Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9-pObC7bh7e7HxT2NY0YSpnN0tg.roa
File: 9-pObC7bh7e7HxT2NY0YSpnN0tg.roa (raw, json)
Hash identifier: BHvbSqBmRRu7rJR+QKV63NTIzJarirOJsQBaPJZ75OY=
Subject key identifier: F7:EA:4E:6C:2E:DB:87:B7:BB:1F:14:F6:35:8D:18:4A:99:CD:D2:D8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189BF12F919F9DDAA39AAC2DC28684BEDDE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9-pObC7bh7e7HxT2NY0YSpnN0tg.roa
Signing time: Fri 04 Aug 2023 05:43:58 +0000
ROA not before: Fri 04 Aug 2023 05:43:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:12:f9:19:f9:dd:aa:39:aa:c2:dc:28:68:4b:ed:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 4 05:43:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7ea4e6c2edb87b7bb1f14f6358d184a99cdd2d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b0:3a:5e:bc:12:89:60:d0:77:27:4b:7f:cd:
2e:b3:8d:bd:b8:5f:2a:e6:1a:d8:67:e2:73:b5:c1:
f1:5a:07:e8:ef:50:19:e8:71:be:ec:24:c6:04:52:
da:8f:b6:c2:2c:91:ff:10:b8:c8:a3:61:4f:57:37:
72:0e:d9:7c:1d:87:cc:26:ca:fb:01:32:68:92:4f:
cb:99:0c:64:d9:42:0d:4e:b6:65:fc:80:f3:c6:a2:
e1:1a:a7:b3:47:40:cb:ce:78:88:80:1e:0f:32:ed:
0b:24:0b:2f:d4:13:7a:96:37:50:52:d7:8b:f1:20:
f0:54:83:b4:48:0c:4e:14:c5:66:10:00:19:9b:51:
e9:69:21:bb:27:c5:88:56:79:80:71:d4:74:51:0a:
2a:f3:7b:f0:f9:a3:b3:d8:be:26:e5:d9:6b:c1:67:
96:0a:fc:71:0b:ba:d1:e9:df:70:50:e9:d7:76:86:
2b:b4:58:f6:ac:73:0a:2c:92:8d:28:4a:85:8f:37:
4f:bd:6a:6d:9b:ce:36:ae:9b:1d:18:12:fa:1e:6a:
26:02:c2:64:da:be:9e:94:6c:63:8d:7f:f6:f2:5f:
e0:40:1e:50:30:f7:d5:53:cb:4f:05:f0:9b:69:8b:
c9:5f:09:43:ac:c4:72:45:36:f0:15:ca:14:7d:f0:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:EA:4E:6C:2E:DB:87:B7:BB:1F:14:F6:35:8D:18:4A:99:CD:D2:D8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/9-pObC7bh7e7HxT2NY0YSpnN0tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
52:49:af:49:18:c8:4b:5a:8e:52:88:16:29:16:b4:45:4d:bf:
69:64:d1:af:e5:8d:60:81:b5:26:5b:9c:0f:03:97:b7:46:d8:
49:d0:83:24:9b:f0:0d:60:7a:f6:88:57:55:4a:30:1e:fe:b9:
37:c6:98:f5:60:ad:29:6f:61:0f:b1:ea:f4:3b:b8:ec:de:e9:
6d:ad:db:34:9b:43:77:41:6e:b3:c0:f9:33:66:7d:d1:3c:03:
89:2b:0d:b0:bc:ff:24:70:1b:78:2f:16:16:50:bc:09:a3:60:
f8:f1:98:bd:cd:1f:09:c3:9f:4b:90:b4:7c:cd:fe:d5:25:fc:
b7:65:db:45:ee:66:22:ab:ac:f0:04:7f:a3:43:50:2e:43:62:
5a:d0:ef:96:0a:cf:36:e9:73:35:65:0f:86:db:82:55:59:0e:
35:51:e3:00:0c:3b:0f:dc:60:91:10:c4:ce:da:89:88:2d:ee:
9e:e9:11:c1:b3:20:08:95:e8:0e:17:70:1f:88:1b:26:2a:5d:
1c:d4:37:12:78:d2:a7:c1:b1:00:57:1c:d6:3d:99:22:62:4f:
13:b3:12:03:18:18:c6:7f:48:a1:93:5b:01:0f:a1:97:15:f9:
b0:3b:0a:2d:c3:7a:ae:1d:40:15:75:3b:7e:4a:65:21:7b:01:
85:01:95:10
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYm/EvkZ+d2qOarC3ChoS+3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODA0MDU0MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2VhNGU2YzJlZGI4N2I3YmIxZjE0ZjYzNThkMTg0YTk5Y2RkMmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7A6XrwSiWDQdydLf80us429uF8q
5hrYZ+JztcHxWgfo71AZ6HG+7CTGBFLaj7bCLJH/ELjIo2FPVzdyDtl8HYfMJsr7
ATJokk/LmQxk2UINTrZl/IDzxqLhGqezR0DLzniIgB4PMu0LJAsv1BN6ljdQUteL
8SDwVIO0SAxOFMVmEAAZm1HpaSG7J8WIVnmAcdR0UQoq83vw+aOz2L4m5dlrwWeW
CvxxC7rR6d9wUOnXdoYrtFj2rHMKLJKNKEqFjzdPvWptm842rpsdGBL6HmomAsJk
2r6elGxjjX/28l/gQB5QMPfVU8tPBfCbaYvJXwlDrMRyRTbwFcoUffCsKwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPfqTmwu24e3ux8U9jWNGEqZzdLYMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvOS1wT2JDN2JoN2U3SHhUMk5ZMFlTcG5OMHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQAWSEN
AwQAWSIbAwQDWSLgAwQAWSOeAwQBWSXEAwQAWSdvAwQAWShDAwQCWSuMAwQAWS2k
MAwDBABZLgMDBABZLgQDBAVZL2ADBANdcbADBABdccwDBABdck8DBABdcsIDBALB
E8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcNAQELBQADggEBAFJJr0kY
yEtajlKIFikWtEVNv2lk0a/ljWCBtSZbnA8Dl7dG2EnQgySb8A1gevaIV1VKMB7+
uTfGmPVgrSlvYQ+x6vQ7uOze6W2t2zSbQ3dBbrPA+TNmfdE8A4krDbC8/yRwG3gv
FhZQvAmjYPjxmL3NHwnDn0uQtHzN/tUl/Ldl20XuZiKrrPAEf6NDUC5DYlrQ75YK
zzbpczVlD4bbglVZDjVR4wAMOw/cYJEQxM7aiYgt7p7pEcGzIAiV6A4XcB+IGyYq
XRzUNxJ40qfBsQBXHNY9mSJiTxOzEgMYGMZ/SKGTWwEPoZcV+bA7Ci3Deq4dQBV1
O35KZSF7AYUBlRA=
-----END CERTIFICATE-----
Generated at Mon Aug 28 08:59:43 2023 by rpki-client on console-fra.rpki-client.org