Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/XTnYHfoLHbUOI6x-vLdHuV9Qjbo.roa
File: XTnYHfoLHbUOI6x-vLdHuV9Qjbo.roa (raw, json)
Hash identifier: udKk2gSZ7JfxWYU/53ztbppi1PFN7Dn3my53m+g/SKw=
Subject key identifier: 5D:39:D8:1D:FA:0B:1D:B5:0E:23:AC:7E:BC:B7:47:B9:5F:50:8D:BA
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 01896D267B9F2008108F8B7D404BB4AB0C33
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/XTnYHfoLHbUOI6x-vLdHuV9Qjbo.roa
Signing time: Wed 19 Jul 2023 07:56:25 +0000
ROA not before: Wed 19 Jul 2023 07:56:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
188.240.70.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.211.172.0/22 maxlen: 22
188.213.88.0/21 maxlen: 21
31.14.182.0/24 maxlen: 24
31.14.180.0/23 maxlen: 23
176.223.144.0/20 maxlen: 20
194.145.194.0/23 maxlen: 23
89.32.240.0/21 maxlen: 21
86.105.232.0/24 maxlen: 24
178.239.16.0/22 maxlen: 22
89.35.76.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.35.91.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
89.33.65.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
188.212.112.0/22 maxlen: 22
89.35.163.0/24 maxlen: 24
217.148.134.0/23 maxlen: 23
188.212.157.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
89.32.171.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
93.113.72.0/21 maxlen: 21
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.182.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.35.248.0/24 maxlen: 24
2a00:bba0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Nov 2023 12:40:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6d:26:7b:9f:20:08:10:8f:8b:7d:40:4b:b4:ab:0c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Jul 19 07:56:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d39d81dfa0b1db50e23ac7ebcb747b95f508dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:75:a4:3b:43:91:cb:71:24:44:c0:de:a5:34:
24:48:a5:9b:9f:57:d7:91:d9:6c:02:af:ee:91:1f:
eb:62:7f:4d:4f:82:a5:26:17:06:9e:df:7b:e6:0f:
75:0b:80:55:e1:db:5d:33:6e:23:4c:eb:ba:eb:19:
5f:8a:34:e9:7a:08:26:c6:53:f5:e9:0a:65:71:8a:
55:f2:3d:7a:68:79:67:4c:82:98:d2:ad:ca:c9:d1:
c2:09:31:89:68:c1:2a:e9:35:ba:42:9e:95:76:6c:
a8:c6:54:67:a4:f2:96:81:6e:3a:6d:2b:91:d8:aa:
ff:e4:49:a5:e0:29:7e:e7:75:75:0c:3b:31:1d:43:
1b:b7:1d:20:cb:56:11:8d:08:00:50:f4:e6:ae:56:
30:7e:82:64:1d:d0:8c:5e:5e:e7:d8:9d:4f:81:f2:
a9:80:bd:d1:36:5b:88:b4:da:8c:5c:06:36:34:98:
4d:e6:9e:d6:88:c6:c0:c0:bf:b1:23:f1:cb:a7:b9:
f3:33:7b:e0:61:2f:ef:69:dc:1a:e1:49:91:c2:d2:
79:74:07:df:3d:95:3a:e8:e9:43:55:f7:8f:e3:91:
2f:80:31:54:89:11:18:40:11:f1:00:e7:ef:6e:01:
db:15:84:37:2f:bf:a4:96:6a:2a:d8:e0:d3:db:e4:
af:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:39:D8:1D:FA:0B:1D:B5:0E:23:AC:7E:BC:B7:47:B9:5F:50:8D:BA
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/XTnYHfoLHbUOI6x-vLdHuV9Qjbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0-31.14.182.255
