Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/9NTjUX2aJxwNc8I7JmsQMTY9pJA.roa
File: 9NTjUX2aJxwNc8I7JmsQMTY9pJA.roa (raw, json)
Hash identifier: 901KOcfLoxiNxrx3FLOEXHquIujfmiG1jEBi73fqX0s=
Subject key identifier: F4:D4:E3:51:7D:9A:27:1C:0D:73:C2:3B:26:6B:10:31:36:3D:A4:90
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 018C8741FFA17D909E98B3902D7CBCA7D59D
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/9NTjUX2aJxwNc8I7JmsQMTY9pJA.roa
Signing time: Wed 20 Dec 2023 12:44:58 +0000
ROA not before: Wed 20 Dec 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20910
IP address blocks: 89.191.96.0/19 maxlen: 32
91.188.32.0/19 maxlen: 32
85.115.96.0/19 maxlen: 32
79.132.64.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
62.84.0.0/19 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
91.123.64.0/20 maxlen: 32
62.205.192.0/18 maxlen: 18
87.226.0.0/17 maxlen: 32
217.198.224.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
195.62.128.0/19 maxlen: 32
94.30.128.0/17 maxlen: 32
217.199.96.0/19 maxlen: 32
217.24.64.0/20 maxlen: 32
79.135.128.0/19 maxlen: 32
80.254.208.0/20 maxlen: 32
85.234.160.0/19 maxlen: 32
109.110.0.0/19 maxlen: 32
91.142.0.0/20 maxlen: 32
136.169.0.0/17 maxlen: 17
89.201.0.0/17 maxlen: 32
2a00:f4a0::/29 maxlen: 29
2a00:9000::/29 maxlen: 32
2a03:6740::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:41:ff:a1:7d:90:9e:98:b3:90:2d:7c:bc:a7:d5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Dec 20 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4d4e3517d9a271c0d73c23b266b1031363da490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:d5:ed:6f:73:93:32:06:c9:2b:86:5c:61:
31:cf:dc:0d:62:25:13:7c:55:1d:42:30:04:19:3c:
cd:ae:06:37:d2:39:ae:53:29:b5:36:83:90:ac:fa:
9a:d2:b5:a4:bc:08:20:28:f2:8f:57:56:5f:79:32:
a1:33:f5:31:80:cd:dc:63:25:a6:56:29:47:35:05:
5d:5e:be:78:e2:d9:2e:c3:d2:40:f3:a1:61:05:ab:
3f:27:42:de:2d:65:e2:81:b7:ab:ca:c4:54:6a:f5:
ca:35:bc:03:61:0e:14:7b:e4:a5:02:4b:8e:18:4f:
58:08:11:c4:e9:1c:20:90:43:cc:d1:8c:9d:a3:fa:
14:f1:5c:15:cb:c7:a6:ac:57:41:53:a1:d3:b0:8b:
9f:01:43:24:9e:73:bf:a7:90:81:1b:dd:c3:eb:fa:
7a:07:9a:0d:9f:a7:90:42:c7:ed:8c:b8:00:77:5b:
59:f7:a7:de:0b:ee:dd:4f:f5:a3:7a:8e:f4:72:81:
ae:ba:d9:e2:b3:75:60:64:40:34:89:a2:32:db:6b:
01:bb:4f:b7:b0:b9:8a:f2:bf:ae:9b:98:e4:29:90:
76:62:ab:71:41:4d:21:25:b2:9e:e2:04:5e:52:b5:
2d:40:af:2d:95:e2:ef:66:15:cc:e6:7a:ea:05:7c:
94:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D4:E3:51:7D:9A:27:1C:0D:73:C2:3B:26:6B:10:31:36:3D:A4:90
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/9NTjUX2aJxwNc8I7JmsQMTY9pJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.0.0/19
62.205.192.0/18
77.38.128.0/17
