54:8e:56:7c:40:f7:45:11:97:89:04:36:b4:32:cd:
28:ef:73:55:d8:1e:fb:be:99:24:e4:2b:22:4a:b7:4d:a9:f6:
0a:32:c4:a2:f6:71:fb:1a:87:fa:eb:6c:9a:af:1a:d1:c8:5f:
db:36:a7:94:eb:ea:d7:1c:98:3b:97:34:56:3b:0c:a2:32:04:
0e:6c:2a:e6:dc:7b:77:1c:16:64:bd:19:66:ce:03:8b:25:1f:
20:e6:36:4f:5c:40:a7:80:d4:ef:51:41:22:8c:6f:81:e9:ab:
72:f7:33:b1:21:fd:aa:80:15:b5:33:fc:1f:0e:63:e9:80:3c:
31:d3:1a:23:e4:a2:ad:42:e1:6c:8b:6d:36:d0:be:72:57:89:
7c:03:bf:f6
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYx7uacpWFzdHJhyrz7sGn5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMxMjE4MDcwMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQ2ZDc5NGI5MTg1ZTE5ZTE3NzA5ZmRiM2VhOThlZjA4MDc2Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk4wXwBwk79+ixrWgW7XEz63+qC6
L+J+u+XytfUJe/R1HKoEt+o17r/W5lqke3i6M8jldPKROY8Mkg8lHL1ze7r9CAV0
wU5wJJyU+0akhcLa0eUvI+oO7jvFvdM7qWYk0wvCjVXd7mWpHBUOPVO3uj+3/NM3
ioYbRcJ1xkF9pZ7Ud7luqvRtVkFg43M0LXEi1kxhA3j8zQhPN86XNKuaUZ8JjioZ
teqz8K3MPh4fDeac4wdEi6j+RZEX9SlWwc2MvPCqseUqP1zUH3fbABRXAdYIyTL+
cGyPAiSAVwKMnfcj3yhdwyvgVaXXtSigIABh9xPGJ2DGZVhcjdu2fw4ibQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFE/W15S5GF4Z4XcJ/bPqmO8IB2zKMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvVDliWGxMa1lYaG5oZHduOXMtcVk3d2dIYk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwQAW85WAwQA
wTrYAwQBwTreAwQBwcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPC
f0gDBADCf0wDBATCf1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEB
AGFBRfyItDMoeRV8NxCIAPq12+io46oIG+5FL5P4VHjfoqeEqdlD8IJZRDDLuBq6
bg7RP2tSG8oxIcXUSP4dfpk+tPgWvo147he1Vi/PoSMTjeJRvw1Vhsl1gUe1yXgR
cNmrXEUUY5eVq7DL7bFMjlSOVnxA90URl4kENrQyzSjvc1XYHvu+mSTkKyJKt02p
9goyxKL2cfsah/rrbJqvGtHIX9s2p5Tr6tccmDuXNFY7DKIyBA5sKubce3ccFmS9
GWbOA4slHyDmNk9cQKeA1O9RQSKMb4Hpq3L3M7Eh/aqAFbUz/B8OY+mAPDHTGiPk
oq1C4WyLbTbQvnJXiXwDv/Y=
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:53:03 2024 by rpki-client on console-fra.rpki-client.org