Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rJo0pEks2fjez4ld-kl2QV1qyd0.roa
File: rJo0pEks2fjez4ld-kl2QV1qyd0.roa (raw, json)
Hash identifier: a3/FgaRsLQoQJGvrOAbsxf96xeuygO5B6CGJbwaa2rs=
Subject key identifier: AC:9A:34:A4:49:2C:D9:F8:DE:CF:89:5D:FA:49:76:41:5D:6A:C9:DD
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018A1BFE9964DD2C32BC5C8358881A7A1AC6
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rJo0pEks2fjez4ld-kl2QV1qyd0.roa
Signing time: Tue 22 Aug 2023 06:46:24 +0000
ROA not before: Tue 22 Aug 2023 06:46:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 188.208.48.0/24 maxlen: 24
188.208.48.0/23 maxlen: 24
188.208.49.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
89.35.90.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
89.40.207.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1b:fe:99:64:dd:2c:32:bc:5c:83:58:88:1a:7a:1a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Aug 22 06:46:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac9a34a4492cd9f8decf895dfa4976415d6ac9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a5:f0:49:cf:30:3c:c7:11:84:1e:e3:ab:76:
b2:fd:dd:f7:de:01:9e:03:1d:a5:e5:e4:d4:a3:ec:
6e:2f:2a:7d:c0:97:e8:3c:9d:76:57:98:ca:d4:42:
d5:0a:f8:0e:5f:98:8a:42:1a:3e:1e:fc:60:29:12:
0c:a0:01:97:96:75:44:f6:77:28:c2:59:36:5c:6d:
ef:32:f0:ef:e3:2a:12:33:ea:78:41:26:99:dc:0b:
3a:41:85:f0:a4:18:7f:17:d5:1b:cd:b4:1f:d2:82:
40:c3:e5:90:a6:5f:78:cf:c8:d8:a3:8b:db:d6:f6:
67:24:08:71:92:ce:fd:5b:33:25:40:8f:32:b8:ed:
b2:04:34:4d:1c:33:11:95:a3:10:22:39:18:30:bd:
1c:7c:e7:d6:4f:2d:68:b0:1f:1f:fa:40:db:e8:3a:
52:69:15:bb:c3:b4:2d:b7:7c:de:59:34:16:0e:bb:
c7:d7:e6:5a:f1:a5:b6:66:8e:6e:23:a6:46:fb:09:
8e:31:72:eb:d4:11:91:ec:8e:62:25:f9:4a:67:cb:
aa:58:27:db:8f:52:5e:ed:05:87:f2:fd:a5:19:aa:
e8:fb:00:6d:ab:65:5b:f9:47:af:27:b3:1f:22:94:
27:a0:06:6b:9d:b9:7f:3d:55:14:e6:b6:29:c5:e1:
ea:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9A:34:A4:49:2C:D9:F8:DE:CF:89:5D:FA:49:76:41:5D:6A:C9:DD
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/rJo0pEks2fjez4ld-kl2QV1qyd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.0.0-86.104.2.255
86.104.212.0/23
86.106.116.0/24
89.35.90.0/24
89.37.93.0-89.37.94.255
89.39.69.0/24
89.40.207.0/24
89.41.27.0/24
89.42.154.0/24
93.114.51.0/24
93.119.125.0/24
176.223.160.0/24
188.208.48.0/23
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
