Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KdSV7L6Y3T7bs8bw3m-53et8Dls.roa
File: KdSV7L6Y3T7bs8bw3m-53et8Dls.roa (raw, json)
Hash identifier: J6Pkz/9Y9uoy7PsNxiSs3EecJakVSNTXuSp7212qoK8=
Subject key identifier: 29:D4:95:EC:BE:98:DD:3E:DB:B3:C6:F0:DE:6F:B9:DD:EB:7C:0E:5B
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018A98458F811F90185BA61EE0D46176BF3F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KdSV7L6Y3T7bs8bw3m-53et8Dls.roa
Signing time: Fri 15 Sep 2023 09:56:50 +0000
ROA not before: Fri 15 Sep 2023 09:56:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:45:8f:81:1f:90:18:5b:a6:1e:e0:d4:61:76:bf:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 15 09:56:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d495ecbe98dd3edbb3c6f0de6fb9ddeb7c0e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:cb:a8:79:29:77:35:96:37:f8:0e:04:fa:
86:c2:97:8f:bc:ac:87:d5:28:eb:77:a6:36:ec:4e:
ea:f1:da:d6:a8:02:c1:57:cc:60:8f:08:a6:58:82:
08:3b:b6:8f:dc:0b:c2:99:1b:95:0f:f1:13:1f:b4:
d5:2c:50:fa:40:e3:45:3b:91:2d:97:85:54:8e:0e:
e4:a6:42:cc:b7:8f:25:40:5b:4d:46:69:87:43:18:
1d:55:87:6c:d6:29:df:f2:f1:e3:8e:97:b9:60:fd:
a8:b2:8a:0b:5d:5e:5f:51:9e:30:88:e3:1f:56:80:
a7:06:da:c2:72:ed:b7:0f:d8:35:04:b8:06:92:28:
03:77:b8:e2:4e:29:ff:ec:cf:c2:44:20:47:7f:85:
a1:55:b8:97:b2:69:93:8e:67:cd:bf:de:dc:fc:1a:
d8:1c:86:c8:8f:cb:53:83:29:0d:f8:47:9e:32:0e:
2c:ad:e3:dc:e7:d0:99:ee:43:05:bf:2c:ec:47:ff:
91:8d:df:52:e9:ec:e7:fd:ee:83:33:38:a2:2d:5e:
be:e3:0e:b8:c5:cf:b5:20:e7:7d:9c:42:18:02:95:
30:3f:e0:16:69:0c:5a:79:7e:1e:d2:22:d3:86:1a:
a4:6a:4c:d7:04:68:47:98:8d:5b:79:22:c1:5b:fc:
3e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D4:95:EC:BE:98:DD:3E:DB:B3:C6:F0:DE:6F:B9:DD:EB:7C:0E:5B
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KdSV7L6Y3T7bs8bw3m-53et8Dls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.42.0/23
89.43.46.0/24
89.43.73.0/24
89.45.34.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
cb:da:65:8c:66:81:63:f7:5b:03:82:f8:8c:5d:98:02:2d:98:
43:18:26:db:fd:2e:bd:1d:28:ed:11:8f:35:d3:50:18:44:aa:
5c:5b:c5:25:b7:fc:de:d2:ee:c2:b7:ce:7d:8d:cb:56:f6:c1:
1a:dd:f8:c2:bc:a2:8c:9a:bd:44:93:f9:4e:2b:53:ac:d6:03:
84:97:26:7b:ce:87:da:21:4c:a4:54:0b:5f:a7:6f:ca:cb:4f:
77:69:8b:1f:f3:a4:78:bf:60:a2:8b:e6:3f:db:d5:49:64:33:
c7:24:6c:d2:f8:12:68:ad:7c:e2:e9:fb:50:c2:e4:12:dc:81:
93:72:0d:da:fd:e1:9a:2d:9c:f8:fe:9c:03:2e:cf:3b:d9:4b:
ca:32:c5:8d:51:e4:ec:d5:ee:0f:df:a6:57:41:74:e4:0b:e4:
9c:2f:ab:ba:57:4a:18:40:11:ee:4e:0e:e7:06:34:47:10:17:
cb:f3:ab:72:c8:ab:70:07:c8:7f:f9:4f:39:db:b8:dd:0a:42:
a7:77:46:b7:b7:70:b9:d7:4e:53:dc:85:70:58:fc:01:1e:1c:
98:30:85:f0:bd:4a:31:49:1e:5e:80:1e:fd:24:03:03:40:59:
c9:19:a5:75:41:ed:02:08:f8:27:76:d6:34:6f:12:a8:90:39:
82:fb:c0:83
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYqYRY+BH5AYW6Ye4NRhdr8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwOTE1MDk1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ0OTVlY2JlOThkZDNlZGJiM2M2ZjBkZTZmYjlkZGViN2MwZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjbLqHkpdzWWN/gOBPqGwpePvKyH
1Sjrd6Y27E7q8drWqALBV8xgjwimWIIIO7aP3AvCmRuVD/ETH7TVLFD6QONFO5Et
l4VUjg7kpkLMt48lQFtNRmmHQxgdVYds1inf8vHjjpe5YP2osooLXV5fUZ4wiOMf
VoCnBtrCcu23D9g1BLgGkigDd7jiTin/7M/CRCBHf4WhVbiXsmmTjmfNv97c/BrY
HIbIj8tTgykN+EeeMg4srePc59CZ7kMFvyzsR/+Rjd9S6ezn/e6DMziiLV6+4w64
xc+1IOd9nEIYApUwP+AWaQxaeX4e0iLThhqkakzXBGhHmI1beSLBW/w+hQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFCnUley+mN0+27PG8N5vud3rfA5bMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS2RTVjdMNlkzVDdiczhidzNtLTUzZXQ4RGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQAVcx9
AwQAVcx/AwQAVmpQAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQBWSsq
AwQAWSsuAwQAWStJAwQAWS0iAwQAXXGeAwQAXXI3AwQAXXJjAwQAXXKrAwQAXXK7
AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcNAQEL
BQADggEBAMvaZYxmgWP3WwOC+IxdmAItmEMYJtv9Lr0dKO0RjzXTUBhEqlxbxSW3
/N7S7sK3zn2Ny1b2wRrd+MK8ooyavUST+U4rU6zWA4SXJnvOh9ohTKRUC1+nb8rL
T3dpix/zpHi/YKKL5j/b1UlkM8ckbNL4EmitfOLp+1DC5BLcgZNyDdr94ZotnPj+
nAMuzzvZS8oyxY1R5OzV7g/fpldBdOQL5Jwvq7pXShhAEe5ODucGNEcQF8vzq3LI
q3AHyH/5TznbuN0KQqd3Rre3cLnXTlPchXBY/AEeHJgwhfC9SjFJHl6AHv0kAwNA
WckZpXVB7QII+Cd21jRvEqiQOYL7wIM=
-----END CERTIFICATE-----
Generated at Tue Oct 10 19:18:31 2023 by rpki-client on console-ams.rpki-client.org