Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa
File: AV8qx5-ctSBhGeLu7hcDqpN2f90.roa (raw, json)
Hash identifier: PS4wQx23HfWKCaj4GsrmKhDyPw5peG9YREdWXR44YxY=
Subject key identifier: 01:5F:2A:C7:9F:9C:B5:20:61:19:E2:EE:EE:17:03:AA:93:76:7F:DD
Certificate issuer: /CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Certificate serial: 01879F942EBD552F4B1AAB7D7EA65F84B0F1
Authority key identifier: 1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa
Signing time: Thu 20 Apr 2023 16:51:41 +0000
ROA not before: Thu 20 Apr 2023 16:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42013
IP address blocks: 2.58.132.0/24 maxlen: 24
2.58.132.0/23 maxlen: 23
2.58.132.0/22 maxlen: 22
194.5.235.0/24 maxlen: 24
91.229.247.0/24 maxlen: 24
185.99.44.0/24 maxlen: 24
185.99.44.0/22 maxlen: 22
185.99.44.0/23 maxlen: 23
185.99.47.0/24 maxlen: 24
185.99.46.0/24 maxlen: 24
185.99.45.0/24 maxlen: 24
185.99.46.0/23 maxlen: 23
2.58.133.0/24 maxlen: 24
2.58.135.0/24 maxlen: 24
2.58.134.0/23 maxlen: 23
2.58.134.0/24 maxlen: 24
185.61.22.0/23 maxlen: 23
185.61.23.0/24 maxlen: 24
185.61.22.0/24 maxlen: 24
185.61.20.0/22 maxlen: 22
185.61.21.0/24 maxlen: 24
185.61.20.0/23 maxlen: 23
185.61.20.0/24 maxlen: 24
185.209.111.0/24 maxlen: 24
185.209.110.0/24 maxlen: 24
185.209.110.0/23 maxlen: 23
185.209.109.0/24 maxlen: 24
185.209.108.0/24 maxlen: 24
185.209.108.0/22 maxlen: 22
185.209.108.0/23 maxlen: 23
2a0b:4d40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9f:94:2e:bd:55:2f:4b:1a:ab:7d:7e:a6:5f:84:b0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Validity
Not Before: Apr 20 16:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015f2ac79f9cb5206119e2eeee1703aa93767fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:be:95:82:f4:59:9a:97:0c:0e:14:d8:48:7f:
72:f6:f2:2a:85:42:a3:76:37:d8:e9:13:b1:48:fb:
86:52:0c:12:76:ed:0a:33:e7:1c:ad:96:fc:b0:a8:
df:35:30:ef:6d:27:e8:b9:b1:c6:ab:8d:ef:26:e8:
da:ca:c0:aa:6a:e5:71:78:f6:ae:99:69:ba:7d:4a:
da:6a:58:2b:5f:49:d0:ec:ed:9d:c6:f8:68:82:9d:
d0:21:9f:10:97:57:30:5a:34:4f:4d:9a:c4:36:09:
44:03:a7:6f:53:97:6c:3a:6c:44:e1:c3:74:95:c4:
67:3a:2a:b7:ad:c2:b8:80:f3:fe:f9:95:13:5e:17:
33:ee:ac:07:98:34:72:3f:a0:20:cf:26:77:4b:e1:
85:e9:10:6a:56:6e:03:87:ec:0f:51:b9:8d:0d:09:
a8:ea:d6:6d:76:5e:86:db:03:cc:3f:78:de:59:da:
16:7a:2b:34:f4:81:56:b3:16:8d:54:01:17:52:0a:
2c:11:ac:bf:48:29:7d:41:44:4b:7e:ca:2e:d0:71:
ce:9e:cd:be:69:4e:6a:24:76:14:20:d1:9a:3d:1c:
5a:b2:f3:b6:24:b6:ac:0b:51:8a:88:e6:15:dc:de:
5b:0d:62:e8:77:c3:a0:a3:94:fa:9d:be:67:e6:1b:
a9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5F:2A:C7:9F:9C:B5:20:61:19:E2:EE:EE:17:03:AA:93:76:7F:DD
X509v3 Authority Key Identifier:
