Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/g-PXryO1PVNinC6k6l9MUJ0NJnk.roa
File: g-PXryO1PVNinC6k6l9MUJ0NJnk.roa (raw, json)
Hash identifier: JVIyD6LptscW1KJlv8Zr2t8wxlFb4l2WC+prHx5nohI=
Subject key identifier: 83:E3:D7:AF:23:B5:3D:53:62:9C:2E:A4:EA:5F:4C:50:9D:0D:26:79
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 0187317E3CD3977B387236B0BA35DC7562DB
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/g-PXryO1PVNinC6k6l9MUJ0NJnk.roa
Signing time: Thu 30 Mar 2023 07:49:29 +0000
ROA not before: Thu 30 Mar 2023 07:49:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
91.206.86.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.216.0/24 maxlen: 24
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:7e:3c:d3:97:7b:38:72:36:b0:ba:35:dc:75:62:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Mar 30 07:49:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83e3d7af23b53d53629c2ea4ea5f4c509d0d2679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0c:76:e8:5a:0d:85:a4:bb:c3:20:53:fc:5f:
46:e4:1e:a3:1b:ba:1a:9d:c9:90:7d:bc:ad:f2:1e:
03:c4:a0:d8:42:68:13:93:0d:c2:d3:72:b3:89:bb:
f8:6c:09:5e:a2:f3:18:c4:1e:e2:45:2f:0d:d2:6d:
e6:74:d2:26:7f:2d:79:5a:f3:02:0b:8d:cb:26:2c:
b7:53:e0:e1:3e:dd:78:5f:0e:af:40:c2:30:27:7e:
0b:3d:f9:cd:5d:81:4d:a5:46:21:89:80:99:5b:b9:
0d:56:91:ee:d3:be:95:24:e1:f4:b5:da:9c:7d:11:
bb:3c:1a:86:b3:95:19:23:14:26:5c:d0:85:ca:e2:
a1:80:a9:3a:5c:2c:5d:4d:08:0d:f6:85:ce:6f:3a:
f7:10:6b:fd:02:7d:20:ed:dc:6d:67:81:fb:10:c2:
91:49:ad:34:9d:b2:15:07:44:73:32:2d:f6:39:d7:
2b:72:58:a4:73:a5:d0:45:f9:11:5a:b4:eb:4d:4d:
4f:4e:22:cf:65:26:be:39:8c:7a:ad:db:c7:c6:ae:
31:b6:92:8c:71:1d:9c:22:4f:04:4b:8f:ff:6e:91:
aa:39:38:2f:76:5d:b2:66:fd:ab:9c:bd:26:fc:68:
16:f1:98:46:45:80:f9:41:48:a0:2e:79:e6:f4:0b:
76:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E3:D7:AF:23:B5:3D:53:62:9C:2E:A4:EA:5F:4C:50:9D:0D:26:79
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/g-PXryO1PVNinC6k6l9MUJ0NJnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/24
193.58.216.0/24
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
72:a3:ef:4e:05:dd:28:fa:38:ec:94:54:4c:0c:2b:15:eb:11:
83:33:ed:8a:5f:4d:68:03:b8:e1:f2:60:9d:7b:e6:a9:21:ca:
c3:d1:6b:38:ff:f8:91:ca:c3:9d:e9:a1:32:fe:93:f4:63:45:
f8:46:ad:a9:39:ca:62:8b:14:8f:98:17:0c:ff:c0:0e:13:63:
f6:01:0f:ba:11:ea:5f:a4:2d:54:e9:06:c4:a3:84:01:d8:c3:
d1:8f:6d:eb:a2:df:52:a0:1f:d6:3a:65:5b:b4:2c:24:e1:d4:
3a:ec:6d:2c:08:bb:2e:9c:a3:c2:9f:70:b9:c9:f7:6a:d9:fb:
4c:cc:20:47:e1:2f:d5:11:e9:58:bd:bb:59:73:d9:a7:d2:b2:
db:7a:06:fb:43:0a:df:7c:27:e0:f4:23:b5:17:58:44:11:5a:
4a:14:3d:3c:dd:11:b5:94:49:d2:ca:b1:ac:32:fa:37:16:5a:
89:fc:cd:4f:4b:f1:bb:45:37:17:67:cf:87:40:60:d8:f5:91:
16:1d:59:67:00:7c:42:de:3c:a6:07:f6:d3:b5:3d:55:b3:6f:
ac:19:1b:78:86:08:82:55:5f:a1:2c:af:b2:69:28:03:f5:72:
2b:7d:a0:23:99:fd:4b:0a:fb:e6:05:cc:ea:8b:72:3f:dd:a7:
38:96:98:8a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYcxfjzTl3s4cjawujXcdWLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMzMwMDc0OTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2UzZDdhZjIzYjUzZDUzNjI5YzJlYTRlYTVmNGM1MDlkMGQyNjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwx26FoNhaS7wyBT/F9G5B6jG7oa
ncmQfbyt8h4DxKDYQmgTkw3C03Kzibv4bAleovMYxB7iRS8N0m3mdNImfy15WvMC
C43LJiy3U+DhPt14Xw6vQMIwJ34LPfnNXYFNpUYhiYCZW7kNVpHu076VJOH0tdqc
fRG7PBqGs5UZIxQmXNCFyuKhgKk6XCxdTQgN9oXObzr3EGv9An0g7dxtZ4H7EMKR
Sa00nbIVB0RzMi32Odcrclikc6XQRfkRWrTrTU1PTiLPZSa+OYx6rdvHxq4xtpKM
cR2cIk8ES4//bpGqOTgvdl2yZv2rnL0m/GgW8ZhGRYD5QUigLnnm9At2WwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFIPj168jtT1TYpwupOpfTFCdDSZ5MB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvZy1QWHJ5TzFQVk5pbkM2azZsOU1VSjBOSm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwQAW85WAwQA
wTrYAwQBwTreAwQBwcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPC
f0gDBADCf0wDBATCf1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEB
AHKj704F3Sj6OOyUVEwMKxXrEYMz7YpfTWgDuOHyYJ175qkhysPRazj/+JHKw53p
oTL+k/RjRfhGrak5ymKLFI+YFwz/wA4TY/YBD7oR6l+kLVTpBsSjhAHYw9GPbeui
31KgH9Y6ZVu0LCTh1DrsbSwIuy6co8KfcLnJ92rZ+0zMIEfhL9UR6Vi9u1lz2afS
stt6BvtDCt98J+D0I7UXWEQRWkoUPTzdEbWUSdLKsawy+jcWWon8zU9L8btFNxdn
z4dAYNj1kRYdWWcAfELePKYH9tO1PVWzb6wZG3iGCIJVX6Esr7JpKAP1cit9oCOZ
/UsK++YFzOqLcj/dpziWmIo=
Generated at Mon Dec 18 07:33:32 2023 by rpki-client on console-fra.rpki-client.org