79.132.64.0/19
79.135.128.0/19
80.254.208.0/20
85.115.96.0/19
85.234.160.0/19
87.226.0.0/17
89.18.192.0/19
89.191.96.0/19
89.201.0.0/17
91.123.64.0/20
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.24.64.0/20
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
a1:93:e5:7f:e1:a2:dd:83:3f:ef:7d:8f:8e:bf:57:06:d2:97:
35:e1:ac:d9:1f:c6:7c:48:15:bb:56:4c:68:0d:c5:c2:6c:e3:
0f:45:a6:51:30:7d:3c:bc:87:aa:f2:37:ee:d8:da:c2:0f:8c:
f0:5c:b2:f4:f2:6d:62:55:58:47:22:02:51:83:10:48:b8:23:
48:6a:0a:57:d0:e0:34:c3:e9:f9:1f:c7:c5:7e:9c:69:16:d4:
6d:ed:5a:9e:a3:25:53:a2:c2:0d:98:27:2b:f6:28:90:3d:68:
a9:03:df:a8:06:fc:d7:d5:2a:5d:bc:f5:68:e3:82:d6:5c:5a:
cb:b8:38:98:f3:d9:20:47:34:5e:90:9a:c4:59:e2:e9:50:59:
02:02:0a:a0:25:e2:eb:4e:5f:61:98:cc:20:b8:5c:c6:65:2e:
d9:ed:5b:33:df:63:85:15:56:d0:8d:7f:87:9a:c9:38:53:e5:
cd:8d:82:d2:a9:62:7c:c6:d7:55:fb:cc:7e:2d:f8:cf:37:05:
2e:b1:00:1c:bb:69:d9:01:03:38:f0:1a:0b:e4:c3:d8:53:2a:
45:ef:a6:53:79:cf:cf:8f:61:cf:aa:c9:bd:a6:98:d6:2d:b6:
a0:a1:7f:0d:2d:a1:27:34:de:76:a6:06:38:d2:c6:f6:5c:0f:
52:20:30:9b
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYyHQf+hfZCemLOQLXy8p9WdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjMxMjIwMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ0ZTM1MTdkOWEyNzFjMGQ3M2MyM2IyNjZiMTAzMTM2M2RhNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjrV7W9zkzIGySuGXGExz9wNYiUT
fFUdQjAEGTzNrgY30jmuUym1NoOQrPqa0rWkvAggKPKPV1ZfeTKhM/UxgM3cYyWm
VilHNQVdXr544tkuw9JA86FhBas/J0LeLWXigberysRUavXKNbwDYQ4Ue+SlAkuO
GE9YCBHE6RwgkEPM0Yydo/oU8VwVy8emrFdBU6HTsIufAUMknnO/p5CBG93D6/p6
B5oNn6eQQsftjLgAd1tZ96feC+7dT/Wjeo70coGuutnis3VgZEA0iaIy22sBu0+3
sLmK8r+um5jkKZB2YqtxQU0hJbKe4gReUrUtQK8tleLvZhXM5nrqBXyUewIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFPTU41F9miccDXPCOyZrEDE2PaSQMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvOU5UalVYMmFKeHdOYzhJN0ptc1FNVFk5cEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBqQQCAAEwgaIDBAU+
VAADBAY+zcADBAdNJoADBAVPhEADBAVPh4ADBARQ/tADBAVVc2ADBAVV6qADBAdX
4gADBAVZEsADBAVZv2ADBAdZyQADBARbe0ADBARbjgADBAVbvCADBAZdscADBAde
HoADBAVtbgADBAeIqQADBAK5kLgDBAa8cIADBAXDPoADBATD9IADBAXVtGADBATZ
GEADBATZxuADBAXZx2AwGwQCAAIwFQMFAyoAkAADBQMqAPSgAwUDKgNnQDANBgkq
hkiG9w0BAQsFAAOCAQEAoZPlf+Gi3YM/732Pjr9XBtKXNeGs2R/GfEgVu1ZMaA3F
wmzjD0WmUTB9PLyHqvI37tjawg+M8Fyy9PJtYlVYRyICUYMQSLgjSGoKV9DgNMPp
+R/HxX6caRbUbe1anqMlU6LCDZgnK/YokD1oqQPfqAb819UqXbz1aOOC1lxay7g4
mPPZIEc0XpCaxFni6VBZAgIKoCXi605fYZjMILhcxmUu2e1bM99jhRVW0I1/h5rJ
OFPlzY2C0qlifMbXVfvMfi34zzcFLrEAHLtp2QEDOPAaC+TD2FMqRe+mU3nPz49h
z6rJvaaY1i22oKF/DS2hJzTedqYGONLG9lwPUiAwmw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:13 2024 by rpki-client on console-fra.rpki-client.org