Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xWdvsXoHGjlj8xjE7Z7e4WLGONY.roa
File: xWdvsXoHGjlj8xjE7Z7e4WLGONY.roa (raw, json)
Hash identifier: 3eiUteHXj4iMvD1URa9Q16QeC+sTDEEknsPoclT9L3M=
Subject key identifier: C5:67:6F:B1:7A:07:1A:39:63:F3:18:C4:ED:9E:DE:E1:62:C6:38:D6
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0189DA0CC862033798382C1094581E0E952B
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xWdvsXoHGjlj8xjE7Z7e4WLGONY.roa
Signing time: Wed 09 Aug 2023 11:26:58 +0000
ROA not before: Wed 09 Aug 2023 11:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.1.0/24 maxlen: 24
86.104.0.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:0c:c8:62:03:37:98:38:2c:10:94:58:1e:0e:95:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Aug 9 11:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5676fb17a071a3963f318c4ed9edee162c638d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:04:59:de:83:82:fd:77:51:aa:1b:be:36:
ea:24:9c:39:6c:f4:47:36:2b:c0:1f:18:42:21:73:
ea:14:02:02:13:f8:2c:75:28:7f:8d:70:19:81:26:
03:c4:86:95:de:0f:5c:a6:6d:29:e9:00:6f:34:df:
b4:89:f7:ca:c7:a4:23:4d:dc:25:92:ef:db:81:ef:
80:12:19:5d:aa:6a:57:9f:9c:ba:6c:b1:88:2e:f0:
4e:ed:4a:7e:d5:41:7a:4d:55:d5:3e:d6:dd:df:47:
46:26:b5:44:e9:da:30:a4:eb:a5:1b:e6:f3:8b:dc:
07:f1:3f:0c:e5:76:5e:07:59:bf:25:1a:a1:af:d6:
42:2f:99:92:74:eb:a5:cb:b1:54:98:bc:7b:1c:f3:
bb:f7:13:b9:24:2f:23:f6:74:a9:e6:c8:18:bc:b1:
40:06:f0:5c:59:54:67:e1:3d:4d:2e:91:bf:20:35:
cd:00:b1:9a:a8:61:fe:41:f0:ac:71:84:bf:a6:ed:
fa:a7:62:46:fd:ca:58:d7:0d:93:52:c3:75:b9:3a:
9f:39:08:e7:ed:78:e9:b1:6a:6c:5d:7d:e6:45:53:
7f:2d:38:9b:df:c6:25:46:28:24:a0:52:cc:ba:ac:
2c:54:ec:c3:04:4c:44:38:16:cc:ae:72:d9:f1:02:
35:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:67:6F:B1:7A:07:1A:39:63:F3:18:C4:ED:9E:DE:E1:62:C6:38:D6
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xWdvsXoHGjlj8xjE7Z7e4WLGONY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.0.0-86.104.2.255
86.104.212.0/23
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:31:e6:dd:ba:bd:f5:f0:9a:c6:bd:d1:a4:fb:d9:13:70:ee:
cd:29:70:da:61:ff:0f:71:34:b7:95:f0:ba:96:47:dc:31:9d:
68:31:a4:6c:aa:c0:55:07:45:57:e3:0d:f2:ea:d0:d6:0c:d3:
b2:7f:7d:95:d3:ca:83:62:41:74:78:0f:4c:06:db:64:85:a9:
8c:4d:e8:16:94:45:32:05:22:a3:d0:e3:34:5f:01:8a:a5:dc:
9b:27:97:88:53:dc:46:49:3c:f7:60:20:59:39:bc:30:07:4c:
02:be:e0:00:84:10:4e:d7:3e:33:d8:5f:2e:b6:06:7a:91:29:
5e:b7:ac:54:e4:80:37:32:83:d5:d7:25:33:7a:da:13:5b:ac:
b9:ca:7d:b5:a7:33:c5:f6:d2:de:a7:49:0b:05:76:09:99:16:
9f:18:89:d9:75:fb:bc:1c:d7:59:ce:29:b4:3b:4f:33:f8:a5:
33:db:3a:74:1d:cd:ed:c3:13:e7:00:ca:28:c7:a5:37:77:80:
c1:3f:40:d1:a8:54:22:7b:c4:67:29:46:4a:dd:91:fd:63:27:
72:ee:4b:94:ba:3b:26:6d:a7:3f:55:0d:90:43:7e:72:b2:8b:
3b:94:12:be:07:70:fe:e2:d6:4a:be:42:03:9f:c1:2d:65:b2:
36:e3:ce:42
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYnaDMhiAzeYOCwQlFgeDpUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjMwODA5MTEyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY3NmZiMTdhMDcxYTM5NjNmMzE4YzRlZDllZGVlMTYyYzYzOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr4EWd6Dgv13UaobvjbqJJw5bPRH
NivAHxhCIXPqFAICE/gsdSh/jXAZgSYDxIaV3g9cpm0p6QBvNN+0iffKx6QjTdwl
ku/bge+AEhldqmpXn5y6bLGILvBO7Up+1UF6TVXVPtbd30dGJrVE6dowpOulG+bz
i9wH8T8M5XZeB1m/JRqhr9ZCL5mSdOuly7FUmLx7HPO79xO5JC8j9nSp5sgYvLFA
BvBcWVRn4T1NLpG/IDXNALGaqGH+QfCscYS/pu36p2JG/cpY1w2TUsN1uTqfOQjn
7XjpsWpsXX3mRVN/LTib38YlRigkoFLMuqwsVOzDBExEOBbMrnLZ8QI13wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFMVnb7F6Bxo5Y/MYxO2e3uFixjjWMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEveFdkdnNYb0hHamxqOHhqRTdaN2U0V0xHT05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwcQQCAAEwazAMAwQALmax
AwQCLmawAwQBTVFaMAsDAwNWaAMEAFZoAgMEAVZo1AMEAFZqdDAMAwQAWSVdAwQA
WSVeAwQAWSkbAwQAWSqaAwQAXXd9AwQAsN+gAwQBvNDcAwQAvNDfAwQBvNF8AwQA
wR7/MA0GCSqGSIb3DQEBCwUAA4IBAQBrMebdur318JrGvdGk+9kTcO7NKXDaYf8P
cTS3lfC6lkfcMZ1oMaRsqsBVB0VX4w3y6tDWDNOyf32V08qDYkF0eA9MBttkhamM
TegWlEUyBSKj0OM0XwGKpdybJ5eIU9xGSTz3YCBZObwwB0wCvuAAhBBO1z4z2F8u
tgZ6kSlet6xU5IA3MoPV1yUzetoTW6y5yn21pzPF9tLep0kLBXYJmRafGInZdfu8
HNdZzim0O08z+KUz2zp0Hc3twxPnAMoox6U3d4DBP0DRqFQie8RnKUZK3ZH9Yydy
7kuUujsmbac/VQ2QQ35ysos7lBK+B3D+4tZKvkIDn8EtZbI2485C
-----END CERTIFICATE-----
Generated at Thu Aug 17 17:36:49 2023 by rpki-client on console-fra.rpki-client.org