Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa
File: saOWjrpF-cVtw5V6VAPlgAqzVz8.roa (raw, json)
Hash identifier: 3dHk9rLNrXZkgLOG9UV/WjcINM52PF+V9BDGXIx62wE=
Subject key identifier: B1:A3:96:8E:BA:45:F9:C5:6D:C3:95:7A:54:03:E5:80:0A:B3:57:3F
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018B1F2A6C02F95D07069DCD5D3D943A2679
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa
Signing time: Wed 11 Oct 2023 14:35:55 +0000
ROA not before: Wed 11 Oct 2023 14:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:2a:6c:02:f9:5d:07:06:9d:cd:5d:3d:94:3a:26:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Oct 11 14:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1a3968eba45f9c56dc3957a5403e5800ab3573f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:19:17:f6:cf:c5:b2:02:87:37:de:f9:c5:
44:12:14:e4:a2:c4:6f:bc:e0:d5:03:f5:1f:96:45:
a1:63:fe:90:83:20:8b:f4:3f:19:a8:92:08:bc:3f:
78:88:7a:af:c3:e8:6d:80:99:d1:41:e7:4a:8b:4d:
42:a0:1c:31:19:88:ba:69:a4:f4:9d:71:7b:7a:8a:
bc:6b:f4:b7:16:73:35:18:e0:ee:c6:88:fb:9c:9e:
b6:f9:6d:e0:ee:03:94:49:bc:af:e8:21:e4:15:fa:
56:1d:7e:a2:c7:29:7d:7a:c5:62:a5:6c:56:5b:36:
3f:4a:fb:c1:fe:7c:28:ff:72:a4:0b:c5:19:05:d4:
00:b9:c4:a3:da:f6:5b:ad:e6:d1:6d:21:b5:84:16:
c1:1c:db:7e:a5:87:ae:1a:0a:4d:e1:f9:3e:5d:d7:
d2:d0:19:76:f8:7a:70:04:af:07:9b:65:0a:8a:44:
6d:4d:64:71:99:3e:c7:65:b6:57:ec:c4:fe:e6:96:
18:14:a6:45:21:21:65:ac:51:57:4c:53:0c:d3:48:
2b:fb:74:9b:14:23:7e:1c:92:1b:14:0b:e6:9a:cd:
73:17:c2:ae:d6:08:06:9d:e2:06:3c:31:fe:26:25:
46:d2:e3:07:62:9b:9e:f9:ad:9f:51:f0:ad:2d:ac:
44:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:96:8E:BA:45:F9:C5:6D:C3:95:7A:54:03:E5:80:0A:B3:57:3F
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/saOWjrpF-cVtw5V6VAPlgAqzVz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.0.0-86.104.2.255
86.104.212.0/23
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:33:5e:59:ad:6a:f2:7a:2f:21:91:e8:f5:5d:31:29:83:14:
83:4c:b1:6e:ec:95:64:4a:a1:c0:32:94:fe:c0:73:8f:7f:e8:
40:7c:dd:13:47:ba:11:26:5f:2a:21:20:22:71:1b:da:de:49:
e8:ba:88:b2:49:a5:54:87:c7:a0:8d:43:fb:4b:c3:d8:05:c1:
85:f6:33:57:7e:a2:8a:1c:03:28:63:51:f4:54:97:ff:7d:30:
35:15:e0:65:f6:6d:e0:43:94:20:27:45:78:a0:2c:96:00:8f:
e9:5a:8f:ea:2f:07:4b:23:13:f1:16:ee:55:d7:f8:a0:aa:78:
e9:75:25:73:a3:93:9b:b5:45:82:e8:f5:59:88:c2:59:11:12:
4a:66:59:5e:ff:6c:94:7e:46:06:af:2b:27:38:82:a7:04:cb:
23:19:57:0e:0a:83:3b:73:02:88:d2:50:cd:ed:23:83:0a:96:
e8:16:31:a9:7e:7a:35:93:3d:99:1c:fd:76:64:e6:6b:ee:c8:
b7:c8:3e:16:11:f9:19:79:7b:a9:1f:76:fb:2b:c7:93:ef:fe:
d0:8f:89:50:a4:39:17:79:cc:5f:d7:e1:3d:61:fc:e9:1d:f6:
6f:82:15:6b:04:2e:96:1b:39:12:99:af:e7:13:20:c3:e9:25:
c9:5c:be:b3
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYsfKmwC+V0HBp3NXT2UOiZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMxMDExMTQzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzOTY4ZWJhNDVmOWM1NmRjMzk1N2E1NDAzZTU4MDBhYjM1NzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOcZF/bPxbIChzfe+cVEEhTkosRv
vODVA/UflkWhY/6QgyCL9D8ZqJIIvD94iHqvw+htgJnRQedKi01CoBwxGYi6aaT0
nXF7eoq8a/S3FnM1GODuxoj7nJ62+W3g7gOUSbyv6CHkFfpWHX6ixyl9esVipWxW
WzY/SvvB/nwo/3KkC8UZBdQAucSj2vZbrebRbSG1hBbBHNt+pYeuGgpN4fk+XdfS
0Bl2+HpwBK8Hm2UKikRtTWRxmT7HZbZX7MT+5pYYFKZFISFlrFFXTFMM00gr+3Sb
FCN+HJIbFAvmms1zF8Ku1ggGneIGPDH+JiVG0uMHYpue+a2fUfCtLaxE/QIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFLGjlo66RfnFbcOVelQD5YAKs1c/MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvc2FPV2pycEYtY1Z0dzVWNlZBUGxnQXF6Vno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAEwazAMAwQALmax
AwQCLmawAwQBTVFaMAsDAwNWaAMEAFZoAgMEAVZo1AMEAFZqdDAMAwQAWSVdAwQA
WSVeAwQAWSkbAwQAWSqaAwQAXXd9AwQAsN+gAwQBvNDcAwQAvNDfAwQBvNF8AwQA
wR7/MA0GCSqGSIb3DQEBCwUAA4IBAQCbM15ZrWryei8hkej1XTEpgxSDTLFu7JVk
SqHAMpT+wHOPf+hAfN0TR7oRJl8qISAicRva3knouoiySaVUh8egjUP7S8PYBcGF
9jNXfqKKHAMoY1H0VJf/fTA1FeBl9m3gQ5QgJ0V4oCyWAI/pWo/qLwdLIxPxFu5V
1/igqnjpdSVzo5ObtUWC6PVZiMJZERJKZlle/2yUfkYGrysnOIKnBMsjGVcOCoM7
cwKI0lDN7SODCpboFjGpfno1kz2ZHP12ZOZr7si3yD4WEfkZeXupH3b7K8eT7/7Q
j4lQpDkXecxf1+E9YfzpHfZvghVrBC6WGzkSma/nEyDD6SXJXL6z
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:51 2024 by rpki-client on console-fra.rpki-client.org