Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/1BwSf3_7HfU5jTX_VJxGmrIQWho.roa
File: 1BwSf3_7HfU5jTX_VJxGmrIQWho.roa (raw, json)
Hash identifier: vDaxK4Fk+zWzhNwg04TvQPtOM1W8VOBrw/ZnRnKK3Sk=
Subject key identifier: D4:1C:12:7F:7F:FB:1D:F5:39:8D:35:FF:54:9C:46:9A:B2:10:5A:1A
Certificate issuer: /CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Certificate serial: 018676CC008BD118B5885AFE78564599C200
Authority key identifier: 1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/1BwSf3_7HfU5jTX_VJxGmrIQWho.roa
Signing time: Wed 22 Feb 2023 01:45:26 +0000
ROA not before: Wed 22 Feb 2023 01:45:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42013
IP address blocks: 2.58.132.0/24 maxlen: 24
2.58.132.0/23 maxlen: 23
2.58.132.0/22 maxlen: 22
91.229.247.0/24 maxlen: 24
185.99.44.0/24 maxlen: 24
185.99.44.0/22 maxlen: 22
185.99.44.0/23 maxlen: 23
185.99.47.0/24 maxlen: 24
185.99.46.0/24 maxlen: 24
185.99.45.0/24 maxlen: 24
185.99.46.0/23 maxlen: 23
2.58.133.0/24 maxlen: 24
2.58.135.0/24 maxlen: 24
2.58.134.0/23 maxlen: 23
2.58.134.0/24 maxlen: 24
185.61.22.0/23 maxlen: 23
185.61.23.0/24 maxlen: 24
185.61.22.0/24 maxlen: 24
185.61.20.0/22 maxlen: 22
185.61.20.0/23 maxlen: 23
185.61.21.0/24 maxlen: 24
185.61.20.0/24 maxlen: 24
185.209.111.0/24 maxlen: 24
185.209.110.0/24 maxlen: 24
185.209.110.0/23 maxlen: 23
185.209.109.0/24 maxlen: 24
185.209.108.0/24 maxlen: 24
185.209.108.0/22 maxlen: 22
185.209.108.0/23 maxlen: 23
2a0b:4d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 20 Apr 2023 16:51:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:76:cc:00:8b:d1:18:b5:88:5a:fe:78:56:45:99:c2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Validity
Not Before: Feb 22 01:45:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d41c127f7ffb1df5398d35ff549c469ab2105a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c5:d0:51:02:c7:14:14:cb:77:2e:2b:51:c4:
6f:c3:20:45:9b:23:e4:91:ed:dc:81:81:b2:f6:e6:
40:b6:c3:f3:60:8c:34:78:c3:d8:bb:98:7a:20:14:
fa:e0:5f:77:43:b2:16:9e:e5:39:a5:b6:b5:4c:56:
61:ee:91:cf:56:fd:77:13:65:6f:11:52:63:a8:cb:
83:d3:c3:2c:81:51:87:37:9c:86:1a:d7:59:52:c6:
df:15:67:1d:23:9d:c7:5e:71:1b:79:5c:a2:3a:29:
0b:1f:b2:cd:c3:8c:0b:34:b4:8c:14:b8:b6:d1:24:
76:3b:d5:72:28:17:53:50:6a:18:45:5f:d7:e0:35:
79:83:b9:89:2f:af:5b:7a:a6:ec:29:f6:d7:58:9a:
44:e4:5a:9d:c4:b0:58:c5:5a:5b:75:43:c9:de:8c:
11:7b:58:84:c3:98:de:55:16:5c:6e:f8:5c:96:4a:
50:94:77:f8:7a:e9:46:66:74:35:9a:34:b3:c1:bf:
53:86:af:1b:46:95:20:d3:17:85:bc:14:13:14:67:
94:4a:17:90:a9:c6:63:96:5d:bd:d0:88:d3:9c:f2:
80:c6:20:21:26:88:f8:1a:94:a2:bf:d6:ae:88:59:
04:11:ed:7b:98:7a:11:c8:b8:57:46:1f:47:94:02:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:1C:12:7F:7F:FB:1D:F5:39:8D:35:FF:54:9C:46:9A:B2:10:5A:1A
