Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4fnppw5gGv02yFuArhym_G6OE6M.roa
File: 4fnppw5gGv02yFuArhym_G6OE6M.roa (raw, json)
Hash identifier: 6IT0/KcxU7Rmli26Rd9h26fgfdGn2WSTmXvnVF501hU=
Subject key identifier: E1:F9:E9:A7:0E:60:1A:FD:36:C8:5B:80:AE:1C:A6:FC:6E:8E:13:A3
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B8A2E0EF12A6B3F269F4AAF4B0FBE8E4D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4fnppw5gGv02yFuArhym_G6OE6M.roa
Signing time: Wed 01 Nov 2023 09:19:16 +0000
ROA not before: Wed 01 Nov 2023 09:19:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
185.101.104.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Nov 2023 14:53:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:2e:0e:f1:2a:6b:3f:26:9f:4a:af:4b:0f:be:8e:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 1 09:19:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1f9e9a70e601afd36c85b80ae1ca6fc6e8e13a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ec:73:a3:04:6d:6f:79:9b:e5:17:a8:ba:c4:
fe:5d:f7:fc:49:55:b6:f8:17:c8:f3:f0:cb:f4:2c:
58:1d:22:52:bb:05:56:bd:d1:42:8f:39:83:83:3a:
74:c2:ce:2d:ec:b1:c8:aa:bf:61:25:00:5a:ba:42:
d5:26:1a:08:da:67:4c:4a:fc:76:92:f4:e3:6e:cc:
c1:a2:fd:5e:eb:b1:a1:37:78:03:0c:cc:c9:36:03:
52:e8:08:bc:36:2f:25:1d:aa:27:92:48:f7:19:37:
74:a5:28:d8:59:92:ec:cc:00:8b:26:0d:8b:ec:48:
a8:89:e5:8d:83:12:0a:51:8b:49:15:4d:07:52:bd:
ce:81:45:26:ac:54:bf:f7:b2:99:a5:cf:7f:77:c3:
94:fe:36:ad:b6:5d:26:c3:94:ee:04:12:d3:f7:00:
b3:59:fc:43:d4:3a:40:c5:78:6c:95:86:9b:16:5b:
e5:9e:28:0f:e3:fb:31:90:fd:6a:dd:5c:f2:f4:2d:
5c:0f:d9:29:eb:3a:18:28:86:39:a2:9c:d0:1e:8e:
a4:a7:d3:a3:e5:51:2c:4a:20:0f:d2:5a:2b:48:99:
0b:01:68:9e:4d:2d:ad:02:0a:b5:45:70:42:8c:fd:
13:f4:9a:9c:ca:1d:ed:35:1c:51:cb:21:bd:2e:ea:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F9:E9:A7:0E:60:1A:FD:36:C8:5B:80:AE:1C:A6:FC:6E:8E:13:A3
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4fnppw5gGv02yFuArhym_G6OE6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/23
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
185.101.104.0/23
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
19:fb:57:f0:ad:46:16:75:13:5f:4f:17:c1:a6:51:a1:ae:60:
9c:58:1e:93:b8:f0:9c:85:2e:f0:25:4b:09:7d:d3:9c:f1:84:
08:1f:98:3b:bf:62:8f:4e:16:e3:9f:cd:9a:4a:8d:ee:cc:79:
e1:d1:a9:25:8b:d7:9d:5d:9d:95:17:17:37:18:18:78:89:74:
34:2b:df:29:7d:15:59:99:e6:31:b3:f5:e2:8d:2d:c7:87:22:
77:5e:a6:d9:76:ce:d4:a9:11:9e:48:10:e9:ce:8c:d3:21:1e:
72:b9:48:19:1c:b8:60:9b:1f:0d:40:6a:8a:8c:96:d1:2f:f2:
fa:ed:75:7b:a4:08:96:2f:83:4f:41:d4:cc:b6:4d:33:f6:15:
a0:ba:e8:69:88:48:23:fb:e1:f3:c5:a2:47:72:b2:81:f1:7e:
ac:ce:1f:59:4d:5e:08:13:55:82:17:43:8a:39:75:7b:00:f2:
26:5a:47:f4:f6:c2:d8:47:62:0e:88:e7:3c:f3:98:2c:30:15:
00:cd:8e:98:ad:db:7d:f0:52:d5:c9:ab:ff:41:8f:d1:84:16:
a7:69:c8:45:8e:ca:6e:0c:49:5f:22:8f:52:78:3b:2a:41:62:
87:1d:e0:76:b5:bd:ec:61:53:37:fe:af:0d:32:3b:81:de:a1:
33:da:a1:05
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYuKLg7xKms/Jp9Kr0sPvo5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTAxMDkxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY5ZTlhNzBlNjAxYWZkMzZjODViODBhZTFjYTZmYzZlOGUxM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiexzowRtb3mb5ReousT+Xff8SVW2
+BfI8/DL9CxYHSJSuwVWvdFCjzmDgzp0ws4t7LHIqr9hJQBaukLVJhoI2mdMSvx2
kvTjbszBov1e67GhN3gDDMzJNgNS6Ai8Ni8lHaonkkj3GTd0pSjYWZLszACLJg2L
7EioieWNgxIKUYtJFU0HUr3OgUUmrFS/97KZpc9/d8OU/jattl0mw5TuBBLT9wCz
WfxD1DpAxXhslYabFlvlnigP4/sxkP1q3Vzy9C1cD9kp6zoYKIY5opzQHo6kp9Oj
5VEsSiAP0lorSJkLAWieTS2tAgq1RXBCjP0T9Jqcyh3tNRxRyyG9LurDdwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFOH56acOYBr9NshbgK4cpvxujhOjMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNGZucHB3NWdHdjAyeUZ1QXJoeW1fRzZPRTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAVkiGgME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAFkrjwMEAFktpAMEAFkuAwME
BVkvYAMEAF1xzAMEAF1yTwMEAF1ywgMEAbllaAMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAGftX8K1GFnUTX08XwaZRoa5gnFge
k7jwnIUu8CVLCX3TnPGECB+YO79ij04W45/NmkqN7sx54dGpJYvXnV2dlRcXNxgY
eIl0NCvfKX0VWZnmMbP14o0tx4cid16m2XbO1KkRnkgQ6c6M0yEecrlIGRy4YJsf
DUBqioyW0S/y+u11e6QIli+DT0HUzLZNM/YVoLroaYhII/vh88WiR3KygfF+rM4f
WU1eCBNVghdDijl1ewDyJlpH9PbC2EdiDojnPPOYLDAVAM2OmK3bffBS1cmr/0GP
0YQWp2nIRY7KbgxJXyKPUng7KkFihx3gdrW97GFTN/6vDTI7gd6hM9qhBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org