Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8DaI1PL4FY5fQ8rlv138kcHslmM.roa
File: 8DaI1PL4FY5fQ8rlv138kcHslmM.roa (raw, json)
Hash identifier: EKLJMBRgnXu6cmTRwYWjZ4doCprFeDxLKOXqNQOM3X4=
Subject key identifier: F0:36:88:D4:F2:F8:15:8E:5F:43:CA:E5:BF:5D:FC:91:C1:EC:96:63
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B6B80A9F8DF3244EA84FAF7C270F4E23B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8DaI1PL4FY5fQ8rlv138kcHslmM.roa
Signing time: Thu 26 Oct 2023 10:21:16 +0000
ROA not before: Thu 26 Oct 2023 10:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:80:a9:f8:df:32:44:ea:84:fa:f7:c2:70:f4:e2:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 26 10:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f03688d4f2f8158e5f43cae5bf5dfc91c1ec9663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:32:45:51:30:46:f4:a8:07:80:06:0b:cb:
9e:01:c9:05:c6:c9:67:66:60:19:67:b2:2e:5d:2c:
a1:bf:07:bb:ad:3f:bc:7d:47:b9:b4:29:89:38:e1:
ea:60:b4:fc:a4:e3:19:31:3b:4e:ed:77:09:96:95:
e2:04:91:ca:79:25:d7:5f:6b:60:86:bf:ed:bc:ab:
70:cc:e7:ad:8e:0c:7c:a1:87:a2:10:5d:6b:ef:ab:
ff:81:af:1c:36:3c:57:52:13:e6:ce:5d:57:86:da:
88:ce:06:f1:b6:8a:ca:05:bf:b2:6e:4b:68:92:d8:
29:71:b3:53:08:a5:d2:39:cc:f8:4d:bc:1e:3d:1b:
49:14:5c:df:59:55:7b:93:9b:0a:50:ec:eb:dc:ee:
b2:57:6c:cd:5c:46:03:30:dd:d7:11:74:b1:f1:5c:
5e:c7:1b:93:4a:61:3f:92:1e:5b:83:38:dc:0f:45:
9e:9a:b3:db:e4:dc:7a:1f:a1:9f:e5:ad:db:15:30:
aa:a5:66:b2:4e:07:d6:2a:56:f6:ac:d4:c4:56:8c:
1e:76:80:75:57:2b:cd:94:42:05:c3:e7:60:b1:cf:
c0:bb:53:aa:ec:ad:9a:1d:c8:52:cc:bd:26:4a:f4:
22:20:67:3c:0a:f3:d6:2d:02:05:52:c0:bc:7a:02:
6a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:36:88:D4:F2:F8:15:8E:5F:43:CA:E5:BF:5D:FC:91:C1:EC:96:63
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8DaI1PL4FY5fQ8rlv138kcHslmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.181.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
3f:2c:4d:1a:44:b1:4d:90:9c:31:39:a1:d9:7e:47:76:76:de:
17:ff:81:f4:91:2f:83:97:54:a6:2f:60:20:80:2c:d4:32:f3:
a0:29:a7:13:01:d9:7c:f2:61:b6:5f:c0:7c:22:49:fe:07:71:
ae:08:bd:83:b5:76:c3:f6:36:4d:d7:70:ac:05:79:3f:5b:19:
ee:dc:6c:f3:5e:cc:65:96:09:27:c0:70:dd:19:f5:77:a2:13:
5b:90:0d:78:38:c6:64:50:ec:1e:de:24:dc:62:c8:2c:9d:30:
a9:6e:22:89:99:35:7e:09:21:93:ed:11:26:21:1d:16:3d:47:
b8:dd:40:cf:c4:b7:f5:1d:d8:ee:4c:5c:20:8f:f6:b6:5f:f4:
76:bf:26:00:98:4a:bb:1e:ec:98:cc:72:f8:1e:97:43:88:93:
5c:3b:2f:44:09:91:ce:77:06:b7:8c:b6:1f:35:8a:32:54:f7:
27:f2:55:f0:2a:9f:29:63:c3:bd:33:64:74:44:dc:e0:2d:7c:
13:13:58:51:cb:b1:f4:7c:3e:05:12:e8:4f:b1:91:e5:d9:65:
99:3b:ae:11:67:b9:bb:be:cb:0b:17:b3:2d:9a:55:f8:62:e7:
6f:9c:15:48:2a:a7:ae:e1:32:af:44:be:b0:1a:5d:60:0e:47:
8d:e6:ee:5b
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYtrgKn43zJE6oT698Jw9OI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI2MTAyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDM2ODhkNGYyZjgxNThlNWY0M2NhZTViZjVkZmM5MWMxZWM5NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlIyRVEwRvSoB4AGC8ueAckFxsln
ZmAZZ7IuXSyhvwe7rT+8fUe5tCmJOOHqYLT8pOMZMTtO7XcJlpXiBJHKeSXXX2tg
hr/tvKtwzOetjgx8oYeiEF1r76v/ga8cNjxXUhPmzl1XhtqIzgbxtorKBb+ybkto
ktgpcbNTCKXSOcz4TbwePRtJFFzfWVV7k5sKUOzr3O6yV2zNXEYDMN3XEXSx8Vxe
xxuTSmE/kh5bgzjcD0WemrPb5Nx6H6Gf5a3bFTCqpWayTgfWKlb2rNTEVowedoB1
VyvNlEIFw+dgsc/Au1Oq7K2aHchSzL0mSvQiIGc8CvPWLQIFUsC8egJq2wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFPA2iNTy+BWOX0PK5b9d/JHB7JZjMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvOERhSTFQTDRGWTVmUThybHYxMzhrY0hzbG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAFkrjwMEAFktpAMEAFkuAwME
BVkvYAMEAF1xtQMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAPyxNGkSxTZCcMTmh2X5HdnbeF/+B
9JEvg5dUpi9gIIAs1DLzoCmnEwHZfPJhtl/AfCJJ/gdxrgi9g7V2w/Y2TddwrAV5
P1sZ7txs817MZZYJJ8Bw3Rn1d6ITW5ANeDjGZFDsHt4k3GLILJ0wqW4iiZk1fgkh
k+0RJiEdFj1HuN1Az8S39R3Y7kxcII/2tl/0dr8mAJhKux7smMxy+B6XQ4iTXDsv
RAmRzncGt4y2HzWKMlT3J/JV8CqfKWPDvTNkdETc4C18ExNYUcux9Hw+BRLoT7GR
5dllmTuuEWe5u77LCxezLZpV+GLnb5wVSCqnruEyr0S+sBpdYA5HjebuWw==
-----END CERTIFICATE-----
Generated at Thu Oct 26 13:30:18 2023 by rpki-client on console-ams.rpki-client.org