Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1o4Jj2u-6Bk2jY2nyb-HnJDC7Fc.roa
File: 1o4Jj2u-6Bk2jY2nyb-HnJDC7Fc.roa (raw, json)
Hash identifier: /gX5Rv7P/xeUokxQ0yklwocGBgskOFHGkgZFFq/ktzs=
Subject key identifier: D6:8E:09:8F:6B:BE:E8:19:36:8D:8D:A7:C9:BF:87:9C:90:C2:EC:57
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B60AE469AA5AAD7779F0F0AC2F9925E44
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1o4Jj2u-6Bk2jY2nyb-HnJDC7Fc.roa
Signing time: Tue 24 Oct 2023 07:55:15 +0000
ROA not before: Tue 24 Oct 2023 07:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Oct 2023 10:43:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:ae:46:9a:a5:aa:d7:77:9f:0f:0a:c2:f9:92:5e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 24 07:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d68e098f6bbee819368d8da7c9bf879c90c2ec57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:86:04:be:ba:30:b3:20:c1:2f:d5:d4:c3:ab:
ba:f8:e0:10:32:f2:4a:b4:9d:70:1a:9b:07:fd:71:
0e:d5:3d:60:39:29:6f:c8:e7:86:53:5d:12:78:bb:
c7:51:84:72:fb:b3:36:e7:5f:29:4f:07:0d:a4:12:
a2:d3:d7:15:d7:cf:93:e1:cb:db:d8:f1:2c:3d:89:
26:a3:e7:5f:7d:a0:d2:63:55:32:ab:e5:54:cc:af:
da:aa:64:38:0c:9e:f4:64:e8:87:5c:04:39:f4:ca:
b6:c9:88:46:9c:56:ac:d0:24:f7:30:2f:a0:bd:37:
d2:5f:58:7e:be:e3:8e:9f:5f:34:55:38:97:dd:61:
6f:fa:2a:30:58:e7:6d:c4:3f:50:25:9b:6e:52:b1:
9c:9a:41:46:64:6d:ec:17:86:e1:88:b2:fe:4a:f4:
7e:15:9e:1a:60:e9:b8:64:94:34:da:92:10:e5:10:
43:2b:4d:e9:75:4f:ad:2c:4a:48:22:3f:28:a3:99:
70:d2:f3:63:59:a6:fe:45:74:5a:15:9e:cd:58:1a:
da:0c:d3:fb:bb:a9:e5:e7:cf:26:84:c3:ad:fa:b1:
b1:9d:8f:1b:32:bd:f9:48:41:be:41:2d:b7:56:7e:
96:3d:5f:20:fc:0d:3c:c8:9e:b4:3f:8b:b8:a9:bd:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:8E:09:8F:6B:BE:E8:19:36:8D:8D:A7:C9:BF:87:9C:90:C2:EC:57
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1o4Jj2u-6Bk2jY2nyb-HnJDC7Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.181.0/24
93.113.183.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
67:26:d0:d3:71:f6:3b:2e:c1:9f:78:2b:ba:6d:ce:d1:22:d5:
d4:1e:74:31:3d:35:87:b4:86:cf:df:21:76:b6:64:cf:ef:62:
5e:a8:e9:12:b7:26:5a:71:a1:76:3a:6d:53:97:07:81:95:dd:
10:02:d4:e5:e4:3e:0d:63:63:55:a7:c4:ea:f7:17:ec:e6:33:
cc:59:43:af:5a:d7:21:94:e2:a2:b2:e9:80:43:f4:13:e2:8d:
97:9e:36:0f:0b:64:14:70:56:44:06:a8:e9:57:01:b1:69:be:
68:1a:34:25:24:9f:1d:c7:9e:77:5f:73:b6:d8:40:ab:dd:09:
8d:74:4a:db:c0:a2:af:47:6b:95:61:c5:8a:ee:83:16:1d:0b:
8d:01:32:96:67:2d:24:61:bf:d2:9f:e1:60:bf:a4:0b:85:a4:
03:81:a5:19:ad:6e:22:c5:06:e8:9b:b4:fa:5c:d8:37:b0:b5:
30:ad:2f:42:f6:56:18:de:43:7d:2e:eb:d1:65:82:f6:54:6e:
b1:af:15:e3:9a:83:aa:2b:c0:9f:5d:d7:64:5b:ee:39:f6:81:
77:a7:95:1f:ee:b6:53:68:eb:b0:b9:54:73:9f:2d:f7:ab:c6:
fe:9f:da:54:63:62:7d:71:aa:b2:3a:bc:1d:4a:95:93:f1:2b:
ec:1d:2c:e4
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYtgrkaaparXd58PCsL5kl5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI0MDc1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjhlMDk4ZjZiYmVlODE5MzY4ZDhkYTdjOWJmODc5YzkwYzJlYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4YEvrowsyDBL9XUw6u6+OAQMvJK
tJ1wGpsH/XEO1T1gOSlvyOeGU10SeLvHUYRy+7M2518pTwcNpBKi09cV18+T4cvb
2PEsPYkmo+dffaDSY1Uyq+VUzK/aqmQ4DJ70ZOiHXAQ59Mq2yYhGnFas0CT3MC+g
vTfSX1h+vuOOn180VTiX3WFv+iowWOdtxD9QJZtuUrGcmkFGZG3sF4bhiLL+SvR+
FZ4aYOm4ZJQ02pIQ5RBDK03pdU+tLEpIIj8oo5lw0vNjWab+RXRaFZ7NWBraDNP7
u6nl588mhMOt+rGxnY8bMr35SEG+QS23Vn6WPV8g/A08yJ60P4u4qb0bzQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFNaOCY9rvugZNo2Np8m/h5yQwuxXMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMW80SmoydS02QmsyalkybnliLUhuSkRDN0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAMEAFkuAwME
BVkvYAMEAF1xtQMEAF1xtwMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjAN
BAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAZybQ03H2Oy7Bn3grum3O
0SLV1B50MT01h7SGz98hdrZkz+9iXqjpErcmWnGhdjptU5cHgZXdEALU5eQ+DWNj
VafE6vcX7OYzzFlDr1rXIZTiorLpgEP0E+KNl542DwtkFHBWRAao6VcBsWm+aBo0
JSSfHceed19ztthAq90JjXRK28Cir0drlWHFiu6DFh0LjQEylmctJGG/0p/hYL+k
C4WkA4GlGa1uIsUG6Ju0+lzYN7C1MK0vQvZWGN5DfS7r0WWC9lRusa8V45qDqivA
n13XZFvuOfaBd6eVH+62U2jrsLlUc58t96vG/p/aVGNifXGqsjq8HUqVk/Er7B0s
5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org