keyid:1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/AV8qx5-ctSBhGeLu7hcDqpN2f90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/HvPLCY1ShQIMO-dU-MT_d3qooXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.132.0/22
91.229.247.0/24
185.61.20.0/22
185.99.44.0/22
185.209.108.0/22
194.5.235.0/24
IPv6:
2a0b:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
61:2b:a8:b0:82:34:af:b6:bf:e3:4d:b1:9a:46:08:f1:9b:fb:
6e:f0:b9:65:15:fe:bf:2f:c3:b6:41:b4:01:dd:35:7c:e0:4c:
95:97:a8:dc:af:05:61:37:3e:df:d8:93:c9:32:7a:90:3e:9d:
2d:ba:c8:36:a1:f6:b1:ff:a6:15:2a:8d:31:f5:28:59:39:ed:
34:87:f4:c3:e0:7d:95:39:b4:45:07:4a:90:1d:c8:38:40:f5:
26:c9:f7:d4:b6:d7:10:4e:fe:0c:d8:8d:1b:a3:df:18:c3:42:
5c:e8:5b:a2:5b:12:37:22:4e:d0:6a:b3:a0:6f:7c:8c:1b:5a:
3b:42:4b:08:6c:f3:bd:6b:68:d6:cb:f3:d0:17:c6:bd:db:3d:
07:c9:d6:fe:38:5d:a9:c8:24:eb:b8:0f:22:41:ff:7b:06:6f:
c4:06:32:83:b3:64:c9:b2:37:40:7b:ef:c3:d9:0b:b8:48:31:
6c:b3:f7:44:90:0a:b4:f3:84:b5:5b:49:68:68:af:5d:e5:33:
65:c2:32:9c:ff:af:27:7b:bc:ed:b6:30:47:e0:60:2f:c4:fc:
d9:af:06:d8:e4:d7:b8:5b:2b:62:06:17:76:45:95:59:c3:56:
1c:57:63:0e:cc:44:75:21:4d:87:63:fd:99:5c:13:d1:4c:0e:
2a:a5:01:89
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYeflC69VS9LGqt9fqZfhLDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjNjYjA5OGQ1Mjg1MDIwYzNiZTc1NGY4YzRmZjc3N2Fh
OGExNzQwHhcNMjMwNDIwMTY1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVmMmFjNzlmOWNiNTIwNjExOWUyZWVlZTE3MDNhYTkzNzY3ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh76VgvRZmpcMDhTYSH9y9vIqhUKj
djfY6ROxSPuGUgwSdu0KM+ccrZb8sKjfNTDvbSfoubHGq43vJujaysCqauVxePau
mWm6fUraalgrX0nQ7O2dxvhogp3QIZ8Ql1cwWjRPTZrENglEA6dvU5dsOmxE4cN0
lcRnOiq3rcK4gPP++ZUTXhcz7qwHmDRyP6AgzyZ3S+GF6RBqVm4Dh+wPUbmNDQmo
6tZtdl6G2wPMP3jeWdoWeis09IFWsxaNVAEXUgosEay/SCl9QURLfsou0HHOns2+
aU5qJHYUINGaPRxasvO2JLasC1GKiOYV3N5bDWLod8Ogo5T6nb5n5hupXwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAFfKsefnLUgYRni7u4XA6qTdn/dMB8GA1UdIwQY
MBaAFB7zywmNUoUCDDvnVPjE/3d6qKF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEt
Zjk5MmIwN2YzMjNmLzEvQVY4cXg1LWN0U0JoR2VMdTdoY0RxcE4yZjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEtZjk5MmIwN2YzMjNm
LzEvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCAjqEAwQA
W+X3AwQCuT0UAwQCuWMsAwQCudFsAwQAwgXrMA0EAgACMAcDBQMqC01AMA0GCSqG
SIb3DQEBCwUAA4IBAQBhK6iwgjSvtr/jTbGaRgjxm/tu8LllFf6/L8O2QbQB3TV8
4EyVl6jcrwVhNz7f2JPJMnqQPp0tusg2ofax/6YVKo0x9ShZOe00h/TD4H2VObRF
B0qQHcg4QPUmyffUttcQTv4M2I0bo98Yw0Jc6FuiWxI3Ik7QarOgb3yMG1o7QksI
bPO9a2jWy/PQF8a92z0Hydb+OF2pyCTruA8iQf97Bm/EBjKDs2TJsjdAe+/D2Qu4
SDFss/dEkAq084S1W0loaK9d5TNlwjKc/68ne7zttjBH4GAvxPzZrwbY5Ne4Wyti
Bhd2RZVZw1YcV2MOzER1IU2HY/2ZXBPRTA4qpQGJ
Generated at Tue Dec 5 19:35:21 2023 by rpki-client on console-fra.rpki-client.org