Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8GoBcYmmP_IcxrQs88tca6fr0mk.roa
File: 8GoBcYmmP_IcxrQs88tca6fr0mk.roa (raw, json)
Hash identifier: yYv8LtaAq3PRdG2baRGa1ZS4Ll6VWYpS+Lde12WUoIY=
Subject key identifier: F0:6A:01:71:89:A6:3F:F2:1C:C6:B4:2C:F3:CB:5C:6B:A7:EB:D2:69
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0185AA94EAD8081AE5539DA3784680FFD98C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8GoBcYmmP_IcxrQs88tca6fr0mk.roa
Signing time: Fri 13 Jan 2023 10:02:44 +0000
ROA not before: Fri 13 Jan 2023 10:02:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Jan 2023 11:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:aa:94:ea:d8:08:1a:e5:53:9d:a3:78:46:80:ff:d9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 13 10:02:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f06a017189a63ff21cc6b42cf3cb5c6ba7ebd269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:7f:9a:4e:87:ff:ed:5c:16:0f:9b:3a:c1:
3d:68:fb:de:3f:0f:f3:26:7c:81:fe:aa:d1:f4:4e:
d4:ca:7d:4a:a6:aa:8b:86:8b:ed:3f:3b:e8:15:f5:
73:da:1a:ad:3d:5c:65:15:99:8e:cd:53:b4:4d:f6:
55:ce:ed:1e:92:79:9c:df:74:15:cb:bf:bb:56:73:
94:1a:e9:e1:a8:30:de:34:55:bf:cd:a7:72:ed:a7:
81:88:1d:0e:24:1d:87:3b:12:ff:b5:65:04:12:2a:
ea:f9:c6:b9:a9:35:95:ee:3b:b0:2c:c5:c6:df:d4:
8c:63:09:ab:d5:ba:20:9e:72:22:ad:9f:8b:3d:e7:
95:ff:38:4c:ad:b7:00:cf:18:13:00:80:54:91:06:
a3:0e:c7:48:d8:2a:bb:ae:7e:c4:6f:4a:63:79:3f:
ab:33:13:e9:a8:33:8d:1b:d5:58:c7:6e:bb:50:42:
c4:7f:d6:55:68:89:41:62:db:f9:37:92:25:18:82:
13:b7:ba:27:eb:98:aa:43:62:e1:78:85:29:53:4c:
38:5f:c6:ec:16:a3:1d:ba:c6:86:04:a1:77:1e:ec:
65:82:b6:ce:ba:34:31:94:1f:5a:2d:d4:f5:39:1f:
d8:46:bb:b7:1f:17:b5:d9:83:c2:59:7b:d9:59:77:
ff:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6A:01:71:89:A6:3F:F2:1C:C6:B4:2C:F3:CB:5C:6B:A7:EB:D2:69
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/8GoBcYmmP_IcxrQs88tca6fr0mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.44.255
89.43.73.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
90:3e:db:2e:df:ce:f4:e3:32:41:72:d9:b4:18:db:ed:1e:6c:
bb:bf:43:e5:44:d1:0b:1b:02:6f:e5:55:49:2e:44:6b:f0:25:
0b:1b:e0:b0:66:53:e6:23:c8:54:85:fd:bd:c9:61:4b:51:74:
11:97:9b:9e:cc:5c:f6:d4:d3:60:f4:b4:a8:0f:d2:8c:83:c6:
8d:4b:e5:40:f1:52:60:1b:53:86:bc:0b:74:4f:26:fc:39:0e:
a1:fa:b6:b6:a2:b0:94:54:5d:96:95:c0:77:9e:7e:46:60:db:
f3:48:03:2a:f4:fa:2d:04:c7:ab:96:49:13:9a:dc:22:d5:e1:
31:48:44:0b:b2:ea:66:b4:b3:7e:12:9e:9e:37:51:2e:25:67:
43:ab:25:bd:62:8e:3f:bd:50:25:2c:44:e4:d7:55:b0:e5:29:
ab:79:93:2d:54:2f:7d:3d:8e:7a:35:db:83:e3:5b:f2:a6:a4:
de:ef:ef:a4:9b:81:3a:c8:86:32:20:0b:ba:d7:44:fd:5b:da:
2a:6c:97:bb:47:56:ce:16:24:1f:f7:9f:f8:48:ca:15:56:6a:
59:af:3f:86:40:0c:29:06:28:8d:5f:be:7e:5b:38:4d:bb:3b:
6b:c4:c4:80:af:7e:3f:33:01:6c:62:7f:84:31:b6:e8:f2:e5:
8f:a7:51:eb
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYWqlOrYCBrlU52jeEaA/9mMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTEzMTAwMjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZhMDE3MTg5YTYzZmYyMWNjNmI0MmNmM2NiNWM2YmE3ZWJkMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOR/mk6H/+1cFg+bOsE9aPvePw/z
JnyB/qrR9E7Uyn1KpqqLhovtPzvoFfVz2hqtPVxlFZmOzVO0TfZVzu0eknmc33QV
y7+7VnOUGunhqDDeNFW/zady7aeBiB0OJB2HOxL/tWUEEirq+ca5qTWV7juwLMXG
39SMYwmr1bognnIirZ+LPeeV/zhMrbcAzxgTAIBUkQajDsdI2Cq7rn7Eb0pjeT+r
MxPpqDONG9VYx267UELEf9ZVaIlBYtv5N5IlGIITt7on65iqQ2LheIUpU0w4X8bs
FqMdusaGBKF3HuxlgrbOujQxlB9aLdT1OR/YRru3Hxe12YPCWXvZWXf/wQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFPBqAXGJpj/yHMa0LPPLXGun69JpMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOEdvQmNZbW1QX0ljeHJRczg4dGNhNmZyMG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB6BAIAATB0AwQAVcxO
AwQAVcx9AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8MAwDBANZ
KygDBABZKywDBABZK0kDBABZLSIDBABdcZ4DBABdccoDBABdcjcDBABdcmMDBAC8
1RIDBAG810gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOC
AQEAkD7bLt/O9OMyQXLZtBjb7R5su79D5UTRCxsCb+VVSS5Ea/AlCxvgsGZT5iPI
VIX9vclhS1F0EZebnsxc9tTTYPS0qA/SjIPGjUvlQPFSYBtThrwLdE8m/DkOofq2
tqKwlFRdlpXAd55+RmDb80gDKvT6LQTHq5ZJE5rcItXhMUhEC7LqZrSzfhKenjdR
LiVnQ6slvWKOP71QJSxE5NdVsOUpq3mTLVQvfT2OejXbg+Nb8qak3u/vpJuBOsiG
MiALutdE/VvaKmyXu0dWzhYkH/ef+EjKFVZqWa8/hkAMKQYojV++fls4Tbs7a8TE
gK9+PzMBbGJ/hDG26PLlj6dR6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org