Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/oRBMrMiQmmH9h_vL-L6FIxeh-1w.roa
File: oRBMrMiQmmH9h_vL-L6FIxeh-1w.roa (raw, json)
Hash identifier: wEVoto9eQxk19JkpDPSQKBPwedhO3LtOvrM9Z1yvKME=
Subject key identifier: A1:10:4C:AC:C8:90:9A:61:FD:87:FB:CB:F8:BE:85:23:17:A1:FB:5C
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01856CE602A1F4859230D52974EBEC2DBE3B
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/oRBMrMiQmmH9h_vL-L6FIxeh-1w.roa
Signing time: Sun 01 Jan 2023 10:34:51 +0000
ROA not before: Sun 01 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200532
IP address blocks: 89.33.41.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
Validation: Failed, certificate revoked on Thu 01 Jun 2023 08:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:02:a1:f4:85:92:30:d5:29:74:eb:ec:2d:be:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1104cacc8909a61fd87fbcbf8be852317a1fb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:97:62:0e:42:d8:75:2a:e1:dc:6a:c1:4a:58:
e2:7d:04:91:b2:ce:82:41:5f:f7:65:b2:65:63:a1:
07:dd:02:2b:69:15:36:63:39:43:db:dd:1e:a1:9f:
cb:01:f1:8e:b7:34:4f:cd:c3:5d:e4:29:a5:a7:78:
27:af:39:ff:17:53:0a:e0:0a:cd:e7:4b:19:a1:f9:
dd:3d:d7:33:c4:a6:b4:c2:90:95:d4:49:c4:04:96:
eb:b1:f0:88:fb:8e:cd:12:09:86:78:48:ee:ef:13:
44:f6:15:94:f4:0d:3d:95:be:e2:36:c5:af:9e:d6:
e7:64:f1:9f:c5:03:c0:73:a6:ec:cd:ce:55:b4:1b:
5d:8c:51:4b:49:4b:fd:f6:6a:0a:07:c7:d1:96:7d:
38:16:a9:17:13:d3:f8:73:9e:f9:9c:5e:47:77:be:
4c:af:db:47:84:51:eb:9f:a3:e4:6f:2c:b5:22:39:
87:1e:de:05:57:44:35:f8:aa:c2:ae:e2:27:84:01:
42:0f:b1:91:50:34:e4:bc:ca:57:10:6e:36:9d:9a:
27:a9:48:fe:ba:a1:a0:4e:39:43:8a:27:4e:ec:9e:
e9:b4:81:6a:f6:05:5e:c3:19:ca:52:cf:7d:1a:7b:
7f:e7:c4:ec:b4:d1:9f:51:73:6a:d4:8a:f5:4c:38:
93:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:10:4C:AC:C8:90:9A:61:FD:87:FB:CB:F8:BE:85:23:17:A1:FB:5C
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/oRBMrMiQmmH9h_vL-L6FIxeh-1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.41.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
Signature Algorithm: sha256WithRSAEncryption
92:95:c2:69:df:1d:23:eb:3f:2a:05:c1:53:03:93:b4:41:49:
81:82:b7:9e:03:88:a5:de:b2:ff:36:16:e1:d5:1f:3e:c8:54:
a7:d7:fe:81:2c:53:1b:67:1a:e9:b9:f4:70:63:67:d4:ec:f4:
be:70:7e:d2:6b:15:9f:c6:0e:5b:ff:f6:fb:8a:4c:48:e2:2d:
56:ce:2e:21:a0:79:9c:a3:4a:43:2e:d5:26:7f:de:00:ea:6d:
75:c5:26:90:d2:23:66:49:c8:1b:93:de:bb:3e:22:77:e6:88:
91:4c:a5:58:ed:48:27:9a:30:f3:76:b6:a2:e7:59:32:3b:5c:
d3:67:79:0f:ec:b7:36:dd:8f:ee:d5:0c:ff:5f:a3:bc:4e:5f:
3b:21:fd:b5:0a:61:d1:0c:9a:3f:34:e7:1e:01:e9:bc:1d:5b:
77:3f:e7:b2:1a:c0:45:f5:d2:f2:1f:ab:1a:e9:bf:8d:79:f2:
b3:67:bf:02:b2:84:48:20:94:fa:e6:27:d9:3c:b0:27:a6:21:
a6:b5:6f:85:ec:2d:6c:c0:a5:ad:46:78:52:e9:e9:22:68:91:
f7:13:db:ad:bd:64:a9:83:52:32:4a:d4:fe:49:1b:13:7e:df:
09:1c:98:e0:8a:5a:72:5b:cc:aa:58:73:0a:25:44:04:1a:79:
fd:ae:f3:70
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVs5gKh9IWSMNUpdOvsLb47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMTAxMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTEwNGNhY2M4OTA5YTYxZmQ4N2ZiY2JmOGJlODUyMzE3YTFmYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpdiDkLYdSrh3GrBSljifQSRss6C
QV/3ZbJlY6EH3QIraRU2YzlD290eoZ/LAfGOtzRPzcNd5Cmlp3gnrzn/F1MK4ArN
50sZofndPdczxKa0wpCV1EnEBJbrsfCI+47NEgmGeEju7xNE9hWU9A09lb7iNsWv
ntbnZPGfxQPAc6bszc5VtBtdjFFLSUv99moKB8fRln04FqkXE9P4c575nF5Hd75M
r9tHhFHrn6Pkbyy1IjmHHt4FV0Q1+KrCruInhAFCD7GRUDTkvMpXEG42nZonqUj+
uqGgTjlDiidO7J7ptIFq9gVewxnKUs99Gnt/58TstNGfUXNq1Ir1TDiTdwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKEQTKzIkJph/Yf7y/i+hSMXoftcMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvb1JCTXJNaVFtbUg5aF92TC1MNkZJeGVoLTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBCBAIAATA8AwQAWSEpAwQC
uWIEAwQCuWRAAwQCuW9oAwQCuXGEAwQCuXTAAwQCuXlQAwQCuX1YAwQCuYEwAwQB
vPHYMBAEAgACMAoDCAAqBglAAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCSlcJp3x0j
6z8qBcFTA5O0QUmBgreeA4il3rL/Nhbh1R8+yFSn1/6BLFMbZxrpufRwY2fU7PS+
cH7SaxWfxg5b//b7ikxI4i1Wzi4hoHmco0pDLtUmf94A6m11xSaQ0iNmScgbk967
PiJ35oiRTKVY7UgnmjDzdrai51kyO1zTZ3kP7Lc23Y/u1Qz/X6O8Tl87If21CmHR
DJo/NOceAem8HVt3P+eyGsBF9dLyH6sa6b+NefKzZ78CsoRIIJT65ifZPLAnpiGm
tW+F7C1swKWtRnhS6ekiaJH3E9utvWSpg1IyStT+SRsTft8JHJjgilpyW8yqWHMK
JUQEGnn9rvNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org