Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-v0VqcClpVMg4vFyrRlkJY6uH8Q.roa
File: 1-v0VqcClpVMg4vFyrRlkJY6uH8Q.roa (raw, json)
Hash identifier: vSGUwuTq4mgsX5+wSEW4VBiaxOR2AMIRcKdKVA65LrM=
Subject key identifier: FA:FD:15:A9:C0:A5:A5:53:20:E2:F1:72:AD:19:64:25:8E:AE:1F:C4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D20D207A964633119FB3A90EDD4DF5229
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-v0VqcClpVMg4vFyrRlkJY6uH8Q.roa
Signing time: Fri 19 Jan 2024 08:24:11 +0000
ROA not before: Fri 19 Jan 2024 08:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 15:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:d2:07:a9:64:63:31:19:fb:3a:90:ed:d4:df:52:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 19 08:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fafd15a9c0a5a55320e2f172ad1964258eae1fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9a:f0:12:d9:7b:fe:75:36:c9:ca:9f:8a:da:
7d:29:13:81:9c:24:ca:c5:9e:bf:7b:53:dc:54:46:
8e:d4:e7:01:1b:12:de:e1:08:41:ee:eb:46:d6:62:
ad:02:55:19:02:e6:60:ef:51:c4:17:73:30:26:d7:
90:d3:5d:9d:a9:f8:96:a5:c6:27:05:30:05:78:bc:
45:29:ad:d8:5d:6a:c3:64:22:23:84:26:a4:f5:22:
bd:03:d3:e9:9b:31:f4:bb:2a:42:96:60:01:4c:6b:
58:22:14:a0:5a:cd:19:23:81:77:fa:fb:49:ec:1a:
6a:d4:97:83:6f:3a:8a:8c:81:1d:d1:98:99:5b:df:
2d:92:53:83:e0:f8:99:54:9e:88:b5:05:e4:a2:3b:
fd:1f:c6:ac:d6:7b:59:14:25:3c:75:69:c1:9b:e6:
42:09:30:bf:86:af:86:7b:d0:7b:b8:1f:bd:04:8d:
c2:e0:e9:a1:14:45:05:23:f1:e3:ed:b2:03:02:b4:
e4:fc:c1:b0:16:4d:f5:99:51:b5:58:6d:d0:a2:2c:
c0:74:44:ab:57:22:eb:9d:c8:49:8d:72:16:6c:ab:
e5:cb:cc:c2:69:3a:82:49:02:58:ca:a4:6b:3c:a8:
68:fe:90:65:a9:fe:27:2b:b2:0c:f0:d3:b6:32:68:
36:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:FD:15:A9:C0:A5:A5:53:20:E2:F1:72:AD:19:64:25:8E:AE:1F:C4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-v0VqcClpVMg4vFyrRlkJY6uH8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.95.0/24
89.43.140.0/24
89.43.143.0/24
89.47.125.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:47:e4:bc:1a:7d:16:e9:11:66:b3:6b:74:8b:12:44:5d:5b:
ba:89:12:02:2c:21:59:64:df:72:68:c2:73:2e:0c:ce:3e:58:
f0:b8:04:74:64:e0:f0:07:a9:95:45:01:de:6d:ef:78:e5:c0:
fc:87:5e:ab:b5:7f:ab:cd:73:af:35:c8:92:de:5e:6b:cf:18:
0e:46:a6:68:6f:2c:b7:5a:d4:76:83:ca:57:03:1b:71:db:85:
f7:01:7a:44:33:0c:4a:d2:e6:61:c5:e4:55:ac:bf:b1:49:f8:
bb:cf:ee:51:83:46:29:fb:b6:18:0f:03:ef:49:c5:46:ac:d3:
26:8b:4b:a2:44:98:40:f8:88:00:fa:72:ab:c8:57:ae:62:ff:
6c:99:5f:41:ff:0d:18:7e:53:c6:0e:5f:4f:ff:35:d2:cb:4a:
dc:b4:e4:8c:47:b5:c6:31:88:da:39:f1:6b:2b:64:ef:63:17:
c4:48:36:e8:fd:b5:27:38:b7:e3:69:1b:2e:ee:51:e2:39:e6:
81:6b:be:e5:42:8e:82:88:fc:1f:96:2a:da:28:d6:33:05:83:
18:9f:32:8c:7b:44:f0:dd:55:78:a5:d2:40:cb:a4:c2:56:ec:
89:33:f2:48:3f:5c:b8:73:ed:69:c8:5f:d5:b5:cd:21:32:4c:
aa:20:36:57
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY0g0gepZGMxGfs6kO3U31IpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTE5MDgyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWZkMTVhOWMwYTVhNTUzMjBlMmYxNzJhZDE5NjQyNThlYWUxZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25rwEtl7/nU2ycqfitp9KROBnCTK
xZ6/e1PcVEaO1OcBGxLe4QhB7utG1mKtAlUZAuZg71HEF3MwJteQ012dqfiWpcYn
BTAFeLxFKa3YXWrDZCIjhCak9SK9A9PpmzH0uypClmABTGtYIhSgWs0ZI4F3+vtJ
7Bpq1JeDbzqKjIEd0ZiZW98tklOD4PiZVJ6ItQXkojv9H8as1ntZFCU8dWnBm+ZC
CTC/hq+Ge9B7uB+9BI3C4OmhFEUFI/Hj7bIDArTk/MGwFk31mVG1WG3QoizAdESr
VyLrnchJjXIWbKvly8zCaTqCSQJYyqRrPKho/pBlqf4nK7IM8NO2Mmg2RQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPr9FanApaVTIOLxcq0ZZCWOrh/EMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS12MFZxY0NscFZNZzR2RnlyUmxrSlk2dUg4US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAVki4AME
AFki5AMEAFki5wMEAFkqUQMEAFkqXwMEAFkrjAMEAFkrjwMEAFkvfQMEAF1xtTAN
BgkqhkiG9w0BAQsFAAOCAQEASkfkvBp9FukRZrNrdIsSRF1buokSAiwhWWTfcmjC
cy4Mzj5Y8LgEdGTg8AeplUUB3m3veOXA/Ideq7V/q81zrzXIkt5ea88YDkamaG8s
t1rUdoPKVwMbcduF9wF6RDMMStLmYcXkVay/sUn4u8/uUYNGKfu2GA8D70nFRqzT
JotLokSYQPiIAPpyq8hXrmL/bJlfQf8NGH5Txg5fT/810stK3LTkjEe1xjGI2jnx
aytk72MXxEg26P21Jzi342kbLu5R4jnmgWu+5UKOgoj8H5Yq2ijWMwWDGJ8yjHtE
8N1VeKXSQMukwlbsiTPySD9cuHPtachf1bXNITJMqiA2Vw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org