Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/p7D9fnJ5gMqW2hP9EDQxffmrbp4.roa
File: p7D9fnJ5gMqW2hP9EDQxffmrbp4.roa (raw, json)
Hash identifier: gpSmALwyJAiTqgJB4lVYkeTJRpLOIWjpAH/3Nc4kcIc=
Subject key identifier: A7:B0:FD:7E:72:79:80:CA:96:DA:13:FD:10:34:31:7D:F9:AB:6E:9E
Certificate issuer: /CN=389755423f832a528c93136110f0fe4b10453582
Certificate serial: 018CC6B921CF71420B7061F46B028F50B55F
Authority key identifier: 38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/p7D9fnJ5gMqW2hP9EDQxffmrbp4.roa
Signing time: Mon 01 Jan 2024 20:31:10 +0000
ROA not before: Mon 01 Jan 2024 20:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205993
IP address blocks: 89.34.4.0/24 maxlen: 24
185.199.230.0/23 maxlen: 23
185.199.228.0/23 maxlen: 23
89.34.0.0/24 maxlen: 24
46.102.190.0/24 maxlen: 24
188.214.193.0/24 maxlen: 24
188.213.23.0/24 maxlen: 24
89.40.138.0/24 maxlen: 24
188.214.140.0/24 maxlen: 24
188.214.155.0/24 maxlen: 24
89.32.202.0/24 maxlen: 24
86.105.186.0/24 maxlen: 24
2a0a:a4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 28 Mar 2024 13:35:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:21:cf:71:42:0b:70:61:f4:6b:02:8f:50:b5:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=389755423f832a528c93136110f0fe4b10453582
Validity
Not Before: Jan 1 20:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7b0fd7e727980ca96da13fd1034317df9ab6e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1a:9a:52:c7:4f:28:12:97:c4:be:53:e3:e3:
c2:6e:f1:86:e8:03:11:d4:19:39:17:56:97:71:37:
aa:2a:93:83:8f:07:fd:31:d5:21:55:68:bf:06:b5:
58:54:32:71:b6:71:62:fc:2a:ad:3e:f9:40:db:86:
38:c9:57:69:87:c3:17:fa:de:3d:81:18:9c:d6:ef:
8b:5a:9a:95:fc:a7:d0:8e:a9:e9:16:b0:b5:8c:90:
15:37:bc:83:f7:09:00:12:b2:a6:56:c5:52:cd:1e:
e2:5b:26:38:ed:fd:4e:7c:86:2d:33:dd:eb:c0:c8:
6d:80:37:cf:46:73:28:91:9b:e5:c6:fd:ca:a2:5a:
d8:8c:38:eb:e4:4b:82:3c:9b:77:cd:b3:bb:55:4e:
e4:85:6c:af:68:89:03:ae:9c:9d:cc:1b:ce:6c:c6:
3f:fd:a6:24:c6:fb:5a:8d:e5:57:c4:79:84:f4:f4:
6f:c0:11:12:7e:49:32:c4:4e:0e:92:2b:61:8a:84:
99:aa:7c:bd:0d:8a:84:e4:a5:db:c5:ce:6e:08:b4:
97:d8:a4:84:0a:44:3b:95:07:9f:c3:70:41:40:11:
78:cf:a6:9d:a9:3c:f2:dc:1b:20:a9:29:5b:2d:86:
06:37:53:6e:64:ba:31:4c:fb:1d:ed:c8:35:d8:85:
49:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:B0:FD:7E:72:79:80:CA:96:DA:13:FD:10:34:31:7D:F9:AB:6E:9E
X509v3 Authority Key Identifier:
keyid:38:97:55:42:3F:83:2A:52:8C:93:13:61:10:F0:FE:4B:10:45:35:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJdVQj-DKlKMkxNhEPD-SxBFNYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/p7D9fnJ5gMqW2hP9EDQxffmrbp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/d9b596-601e-4426-a428-46957bd8860d/1/OJdVQj-DKlKMkxNhEPD-SxBFNYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.190.0/24
