Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hYi4rSLym-_twwDckjdcAj0NCgw.roa
File: hYi4rSLym-_twwDckjdcAj0NCgw.roa (raw, json)
Hash identifier: YFd8We5MMNLM+1SuWdXy+6R/nUH5GDKNhZwDyYQzrtM=
Subject key identifier: 85:88:B8:AD:22:F2:9B:EF:ED:C3:00:DC:92:37:5C:02:3D:0D:0A:0C
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 018CC7277277D84253FD305F6A63BD66D15D
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hYi4rSLym-_twwDckjdcAj0NCgw.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200532
IP address blocks: 89.33.41.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
89.35.124.0/24 maxlen: 24
89.35.125.0/24 maxlen: 24
31.14.27.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
89.46.33.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
2a06:942::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 03:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:72:77:d8:42:53:fd:30:5f:6a:63:bd:66:d1:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8588b8ad22f29befedc300dc92375c023d0d0a0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:75:5a:29:41:ee:fa:bc:44:5c:ec:a3:2f:70:
02:15:bf:07:60:30:c6:79:ab:f5:78:dc:e8:5c:c4:
81:54:cf:6a:4f:28:60:50:d0:aa:18:33:ee:66:d2:
50:d2:35:52:c4:28:23:84:69:f3:2e:1e:a3:d5:a1:
06:a7:2c:2a:58:ce:28:92:ab:84:a6:fb:47:07:b3:
7f:8c:64:04:11:35:4f:42:05:1c:05:a6:96:74:2c:
c9:81:77:69:b4:93:9a:2f:bc:36:8e:5d:17:b9:78:
ee:af:99:93:02:c1:4a:ea:2f:5e:09:bc:59:bb:6c:
9d:51:d8:37:f8:e6:48:46:7d:e7:3d:ba:2d:51:4a:
b8:38:15:0a:b4:c8:08:48:55:a0:9b:bc:bd:34:2e:
f1:c7:fd:54:21:c4:16:f2:72:5f:f3:97:6d:8c:40:
dd:b6:8e:1f:b2:98:a8:99:3d:31:8f:64:d0:70:f6:
87:ca:b3:3f:70:e9:c8:66:ec:17:06:f9:a9:02:2b:
aa:76:87:07:ee:a8:20:f0:eb:32:45:54:f3:e0:b8:
88:89:54:a2:d0:e3:f0:cf:e6:a2:80:81:16:56:1a:
12:87:ac:3b:3e:b3:21:b6:4f:f5:10:aa:a7:4d:76:
2f:7a:e6:78:4a:01:c7:a3:bf:1b:e7:0e:24:a6:99:
b3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:88:B8:AD:22:F2:9B:EF:ED:C3:00:DC:92:37:5C:02:3D:0D:0A:0C
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hYi4rSLym-_twwDckjdcAj0NCgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
89.33.41.0/24
89.35.124.0/23
89.46.33.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
8d:93:c7:75:e2:ac:3c:31:22:71:b2:0f:e7:77:19:18:bc:02:
94:fb:fb:88:fc:3b:2d:ec:aa:a9:88:60:58:34:00:98:72:dd:
47:fb:2e:34:e0:b1:d7:5c:64:c6:dd:00:e4:5e:b9:5e:d7:c4:
61:38:44:e2:18:2f:9f:dc:6c:a6:c9:fb:69:95:14:fa:28:fc:
31:e7:83:20:06:84:8a:94:7a:12:8b:ea:52:e8:34:bb:03:47:
72:86:c7:d5:2b:f4:4a:d0:46:1f:1b:d9:f6:aa:86:73:8a:5f:
c5:d2:8f:67:8f:3a:e4:7e:04:01:65:e4:a6:80:b2:f4:7e:69:
ee:4f:96:ff:fe:3a:83:0f:44:19:ac:58:26:45:9a:31:ac:ce:
fc:62:26:11:83:86:aa:44:a3:3b:db:20:42:3e:cb:92:35:ae:
76:88:34:37:09:f6:c0:f9:a4:b3:37:a0:c2:9c:52:c1:fa:c6:
84:45:f9:0b:3e:93:85:62:44:b5:eb:d6:dd:51:16:91:ed:b8:
5d:9c:f4:28:09:f4:02:d2:37:53:71:cc:2a:03:ec:2b:ba:b0:
4f:82:68:e0:71:69:29:d3:58:5c:a4:c1:7b:28:20:ca:3d:d8:
1c:15:27:f9:00:16:4b:4e:b3:29:40:2b:62:f4:34:74:89:fd:
99:3c:d9:90
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzHJ3J32EJT/TBfamO9ZtFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg4YjhhZDIyZjI5YmVmZWRjMzAwZGM5MjM3NWMwMjNkMGQwYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3VaKUHu+rxEXOyjL3ACFb8HYDDG
eav1eNzoXMSBVM9qTyhgUNCqGDPuZtJQ0jVSxCgjhGnzLh6j1aEGpywqWM4okquE
pvtHB7N/jGQEETVPQgUcBaaWdCzJgXdptJOaL7w2jl0XuXjur5mTAsFK6i9eCbxZ
u2ydUdg3+OZIRn3nPbotUUq4OBUKtMgISFWgm7y9NC7xx/1UIcQW8nJf85dtjEDd
to4fspiomT0xj2TQcPaHyrM/cOnIZuwXBvmpAiuqdocH7qgg8OsyRVTz4LiIiVSi
0OPwz+aigIEWVhoSh6w7PrMhtk/1EKqnTXYveuZ4SgHHo78b5w4kppmz9QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFIWIuK0i8pvv7cMA3JI3XAI9DQoMMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvaFlpNHJTTHltLV90d3dEY2tqZGNBajBOQ2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwVAQCAAEwTgMEAB8OGwME
AFkhKQMEAVkjfAMEAFkuIQMEArliBAMEArlkQAMEArlvaAMEArlxhAMEArl0wAME
Arl5UAMEArl9WAMEArmBMAMEAbzx2DAZBAIAAjATAwgAKgYJQAAAAAMHACoGCUIA
ADANBgkqhkiG9w0BAQsFAAOCAQEAjZPHdeKsPDEicbIP53cZGLwClPv7iPw7Leyq
qYhgWDQAmHLdR/suNOCx11xkxt0A5F65XtfEYThE4hgvn9xspsn7aZUU+ij8MeeD
IAaEipR6EovqUug0uwNHcobH1Sv0StBGHxvZ9qqGc4pfxdKPZ4865H4EAWXkpoCy
9H5p7k+W//46gw9EGaxYJkWaMazO/GImEYOGqkSjO9sgQj7LkjWudog0Nwn2wPmk
szegwpxSwfrGhEX5Cz6ThWJEtevW3VEWke24XZz0KAn0AtI3U3HMKgPsK7qwT4Jo
4HFpKdNYXKTBeyggyj3YHBUn+QAWS06zKUArYvQ0dIn9mTzZkA==
-----END CERTIFICATE-----
Generated at Mon Jan 22 05:12:43 2024 by rpki-client on console-ams.rpki-client.org