Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-x2FK8t0j77eZhtERSuo6h9N96I.roa
File: 1-x2FK8t0j77eZhtERSuo6h9N96I.roa (raw, json)
Hash identifier: AP4ARPVPW91vF1roI5/kg1/TYxv/IegCtqoqrPyAgDQ=
Subject key identifier: FB:1D:85:2B:CB:74:8F:BE:DE:66:1B:44:45:2B:A8:EA:1F:4D:F7:A2
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B8A7A0CD1095C6E24740FCDE1CF1456A9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-x2FK8t0j77eZhtERSuo6h9N96I.roa
Signing time: Wed 01 Nov 2023 10:42:16 +0000
ROA not before: Wed 01 Nov 2023 10:42:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 93.114.194.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.211.233.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 Nov 2023 17:10:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:7a:0c:d1:09:5c:6e:24:74:0f:cd:e1:cf:14:56:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 1 10:42:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb1d852bcb748fbede661b44452ba8ea1f4df7a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:f6:f9:ba:84:80:29:f0:d0:f8:79:6c:52:
dd:4e:ed:a3:bb:d9:dd:bb:18:6b:6c:72:be:c9:78:
61:10:53:f9:cf:18:2c:a5:4f:17:1a:20:68:5e:a2:
c6:dd:ad:b1:5c:1a:ac:98:2e:95:29:41:33:47:83:
58:95:f8:0b:9b:2c:d0:6c:ab:31:f1:0d:5f:4f:eb:
8b:4e:a5:35:ac:51:bd:5d:c8:12:8f:ba:7d:95:2d:
3d:09:13:e8:da:5b:f2:3b:ae:0d:3e:1c:b0:9b:55:
d6:4a:a2:95:7d:1a:b7:0e:61:2b:9e:b9:58:52:3a:
3a:2f:a5:fc:4a:c8:3c:30:bb:5e:dc:8b:4b:46:2b:
52:17:12:a3:bc:f6:42:ad:d2:96:dd:a5:3f:4f:59:
b4:74:5d:9d:a4:8e:39:05:cf:dd:af:22:51:f7:07:
75:cb:d3:57:c5:30:17:0b:82:bd:17:a5:89:30:62:
34:67:2c:f3:13:0c:e3:7f:25:2c:e2:c1:57:eb:c0:
b4:d8:82:1b:cb:18:9a:55:24:32:8c:58:35:40:c6:
8b:83:93:37:bd:fa:b1:eb:82:e9:b9:b2:5d:f4:a4:
ea:0a:2c:50:02:ca:8c:f7:8b:5b:c7:b7:f5:6d:4a:
65:9d:c4:55:72:3c:66:69:b1:42:44:f8:a4:ce:04:
f2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:1D:85:2B:CB:74:8F:BE:DE:66:1B:44:45:2B:A8:EA:1F:4D:F7:A2
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-x2FK8t0j77eZhtERSuo6h9N96I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.211.233.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
85:a0:4d:19:f8:8d:5c:cf:e2:c0:d4:e3:05:e3:78:4c:f3:87:
e4:1b:8f:73:aa:e0:07:16:49:47:a8:db:f4:ac:72:ec:3a:4f:
3e:ef:10:02:40:82:22:f3:0b:80:43:6f:e0:7a:18:85:18:94:
e3:d1:7c:21:41:f0:56:7c:5e:ee:ba:30:f2:fe:fb:08:4a:04:
89:d6:94:01:27:9e:a1:9f:5c:c6:ea:b4:ba:3e:d3:a1:e9:de:
29:81:55:64:42:09:6b:9b:80:a2:4e:2a:4e:c2:ae:2d:c0:ec:
2d:0c:18:09:82:97:9f:a5:c5:f2:ac:61:1f:51:6c:ef:9e:6d:
eb:b7:5b:29:40:a5:1b:09:78:fe:0e:4f:62:fe:4b:c6:fd:c1:
88:26:09:75:ef:32:2e:a0:1b:1c:fa:6d:12:49:e1:0b:ab:16:
84:b6:93:23:b4:ba:77:4d:6f:ec:0a:c6:0d:e8:91:e6:12:46:
a9:8f:0b:db:c0:05:c8:9b:66:2d:3b:34:a4:00:ce:15:41:ef:
87:3b:31:c1:4d:30:7a:8b:32:c1:32:87:1b:70:12:70:08:4e:
9a:21:8c:eb:14:2a:cc:e8:db:8f:fd:f8:a2:d6:4b:67:e3:e7:
c6:a8:e0:2c:fc:6f:40:f6:c4:cf:5d:b1:18:a0:f1:9e:b4:44:
94:c0:9d:59
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYuKegzRCVxuJHQPzeHPFFapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTAxMTA0MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjFkODUyYmNiNzQ4ZmJlZGU2NjFiNDQ0NTJiYThlYTFmNGRmN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgX2+bqEgCnw0Ph5bFLdTu2ju9nd
uxhrbHK+yXhhEFP5zxgspU8XGiBoXqLG3a2xXBqsmC6VKUEzR4NYlfgLmyzQbKsx
8Q1fT+uLTqU1rFG9XcgSj7p9lS09CRPo2lvyO64NPhywm1XWSqKVfRq3DmErnrlY
Ujo6L6X8Ssg8MLte3ItLRitSFxKjvPZCrdKW3aU/T1m0dF2dpI45Bc/dryJR9wd1
y9NXxTAXC4K9F6WJMGI0ZyzzEwzjfyUs4sFX68C02IIbyxiaVSQyjFg1QMaLg5M3
vfqx64LpubJd9KTqCixQAsqM94tbx7f1bUplncRVcjxmabFCRPikzgTyMQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPsdhSvLdI++3mYbREUrqOofTfeiMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS14MkZLOHQwajc3ZVpodEVSU3VvNmg5Tjk2SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAVZrsgME
AFkiGwMEAVkkXgMEAVkptAMEAF1ywgMEALllawMEALzT6QMEAbzx2jANBgkqhkiG
9w0BAQsFAAOCAQEAhaBNGfiNXM/iwNTjBeN4TPOH5BuPc6rgBxZJR6jb9Kxy7DpP
Pu8QAkCCIvMLgENv4HoYhRiU49F8IUHwVnxe7row8v77CEoEidaUASeeoZ9cxuq0
uj7ToeneKYFVZEIJa5uAok4qTsKuLcDsLQwYCYKXn6XF8qxhH1Fs755t67dbKUCl
Gwl4/g5PYv5Lxv3BiCYJde8yLqAbHPptEknhC6sWhLaTI7S6d01v7ArGDeiR5hJG
qY8L28AFyJtmLTs0pADOFUHvhzsxwU0weosywTKHG3AScAhOmiGM6xQqzOjbj/34
otZLZ+PnxqjgLPxvQPbEz12xGKDxnrRElMCdWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org