Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7YJ0kRWEZ0d6MTHOvu1BqaK5KKQ.roa
File: 7YJ0kRWEZ0d6MTHOvu1BqaK5KKQ.roa (raw, json)
Hash identifier: MiduwotCR+oKryneEHEI7RZ5hbGnLvkk7rs4/0z7g/I=
Subject key identifier: ED:82:74:91:15:84:67:47:7A:31:31:CE:BE:ED:41:A9:A2:B9:28:A4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01921E05CA138FCA5F251140C5FF3869C3F3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7YJ0kRWEZ0d6MTHOvu1BqaK5KKQ.roa
Signing time: Mon 23 Sep 2024 08:35:48 +0000
ROA not before: Mon 23 Sep 2024 08:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.72.0/21 maxlen: 21
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Oct 2024 14:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:05:ca:13:8f:ca:5f:25:11:40:c5:ff:38:69:c3:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 23 08:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed827491158467477a3131cebeed41a9a2b928a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f4:50:99:2e:da:f5:72:2f:5e:14:aa:4f:36:
8d:96:57:18:8f:a2:86:d6:a0:9d:df:e0:67:01:e1:
e9:10:7e:31:41:0b:1a:4b:d9:09:ae:42:00:b6:fd:
6c:38:78:09:cb:82:9a:00:40:04:62:1f:db:65:19:
e6:66:45:60:40:24:85:ee:df:45:b8:bc:8c:c6:19:
c0:4c:89:ff:05:fe:9b:7a:9d:84:77:2b:56:2c:e5:
bf:f1:d1:fa:be:09:fb:b8:b2:e0:66:5b:d4:25:66:
fc:51:13:9d:03:6d:64:63:3f:1c:5a:c2:f6:6c:e9:
e8:30:b5:ec:3b:1b:45:6c:8a:10:d3:69:9f:43:df:
2b:f5:f4:be:23:45:31:22:74:41:d5:53:01:2d:98:
ce:98:5a:d0:af:45:66:84:cd:98:7a:ec:c9:34:ee:
08:c7:ab:f3:7a:8e:88:2f:17:70:28:73:d8:4e:b2:
d5:e7:ff:e6:24:db:7b:fe:21:aa:0b:3d:de:97:31:
83:3e:b1:85:d8:93:60:e3:40:be:7e:a9:7f:22:16:
fc:82:dc:3f:22:05:a3:29:02:27:55:a2:28:35:ee:
4f:da:34:9d:7c:55:c1:21:d6:e8:c2:26:74:be:37:
75:bc:e4:ef:47:bc:ff:02:ff:84:80:ee:1c:3b:e0:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:82:74:91:15:84:67:47:7A:31:31:CE:BE:ED:41:A9:A2:B9:28:A4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7YJ0kRWEZ0d6MTHOvu1BqaK5KKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0-89.47.98.255
89.47.101.0-89.47.111.255
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.72.0/21
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
0d:aa:fe:c0:6b:a9:5d:84:90:07:4a:8e:2d:2f:87:ee:f9:b9:
0c:a7:c8:2b:4f:4f:87:ee:10:33:86:fd:84:d0:ed:9c:3f:79:
bf:9b:98:df:0a:b7:8c:72:5b:b4:cd:c3:6f:c5:0d:d2:79:4f:
51:09:05:86:10:12:bf:c3:ed:78:20:55:8c:a5:63:49:9e:a6:
1b:96:13:8b:31:3f:96:24:f0:03:ca:9b:4b:f9:0e:af:59:5f:
fc:c0:38:e9:45:65:03:ad:f7:f8:41:1f:ea:82:f0:8a:4a:9b:
db:b7:98:19:2d:dc:a0:40:6b:e0:f1:3e:67:c0:6b:27:18:f6:
c7:9a:a0:e0:1e:25:05:56:4f:6e:9a:73:66:74:e6:b7:32:59:
8e:95:c0:31:cf:56:5b:8b:f1:19:a8:a5:35:c1:1f:56:c1:b9:
c0:3c:d9:38:4c:c8:37:10:53:2f:2a:1b:05:0f:dd:d7:88:88:
a7:0d:a0:a3:74:13:4f:89:16:fd:7a:39:c0:97:7b:e0:0f:61:
1a:22:ad:2e:12:5f:36:8a:c1:76:2d:cf:00:c8:6b:25:88:7b:
02:f9:13:f2:c6:93:a7:85:3a:52:11:f5:e1:3f:a6:8b:0b:43:
0c:be:70:e0:93:f7:b6:14:ff:60:a5:c1:9b:e7:95:35:cb:05:
f4:df:dc:82
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZIeBcoTj8pfJRFAxf84acPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwOTIzMDgzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDgyNzQ5MTE1ODQ2NzQ3N2EzMTMxY2ViZWVkNDFhOWEyYjkyOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufRQmS7a9XIvXhSqTzaNllcYj6KG
1qCd3+BnAeHpEH4xQQsaS9kJrkIAtv1sOHgJy4KaAEAEYh/bZRnmZkVgQCSF7t9F
uLyMxhnATIn/Bf6bep2EdytWLOW/8dH6vgn7uLLgZlvUJWb8UROdA21kYz8cWsL2
bOnoMLXsOxtFbIoQ02mfQ98r9fS+I0UxInRB1VMBLZjOmFrQr0VmhM2YeuzJNO4I
x6vzeo6ILxdwKHPYTrLV5//mJNt7/iGqCz3elzGDPrGF2JNg40C+fql/Ihb8gtw/
IgWjKQInVaIoNe5P2jSdfFXBIdbowiZ0vjd1vOTvR7z/Av+EgO4cO+BAYwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFO2CdJEVhGdHejExzr7tQamiuSikMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvN1lKMGtSV0VaMGQ2TVRIT3Z1MUJxYUs1S0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzB2BAIAATBwAwQAVmpR
AwQAWSIbAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kMAwDBAVZL2ADBABZL2IwDAME
AFkvZQMEBFkvYAMEAFkveAMEAFkvegMEAF1xzAMEA11ySAMEAF1ywgMEALzxAwME
AsETwAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEADar+
wGupXYSQB0qOLS+H7vm5DKfIK09Ph+4QM4b9hNDtnD95v5uY3wq3jHJbtM3Db8UN
0nlPUQkFhhASv8PteCBVjKVjSZ6mG5YTizE/liTwA8qbS/kOr1lf/MA46UVlA633
+EEf6oLwikqb27eYGS3coEBr4PE+Z8BrJxj2x5qg4B4lBVZPbppzZnTmtzJZjpXA
Mc9WW4vxGailNcEfVsG5wDzZOEzINxBTLyobBQ/d14iIpw2go3QTT4kW/Xo5wJd7
4A9hGiKtLhJfNorBdi3PAMhrJYh7AvkT8saTp4U6UhH14T+miwtDDL5w4JP3thT/
YKXBm+eVNcsF9N/cgg==
-----END CERTIFICATE-----
Generated at Wed Oct 2 17:42:42 2024 by rpki-client on console-fra.rpki-client.org