37.156.69.0-37.156.70.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
178.239.16.0/22
188.211.172.0/22
188.212.112.0/22
188.212.157.0/24
188.213.86.0-188.213.95.255
188.240.70.0/24
194.145.194.0/23
217.148.134.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
14:ae:35:82:35:39:8b:77:67:90:07:88:bc:af:96:4a:e2:4c:
ad:48:87:74:4d:50:b2:1b:06:c8:60:10:de:18:84:9d:ef:dd:
1e:7b:d1:8b:fe:20:c5:9a:62:d9:c1:d9:bf:0b:df:ae:f8:ec:
13:ec:b3:ce:e8:09:0a:89:0d:81:fc:15:2b:52:13:17:2e:9a:
c6:82:94:14:47:c0:d0:af:95:d7:49:00:e5:fb:de:55:97:25:
03:fd:01:6e:db:40:e6:79:3f:0b:51:2a:60:0d:69:33:93:bf:
66:2b:19:96:9a:f2:69:69:c1:6f:57:29:96:89:f9:e3:55:4e:
a5:d3:e6:41:b2:84:62:6d:7c:5e:de:7c:57:91:13:c7:ae:2f:
e5:2a:b2:2c:f7:02:18:0a:c9:70:aa:06:1c:49:32:11:de:f3:
cd:57:6b:a9:d5:00:8a:88:58:a7:73:ce:66:c8:fc:9f:33:30:
80:69:1b:78:cb:b0:89:2f:3b:74:05:8a:b4:d8:72:99:e4:e5:
da:da:62:45:4c:89:08:c8:fa:2c:3b:d0:ba:db:8f:10:9b:c7:
ef:ef:2f:4c:61:e0:ff:3f:87:fd:86:33:06:6e:b9:f7:95:18:
68:03:94:83:fa:12:6b:b8:4f:24:d6:53:8b:0c:d9:d0:85:db:
9f:c4:71:2d
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAYltJnufIAgQj4t9QEu0qwwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjMwNzE5MDc1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM5ZDgxZGZhMGIxZGI1MGUyM2FjN2ViY2I3NDdiOTVmNTA4ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHWkO0ORy3EkRMDepTQkSKWbn1fX
kdlsAq/ukR/rYn9NT4KlJhcGnt975g91C4BV4dtdM24jTOu66xlfijTpeggmxlP1
6QplcYpV8j16aHlnTIKY0q3KydHCCTGJaMEq6TW6Qp6VdmyoxlRnpPKWgW46bSuR
2Kr/5Eml4Cl+53V1DDsxHUMbtx0gy1YRjQgAUPTmrlYwfoJkHdCMXl7n2J1PgfKp
gL3RNluItNqMXAY2NJhN5p7WiMbAwL+xI/HLp7nzM3vgYS/vadwa4UmRwtJ5dAff
PZU66OlDVfeP45EvgDFUiREYQBHxAOfvbgHbFYQ3L7+klmoq2ODT2+SvBQIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFF052B36Cx21DiOsfry3R7lfUI26MB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvWFRuWUhmb0xIYlVPSTZ4LXZMZEh1VjlRamJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCB7wQCAAEwgegw
DAMEAh8OtAMEAB8OtjAMAwQAJZxFAwQAJZxGAwQBVPcsAwQAVcxtAwQAVmkYAwQA
VmnoAwQBVmu6AwQAWSCrAwQDWSDwAwQAWSERAwQAWSEeAwQAWSFBAwQAWSMiAwQA
WSNMAwQAWSNYAwQAWSNbAwQAWSOjAwQAWSP4AwQAWSUoAwQBWS4oMAwDBARZL7AD
BABZL7IwDAMEAlkvtAMEAFkvtgMEA11xSAMEBLDfkAMEArLvEAMEArzTrAMEArzU
cAMEALzUnTAMAwQBvNVWAwQFvNVAAwQAvPBGAwQBwpHCAwQB2ZSGMA0EAgACMAcD
BQAqALugMA0GCSqGSIb3DQEBCwUAA4IBAQAUrjWCNTmLd2eQB4i8r5ZK4kytSId0
TVCyGwbIYBDeGISd790ee9GL/iDFmmLZwdm/C9+u+OwT7LPO6AkKiQ2B/BUrUhMX
LprGgpQUR8DQr5XXSQDl+95VlyUD/QFu20DmeT8LUSpgDWkzk79mKxmWmvJpacFv
VymWifnjVU6l0+ZBsoRibXxe3nxXkRPHri/lKrIs9wIYCslwqgYcSTIR3vPNV2up
1QCKiFinc85myPyfMzCAaRt4y7CJLzt0BYq02HKZ5OXa2mJFTIkIyPosO9C6248Q
m8fv7y9MYeD/P4f9hjMGbrn3lRhoA5SD+hJruE8k1lOLDNnQhdufxHEt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:10 2024 by rpki-client on console-ams.rpki-client.org