Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/Af4cCjGpCiBj2bn1kfVJloFB_RM.roa
File: Af4cCjGpCiBj2bn1kfVJloFB_RM.roa (raw, json)
Hash identifier: AXXFgmFxbd2pTOEFyl9Vu/WJSfHciXOr2/dvb5lQ754=
Subject key identifier: 01:FE:1C:0A:31:A9:0A:20:63:D9:B9:F5:91:F5:49:96:81:41:FD:13
Certificate issuer: /CN=f99abe45f21f12e4b802f309444c24759000ebcf
Certificate serial: 01856E1415B68A7F4DE19A1042037C513B1D
Authority key identifier: F9:9A:BE:45:F2:1F:12:E4:B8:02:F3:09:44:4C:24:75:90:00:EB:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Zq-RfIfEuS4AvMJREwkdZAA688.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/Af4cCjGpCiBj2bn1kfVJloFB_RM.roa
Signing time: Sun 01 Jan 2023 16:04:48 +0000
ROA not before: Sun 01 Jan 2023 16:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 188.167.0.0/17 maxlen: 17
188.167.0.0/16 maxlen: 16
85.216.192.0/18 maxlen: 18
89.173.0.0/17 maxlen: 17
217.23.240.0/21 maxlen: 21
217.23.240.0/20 maxlen: 20
217.23.248.0/21 maxlen: 21
89.173.0.0/16 maxlen: 16
89.173.128.0/17 maxlen: 17
85.216.128.0/18 maxlen: 18
85.216.128.0/17 maxlen: 17
82.119.96.0/20 maxlen: 20
82.119.96.0/19 maxlen: 19
82.119.112.0/20 maxlen: 20
188.167.128.0/17 maxlen: 17
2a02:ab04::/30 maxlen: 30
2a02:ab00::/29 maxlen: 29
2a02:ab00::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:15:b6:8a:7f:4d:e1:9a:10:42:03:7c:51:3b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f99abe45f21f12e4b802f309444c24759000ebcf
Validity
Not Before: Jan 1 16:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01fe1c0a31a90a2063d9b9f591f549968141fd13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a0:74:ea:7c:4c:e3:12:7a:60:5e:d9:c4:32:
f4:15:4c:c2:e4:e4:98:59:e0:b4:ab:66:19:37:bf:
b0:07:e6:99:c2:38:1c:27:34:2c:2e:2a:c8:c7:1f:
9b:96:96:f7:09:a8:24:0a:32:c2:f9:f8:a9:63:cf:
a7:e9:15:4d:14:84:b7:93:7c:3e:c2:cc:cc:85:3b:
76:69:14:3f:0d:73:01:a4:e1:35:68:2b:a2:d8:02:
59:07:c4:cd:42:9a:a5:42:c3:6c:c2:e4:e1:ac:6a:
24:41:e6:9c:68:84:43:ca:b4:02:7f:f4:a9:c5:08:
d3:f2:6c:46:5b:44:f6:7e:13:5e:b2:3d:06:df:0a:
99:25:d6:49:38:86:86:17:54:62:d5:6d:ca:0f:31:
7d:07:86:4e:f5:96:bc:17:a6:ce:46:d8:23:0d:5f:
a1:81:eb:e8:84:fe:5d:c4:f6:e6:43:17:20:9f:de:
72:16:f4:9b:16:fd:65:8c:fd:b9:7d:c5:9c:e2:bd:
01:21:f4:98:76:ce:4b:78:d0:53:0f:5c:6b:ec:f9:
e4:35:06:9e:9a:b0:83:8c:a3:1e:eb:bc:b8:33:d5:
02:ad:a1:4c:93:c1:ce:6a:fc:cc:9a:d2:0a:32:af:
41:e6:2f:c1:ee:2e:23:17:02:1b:be:16:15:69:ae:
8a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:FE:1C:0A:31:A9:0A:20:63:D9:B9:F5:91:F5:49:96:81:41:FD:13
X509v3 Authority Key Identifier:
keyid:F9:9A:BE:45:F2:1F:12:E4:B8:02:F3:09:44:4C:24:75:90:00:EB:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Zq-RfIfEuS4AvMJREwkdZAA688.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/Af4cCjGpCiBj2bn1kfVJloFB_RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d3e3d7-0357-487e-9fed-a8e8b8931552/1/1-Zq-RfIfEuS4AvMJREwkdZAA688.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.96.0/19