86.105.186.0/24
89.32.202.0/24
89.34.0.0/24
89.34.4.0/24
89.40.138.0/24
185.199.228.0/22
188.213.23.0/24
188.214.140.0/24
188.214.155.0/24
188.214.193.0/24
IPv6:
2a0a:a4c0::/29
Signature Algorithm: sha256WithRSAEncryption
01:53:ae:69:23:33:7a:86:81:4d:32:ca:0d:94:c1:de:9f:2c:
50:c5:b8:f4:c5:38:73:53:35:a7:d1:54:cd:e6:60:45:66:b1:
86:08:42:a1:a4:d2:d0:f7:16:06:36:88:69:f9:3f:bb:4b:5c:
6e:72:fc:43:0b:ca:3e:2b:55:82:a6:c7:e0:3a:5b:8d:16:b2:
2e:e4:a1:f3:dd:25:ee:16:38:cf:b3:88:50:f6:61:61:5e:df:
e9:d4:19:2e:27:2d:b4:75:ac:12:0a:6c:7c:8d:e1:50:82:3f:
bb:1f:a6:8e:4b:20:bd:ab:e1:10:77:28:21:38:3e:94:66:99:
78:e3:ee:26:40:47:a5:7e:dd:8a:ab:9f:36:9c:67:69:83:5c:
22:91:89:77:13:83:9c:11:4d:8c:8b:44:c9:1c:4c:43:f7:44:
b9:c3:3d:a5:9a:5f:57:68:d5:7e:52:e1:95:4d:9a:e5:88:e4:
75:80:64:2a:9e:14:d7:c9:7f:70:8f:ec:ae:18:8f:74:65:02:
10:de:b2:f2:ef:54:83:87:3d:25:f6:0a:d5:ed:f4:39:3a:ea:
6b:f4:6c:90:8e:0c:4a:ac:28:41:eb:d2:02:3a:9d:57:1e:a7:
e3:a9:b6:e8:1f:43:19:70:3f:b2:7e:bf:2d:9c:a1:33:6f:2e:
e7:a6:44:6a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzGuSHPcUILcGH0awKPULVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OTc1NTQyM2Y4MzJhNTI4YzkzMTM2MTEwZjBmZTRiMTA0
NTM1ODIwHhcNMjQwMTAxMjAzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2IwZmQ3ZTcyNzk4MGNhOTZkYTEzZmQxMDM0MzE3ZGY5YWI2ZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhqaUsdPKBKXxL5T4+PCbvGG6AMR
1Bk5F1aXcTeqKpODjwf9MdUhVWi/BrVYVDJxtnFi/CqtPvlA24Y4yVdph8MX+t49
gRic1u+LWpqV/KfQjqnpFrC1jJAVN7yD9wkAErKmVsVSzR7iWyY47f1OfIYtM93r
wMhtgDfPRnMokZvlxv3KolrYjDjr5EuCPJt3zbO7VU7khWyvaIkDrpydzBvObMY/
/aYkxvtajeVXxHmE9PRvwBESfkkyxE4OkithioSZqny9DYqE5KXbxc5uCLSX2KSE
CkQ7lQefw3BBQBF4z6adqTzy3BsgqSlbLYYGN1NuZLoxTPsd7cg12IVJswIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKew/X5yeYDKltoT/RA0MX35q26eMB8GA1UdIwQY
MBaAFDiXVUI/gypSjJMTYRDw/ksQRTWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0Mjgt
NDY5NTdiZDg4NjBkLzEvcDdEOWZuSjVnTXFXMmhQOUVEUXhmZm1yYnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9kOWI1OTYtNjAxZS00NDI2LWE0MjgtNDY5NTdiZDg4NjBk
LzEvT0pkVlFqLURLbEtNa3hOaEVQRC1TeEJGTllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALma+AwQA
Vmm6AwQAWSDKAwQAWSIAAwQAWSIEAwQAWSiKAwQCucfkAwQAvNUXAwQAvNaMAwQA
vNabAwQAvNbBMA0EAgACMAcDBQMqCqTAMA0GCSqGSIb3DQEBCwUAA4IBAQABU65p
IzN6hoFNMsoNlMHenyxQxbj0xThzUzWn0VTN5mBFZrGGCEKhpNLQ9xYGNohp+T+7
S1xucvxDC8o+K1WCpsfgOluNFrIu5KHz3SXuFjjPs4hQ9mFhXt/p1BkuJy20dawS
Cmx8jeFQgj+7H6aOSyC9q+EQdyghOD6UZpl44+4mQEelft2Kq582nGdpg1wikYl3
E4OcEU2Mi0TJHExD90S5wz2lml9XaNV+UuGVTZrliOR1gGQqnhTXyX9wj+yuGI90
ZQIQ3rLy71SDhz0l9grV7fQ5Oupr9GyQjgxKrChB69ICOp1XHqfjqbboH0MZcD+y
fr8tnKEzby7npkRq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:55 2024 by rpki-client on console-fra.rpki-client.org