Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/gIYJKdRFwicrPxc5F6SaRSCXxVw.roa
File: gIYJKdRFwicrPxc5F6SaRSCXxVw.roa (raw, json)
Hash identifier: 2Mk2a5pcHrVZUPZT+xzsl/L64jFGl7RHjUlp9WWY8N8=
Subject key identifier: 80:86:09:29:D4:45:C2:27:2B:3F:17:39:17:A4:9A:45:20:97:C5:5C
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 01856DDD5141E04EBA09CECBC3360C340204
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/gIYJKdRFwicrPxc5F6SaRSCXxVw.roa
Signing time: Sun 01 Jan 2023 15:04:58 +0000
ROA not before: Sun 01 Jan 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:51:41:e0:4e:ba:09:ce:cb:c3:36:0c:34:02:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 1 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80860929d445c2272b3f173917a49a452097c55c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:b1:9b:52:49:c1:97:3d:dd:c0:ec:25:fd:
63:0b:2f:ba:21:f3:77:dd:10:cf:eb:5f:9e:ce:78:
cd:1a:25:3c:d5:d8:d6:66:38:11:b0:79:fc:f7:51:
92:9e:19:87:d5:26:45:ba:0c:15:37:69:23:cd:4d:
58:25:73:2d:fa:39:f8:d9:14:b6:3b:bb:f1:97:8d:
2d:3b:c9:5a:5f:d6:b3:72:8e:fd:8a:ea:0c:74:a0:
45:e7:23:59:cc:b2:6c:8e:10:29:18:26:b1:bd:81:
66:db:d4:6f:2c:9b:5b:2b:71:e5:45:c0:c6:8e:86:
e3:0e:9c:fe:35:30:a0:aa:a1:27:ec:82:53:09:ce:
39:48:d7:ec:a0:5b:86:bd:12:97:aa:cf:9d:ea:68:
bb:d8:d6:a7:bf:08:71:b0:44:50:d3:a9:78:f0:6c:
a1:c3:0d:a1:e1:c9:80:f4:93:24:91:1e:df:1e:bd:
2c:bc:44:a5:0c:d1:25:5b:2b:4e:22:88:a4:c6:58:
bf:44:9c:8e:7f:cb:53:da:b9:0d:0d:5a:b0:08:71:
36:8e:3c:ae:24:a9:35:e8:aa:6b:82:c9:e2:73:05:
5e:d8:fe:c8:ca:c1:6f:fa:ec:17:1b:0c:7b:d1:d7:
2e:bb:84:29:bb:8b:b8:32:17:fa:4f:7a:ff:df:23:
8f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:86:09:29:D4:45:C2:27:2B:3F:17:39:17:A4:9A:45:20:97:C5:5C
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/gIYJKdRFwicrPxc5F6SaRSCXxVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
54:a3:12:cb:77:ae:fd:87:c6:63:5f:4b:ea:8a:93:b9:86:4f:
23:a0:31:1b:cb:82:8e:3a:5f:3c:cc:94:b0:a4:e8:bf:69:44:
67:9f:78:cb:72:a5:b5:91:8f:24:11:96:f0:b0:d1:03:b8:4c:
a0:aa:5d:54:32:aa:0b:de:45:03:80:4c:42:aa:b4:e3:87:99:
8e:70:4a:a5:08:f1:b1:3f:1b:1f:24:90:d3:4e:f4:de:54:59:
26:d3:6f:ef:c4:cf:14:0e:3b:2b:d0:6d:ab:98:d6:bf:90:2e:
86:8f:3d:bb:14:10:e4:65:14:0c:38:52:64:4a:e0:2a:76:97:
f0:da:ce:0b:f1:87:4f:58:29:83:e5:5b:79:53:61:b0:05:85:
0b:cd:d0:08:bf:35:e2:ef:1f:69:33:15:73:ac:b3:37:57:07:
e7:4a:67:fb:2a:b8:a0:06:cd:e5:bb:84:23:fc:78:17:b0:8b:
54:1b:20:85:98:b4:c3:38:52:6b:f5:0d:fb:2c:bf:37:9e:cd:
da:b9:0d:a6:69:3c:7a:6e:be:2e:e5:37:e0:fc:6d:a9:57:2e:
30:93:f1:e0:30:de:35:82:9b:de:d5:02:9e:ff:e7:11:1e:ef:
b3:b6:e3:19:2a:e6:be:03:e7:9a:51:f4:b0:76:5e:9e:9c:f5:
bb:f1:c3:50
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVt3VFB4E66Cc7LwzYMNAIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjMwMTAxMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDg2MDkyOWQ0NDVjMjI3MmIzZjE3MzkxN2E0OWE0NTIwOTdjNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs52xm1JJwZc93cDsJf1jCy+6IfN3
3RDP61+eznjNGiU81djWZjgRsHn891GSnhmH1SZFugwVN2kjzU1YJXMt+jn42RS2
O7vxl40tO8laX9azco79iuoMdKBF5yNZzLJsjhApGCaxvYFm29RvLJtbK3HlRcDG
jobjDpz+NTCgqqEn7IJTCc45SNfsoFuGvRKXqs+d6mi72NanvwhxsERQ06l48Gyh
ww2h4cmA9JMkkR7fHr0svESlDNElWytOIoikxli/RJyOf8tT2rkNDVqwCHE2jjyu
JKk16KprgsnicwVe2P7IysFv+uwXGwx70dcuu4Qpu4u4Mhf6T3r/3yOP9QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFICGCSnURcInKz8XORekmkUgl8VcMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvZ0lZSktkUkZ3aWNyUHhjNUY2U2FSU0NYeFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQBwTreAwQB
wcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPCf0gDBADCf0wDBATC
f1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEBAFSjEst3rv2HxmNf
S+qKk7mGTyOgMRvLgo46XzzMlLCk6L9pRGefeMtypbWRjyQRlvCw0QO4TKCqXVQy
qgveRQOATEKqtOOHmY5wSqUI8bE/Gx8kkNNO9N5UWSbTb+/EzxQOOyvQbauY1r+Q
LoaPPbsUEORlFAw4UmRK4Cp2l/Dazgvxh09YKYPlW3lTYbAFhQvN0Ai/NeLvH2kz
FXOsszdXB+dKZ/squKAGzeW7hCP8eBewi1QbIIWYtMM4Umv1Dfssvzeezdq5DaZp
PHpuvi7lN+D8balXLjCT8eAw3jWCm97VAp7/5xEe77O24xkq5r4D55pR9LB2Xp6c
9bvxw1A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:58 2023 by rpki-client on console-ams.rpki-client.org