85.216.128.0/17
89.173.0.0/16
188.167.0.0/16
217.23.240.0/20
IPv6:
2a02:ab00::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a7:f6:91:ea:76:45:1c:37:fc:1b:89:35:18:79:b8:c0:97:
2c:cf:f2:94:94:d6:f2:1f:ea:ab:f9:80:c2:72:90:06:1b:9c:
0c:be:ed:94:dc:89:cb:7f:3d:3e:b3:ac:ba:39:ee:5b:8f:44:
2c:1c:5d:be:d7:35:3e:bd:a3:2d:37:0e:51:f1:7d:5e:85:b9:
f0:87:82:52:a9:da:e2:b0:48:63:34:d9:f9:d1:dd:c9:25:8a:
30:32:1c:a6:86:59:e2:25:e5:01:7a:d4:f3:75:da:a3:26:b7:
77:37:04:ac:cd:b7:45:88:e9:e2:bd:5c:2c:47:58:69:1e:e8:
ed:c2:28:1c:05:4c:d5:c3:e0:e4:a4:f7:dc:6b:0d:46:1a:03:
67:9b:bf:4b:3b:e7:36:86:b7:9a:e9:a4:59:7d:69:f8:d3:4f:
3b:07:56:c9:81:1b:6a:40:54:2a:28:b2:3c:13:b4:3d:0a:f4:
12:71:c8:0b:4b:04:74:8a:43:4d:0e:29:4d:ea:5a:ed:e5:1a:
33:76:0e:5f:14:20:04:ba:49:71:b8:14:c3:12:fa:d8:a0:db:
4e:f4:ac:d2:0b:7f:5d:26:23:02:71:7b:97:0d:04:d0:93:81:
30:ef:c8:c3:c0:df:b8:bb:4f:d9:00:47:f7:28:64:aa:f7:a6:
74:bd:f3:97
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuFBW2in9N4ZoQQgN8UTsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OWFiZTQ1ZjIxZjEyZTRiODAyZjMwOTQ0NGMyNDc1OTAw
MGViY2YwHhcNMjMwMTAxMTYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWZlMWMwYTMxYTkwYTIwNjNkOWI5ZjU5MWY1NDk5NjgxNDFmZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqB06nxM4xJ6YF7ZxDL0FUzC5OSY
WeC0q2YZN7+wB+aZwjgcJzQsLirIxx+blpb3CagkCjLC+fipY8+n6RVNFIS3k3w+
wszMhTt2aRQ/DXMBpOE1aCui2AJZB8TNQpqlQsNswuThrGokQeacaIRDyrQCf/Sp
xQjT8mxGW0T2fhNesj0G3wqZJdZJOIaGF1Ri1W3KDzF9B4ZO9Za8F6bORtgjDV+h
gevohP5dxPbmQxcgn95yFvSbFv1ljP25fcWc4r0BIfSYds5LeNBTD1xr7PnkNQae
mrCDjKMe67y4M9UCraFMk8HOavzMmtIKMq9B5i/B7i4jFwIbvhYVaa6KLQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAH+HAoxqQogY9m59ZH1SZaBQf0TMB8GA1UdIwQY
MBaAFPmavkXyHxLkuALzCURMJHWQAOvPMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1acS1SZklmRXVTNEF2TUpSRXdrZFpBQTY4OC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjcvZDNlM2Q3LTAzNTctNDg3ZS05ZmVk
LWE4ZThiODkzMTU1Mi8xL0FmNGNDakdwQ2lCajJibjFrZlZKbG9GQl9STS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjcvZDNlM2Q3LTAzNTctNDg3ZS05ZmVkLWE4ZThiODkzMTU1
Mi8xLzEtWnEtUmZJZkV1UzRBdk1KUkV3a2RaQUE2ODguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMCIEAgABMBwDBAVSd2AD
BAdV2IADAwBZrQMDALynAwQE2RfwMA0EAgACMAcDBQMqAqsAMA0GCSqGSIb3DQEB
CwUAA4IBAQALp/aR6nZFHDf8G4k1GHm4wJcsz/KUlNbyH+qr+YDCcpAGG5wMvu2U
3InLfz0+s6y6Oe5bj0QsHF2+1zU+vaMtNw5R8X1ehbnwh4JSqdrisEhjNNn50d3J
JYowMhymhlniJeUBetTzddqjJrd3NwSszbdFiOnivVwsR1hpHujtwigcBUzVw+Dk
pPfcaw1GGgNnm79LO+c2hrea6aRZfWn40087B1bJgRtqQFQqKLI8E7Q9CvQSccgL
SwR0ikNNDilN6lrt5Rozdg5fFCAEuklxuBTDEvrYoNtO9KzSC39dJiMCcXuXDQTQ
k4Ew78jDwN+4u0/ZAEf3KGSq96Z0vfOX
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:28 2024 by rpki-client on console-fra.rpki-client.org