95:cc:c7:6b:e8:55:3d:7e:8a:d5:1d:92:11:e2:5d:4b:91:3b:
c7:53:ec:a9:0b:e8:f2:3f:3c:c8:e7:de:78:4a:f4:07:75:1d:
fe:92:f2:5c:0a:0c:a1:ae:7c:6f:ef:0d:b2:10:0b:7c:e2:8b:
ff:86:bc:9e:c0:41:72:fc:36:51:ba:d8:67:2d:c2:00:8e:e5:
c2:db:0a:6a:a2:60:bd:9e:a8:4c:19:db:2c:bf:23:b3:5f:f9:
ac:f9:b4:f2:9d:71:79:58:aa:3e:11:16:8e:4d:8a:64:4e:1d:
ab:99:36:8a:7c:a1:b9:f2:62:47:d4:bc:37:aa:ca:bf:69:01:
97:35:5d:b2:00:8d:57:16:b9:dd:41:dc:c4:dc:75:4d:99:89:
c6:a4:91:eb:9e:84:f3:b5:09:e5:21:f5:f0:9d:ce:fc:ec:48:
1f:f0:db:4e:05:1a:6c:64:62:6a:35:12:89:07:14:f9:68:50:
c9:f0:b8:ae:cf:3b:c2:98:17:f8:32:f6:81:30:9c:92:cb:42:
68:04:79:38:8b:92:2b:40:68:1e:e8:3c:b3:2b:33:7d:dd:2c:
81:15:0c:9a:00:09:d8:ac:e6:8d:92:6f:30:cb:74:c9:8b:ee:
a4:2b:a8:a7:10:b1:1f:b3:2a:c6:70:d7:71:a4:f3:19:19:cd:
53:be:7f:a5
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYob/plk3SwyvFyDWIgaehrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwODIyMDY0NjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzlhMzRhNDQ5MmNkOWY4ZGVjZjg5NWRmYTQ5NzY0MTVkNmFjOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKXwSc8wPMcRhB7jq3ay/d333gGe
Ax2l5eTUo+xuLyp9wJfoPJ12V5jK1ELVCvgOX5iKQho+HvxgKRIMoAGXlnVE9nco
wlk2XG3vMvDv4yoSM+p4QSaZ3As6QYXwpBh/F9UbzbQf0oJAw+WQpl94z8jYo4vb
1vZnJAhxks79WzMlQI8yuO2yBDRNHDMRlaMQIjkYML0cfOfWTy1osB8f+kDb6DpS
aRW7w7Qtt3zeWTQWDrvH1+Za8aW2Zo5uI6ZG+wmOMXLr1BGR7I5iJflKZ8uqWCfb
j1Je7QWH8v2lGaro+wBtq2Vb+UevJ7MfIpQnoAZrnbl/PVUU5rYpxeHqdwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFKyaNKRJLNn43s+JXfpJdkFdasndMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvckpvMHBFa3MyZmplejRsZC1rbDJRVjFxeWQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzCBkAQCAAEwgYkwDAME
AC5msQMEAi5msAMEAU1RWjALAwMDVmgDBABWaAIDBAFWaNQDBABWanQDBABZI1ow
DAMEAFklXQMEAFklXgMEAFknRQMEAFkozwMEAFkpGwMEAFkqmgMEAF1yMwMEAF13
fQMEALDfoAMEAbzQMAMEAbzQ3AMEALzQ3wMEAbzRfAMEAMEe/zANBgkqhkiG9w0B
AQsFAAOCAQEAlczHa+hVPX6K1R2SEeJdS5E7x1PsqQvo8j88yOfeeEr0B3Ud/pLy
XAoMoa58b+8NshALfOKL/4a8nsBBcvw2UbrYZy3CAI7lwtsKaqJgvZ6oTBnbLL8j
s1/5rPm08p1xeViqPhEWjk2KZE4dq5k2inyhufJiR9S8N6rKv2kBlzVdsgCNVxa5
3UHcxNx1TZmJxqSR656E87UJ5SH18J3O/OxIH/DbTgUabGRiajUSiQcU+WhQyfC4
rs87wpgX+DL2gTCckstCaAR5OIuSK0BoHug8syszfd0sgRUMmgAJ2KzmjZJvMMt0
yYvupCuopxCxH7MqxnDXcaTzGRnNU75/pQ==
-----END CERTIFICATE-----
Generated at Wed Oct 11 14:17:40 2023 by rpki-client on console-fra.rpki-client.org