Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6s5NaFTrnv8aUJyRAL764Xlf9IE.roa
File: 6s5NaFTrnv8aUJyRAL764Xlf9IE.roa (raw, json)
Hash identifier: irKReRfS2vzjyP8NzEivoPBz667pl9EQj3/IeM/4quY=
Subject key identifier: EA:CE:4D:68:54:EB:9E:FF:1A:50:9C:91:00:BE:FA:E1:79:5F:F4:81
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BECE1C8278D3F682B0F8806A82958C695
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6s5NaFTrnv8aUJyRAL764Xlf9IE.roa
Signing time: Mon 20 Nov 2023 13:18:21 +0000
ROA not before: Mon 20 Nov 2023 13:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.225.0/24 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
89.34.227.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.116.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:e1:c8:27:8d:3f:68:2b:0f:88:06:a8:29:58:c6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 20 13:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eace4d6854eb9eff1a509c9100befae1795ff481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6c:f4:bc:26:32:06:6a:d2:42:d7:88:dc:88:
8a:4e:b2:54:d1:90:1e:ec:47:6f:18:3f:71:c1:2b:
4b:45:21:17:eb:bf:e7:a4:2f:b4:6b:29:15:61:69:
ee:bb:59:d4:0e:76:9c:4e:ac:f4:cd:b2:17:5b:58:
79:56:3d:7c:b2:95:eb:ae:0c:0b:a2:ab:a1:1c:99:
e5:99:c4:62:03:fd:3c:3e:8e:9f:93:d6:ca:b6:08:
d6:be:7a:ed:4e:47:f0:32:c1:cc:81:32:26:5c:6a:
6a:67:10:3c:cc:e4:28:0a:ab:09:66:19:ac:a1:62:
6b:86:42:15:8a:c5:56:60:49:2d:5b:ec:67:2c:15:
f2:e1:12:69:95:ea:a1:4e:e6:d5:b6:26:05:41:2e:
08:7c:c4:fe:bf:3c:c3:49:5b:9c:ca:33:a7:c0:ff:
41:0e:9e:2c:22:4f:5e:51:c3:cb:24:0b:36:1f:41:
39:e5:b9:86:1a:7f:3d:7e:04:a4:3f:9d:98:a4:9e:
93:99:98:f0:12:c4:c2:cc:47:fb:cb:65:10:8c:15:
52:90:ac:90:e6:aa:3b:5b:9f:63:91:30:df:77:ef:
c6:b7:5e:f0:69:44:56:53:9e:8c:1a:54:5f:18:31:
b7:c7:01:0f:7e:b9:06:e9:75:98:ec:d9:b5:04:cf:
58:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CE:4D:68:54:EB:9E:FF:1A:50:9C:91:00:BE:FA:E1:79:5F:F4:81
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/6s5NaFTrnv8aUJyRAL764Xlf9IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.224.0/23
89.34.227.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
47:94:e3:3b:ea:80:a6:a7:8f:6f:8e:9d:ac:ff:32:c6:88:ee:
25:5d:0f:f4:bd:48:a8:d4:e3:ff:7d:aa:4e:1b:07:98:e9:e6:
a0:88:5c:d6:98:00:10:77:00:22:89:80:a5:0f:09:bc:37:50:
4b:a2:57:51:f1:e6:83:d6:c6:4c:7e:7f:d9:d3:55:8f:5d:de:
56:ca:64:1f:ab:2a:69:4d:cf:fc:5a:dd:94:1e:ff:13:05:1d:
1f:72:cd:30:11:25:7c:d9:5e:28:98:28:b4:ba:7f:b4:c0:8e:
aa:ce:5c:89:52:1d:27:15:0f:23:13:f3:3c:ab:27:1c:e3:ba:
57:28:12:46:d9:93:71:e1:b9:a5:8b:08:19:ee:89:67:4b:89:
d6:9c:2e:3e:a6:b2:72:eb:4b:b3:9b:af:32:ef:c4:5f:15:67:
06:7f:d6:d4:5f:dc:be:62:27:ec:70:22:cb:0a:64:e5:e2:49:
3d:01:e5:62:1f:f5:95:b5:8f:fc:7e:ad:3b:b8:51:2c:9e:af:
80:2b:86:bb:d0:55:33:7e:5b:44:3f:a3:7d:a2:bf:e3:27:7b:
ab:ed:56:62:a7:51:02:44:f4:8f:05:17:54:1b:2b:66:0e:94:
cd:24:3a:24:2b:64:25:e5:13:67:e2:51:e5:ba:4b:25:9b:e9:
8d:0a:5e:6c
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYvs4cgnjT9oKw+IBqgpWMaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIwMTMxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNlNGQ2ODU0ZWI5ZWZmMWE1MDljOTEwMGJlZmFlMTc5NWZmNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2z0vCYyBmrSQteI3IiKTrJU0ZAe
7EdvGD9xwStLRSEX67/npC+0aykVYWnuu1nUDnacTqz0zbIXW1h5Vj18spXrrgwL
oquhHJnlmcRiA/08Po6fk9bKtgjWvnrtTkfwMsHMgTImXGpqZxA8zOQoCqsJZhms
oWJrhkIVisVWYEktW+xnLBXy4RJpleqhTubVtiYFQS4IfMT+vzzDSVucyjOnwP9B
Dp4sIk9eUcPLJAs2H0E55bmGGn89fgSkP52YpJ6TmZjwEsTCzEf7y2UQjBVSkKyQ
5qo7W59jkTDfd+/Gt17waURWU56MGlRfGDG3xwEPfrkG6XWY7Nm1BM9YwQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFOrOTWhU657/GlCckQC++uF5X/SBMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNnM1TmFGVHJudjhhVUp5UkFMNzY0WGxmOUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAWSIbAwQB
WSLgAwQAWSLjAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQA
XXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEB
CwUAA4IBAQBHlOM76oCmp49vjp2s/zLGiO4lXQ/0vUio1OP/fapOGweY6eagiFzW
mAAQdwAiiYClDwm8N1BLoldR8eaD1sZMfn/Z01WPXd5WymQfqyppTc/8Wt2UHv8T
BR0fcs0wESV82V4omCi0un+0wI6qzlyJUh0nFQ8jE/M8qycc47pXKBJG2ZNx4bml
iwgZ7olnS4nWnC4+prJy60uzm68y78RfFWcGf9bUX9y+YifscCLLCmTl4kk9AeVi
H/WVtY/8fq07uFEsnq+AK4a70FUzfltEP6N9or/jJ3ur7VZip1ECRPSPBRdUGytm
DpTNJDokK2Ql5RNn4lHlukslm+mNCl5s
-----END CERTIFICATE-----
Generated at Wed Nov 22 12:23:06 2023 by rpki-client on console-ams.rpki-client.org