X509v3 Authority Key Identifier:
keyid:1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/1BwSf3_7HfU5jTX_VJxGmrIQWho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/HvPLCY1ShQIMO-dU-MT_d3qooXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.132.0/22
91.229.247.0/24
185.61.20.0/22
185.99.44.0/22
185.209.108.0/22
IPv6:
2a0b:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
41:3d:8c:a7:d0:dd:10:e8:6d:a9:9a:2a:4a:f7:39:1e:0b:85:
65:a8:18:c0:6a:a7:92:7e:c0:6f:fe:0f:6b:26:24:09:11:5a:
35:ce:4a:a2:fb:59:3c:01:f5:3e:6d:47:fd:0c:f4:88:d4:c5:
57:c8:47:90:05:2d:9d:a1:94:25:6f:f5:da:fb:86:c9:f4:5d:
a5:c8:e8:9b:30:b4:1f:0d:04:f5:26:5e:1f:46:c4:cf:e8:c6:
62:4f:1b:75:a7:79:52:20:ec:13:9f:8f:b2:85:88:ff:23:bb:
14:ad:43:75:e6:72:0f:4b:08:c9:8d:89:1c:d9:b6:86:56:a0:
00:b3:ed:a1:d1:b4:e8:8b:eb:89:98:28:e0:54:9f:82:d3:8a:
a4:80:38:9c:2d:a8:99:e9:37:b0:6c:5d:11:27:f7:c3:9c:01:
78:af:79:9d:fa:84:83:66:96:2a:39:8c:26:e6:0c:cc:78:59:
bf:c4:65:27:06:97:a3:b1:75:0d:1a:fc:02:24:86:38:89:b0:
e5:da:9b:fc:60:15:20:f8:bf:a3:01:60:b1:03:05:ee:b3:cc:
6e:74:79:0d:d0:ab:99:b7:82:bb:5e:7c:75:e9:56:02:36:94:
3b:a9:88:bd:1b:f0:6d:09:39:ee:e7:aa:10:40:76:14:1e:ea:
c3:cb:a3:4a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYZ2zACL0Ri1iFr+eFZFmcIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjNjYjA5OGQ1Mjg1MDIwYzNiZTc1NGY4YzRmZjc3N2Fh
OGExNzQwHhcNMjMwMjIyMDE0NTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDFjMTI3ZjdmZmIxZGY1Mzk4ZDM1ZmY1NDljNDY5YWIyMTA1YTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMXQUQLHFBTLdy4rUcRvwyBFmyPk
ke3cgYGy9uZAtsPzYIw0eMPYu5h6IBT64F93Q7IWnuU5pba1TFZh7pHPVv13E2Vv
EVJjqMuD08MsgVGHN5yGGtdZUsbfFWcdI53HXnEbeVyiOikLH7LNw4wLNLSMFLi2
0SR2O9VyKBdTUGoYRV/X4DV5g7mJL69beqbsKfbXWJpE5FqdxLBYxVpbdUPJ3owR
e1iEw5jeVRZcbvhclkpQlHf4eulGZnQ1mjSzwb9Thq8bRpUg0xeFvBQTFGeUSheQ
qcZjll290IjTnPKAxiAhJoj4GpSiv9auiFkEEe17mHoRyLhXRh9HlAImRQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNQcEn9/+x31OY01/1ScRpqyEFoaMB8GA1UdIwQY
MBaAFB7zywmNUoUCDDvnVPjE/3d6qKF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEt
Zjk5MmIwN2YzMjNmLzEvMUJ3U2YzXzdIZlU1alRYX1ZKeEdtcklRV2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEtZjk5MmIwN2YzMjNm
LzEvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCAjqEAwQA
W+X3AwQCuT0UAwQCuWMsAwQCudFsMA0EAgACMAcDBQMqC01AMA0GCSqGSIb3DQEB
CwUAA4IBAQBBPYyn0N0Q6G2pmipK9zkeC4VlqBjAaqeSfsBv/g9rJiQJEVo1zkqi
+1k8AfU+bUf9DPSI1MVXyEeQBS2doZQlb/Xa+4bJ9F2lyOibMLQfDQT1Jl4fRsTP
6MZiTxt1p3lSIOwTn4+yhYj/I7sUrUN15nIPSwjJjYkc2baGVqAAs+2h0bToi+uJ
mCjgVJ+C04qkgDicLaiZ6TewbF0RJ/fDnAF4r3md+oSDZpYqOYwm5gzMeFm/xGUn
BpejsXUNGvwCJIY4ibDl2pv8YBUg+L+jAWCxAwXus8xudHkN0KuZt4K7Xnx16VYC
NpQ7qYi9G/BtCTnu56oQQHYUHurDy6NK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:38 2024 by rpki-client on console-ams.rpki-client.org