Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BhyDQTVRGB6VzbuRrQsrlQjtMHI.roa
File: BhyDQTVRGB6VzbuRrQsrlQjtMHI.roa (raw, json)
Hash identifier: /GQjZ3BQqfdU9E28IfoUJcSsO7iY06FsBovCY8xZqek=
Subject key identifier: 06:1C:83:41:35:51:18:1E:95:CD:BB:91:AD:0B:2B:95:08:ED:30:72
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A3C473ECFA599390142EC8E0E3E2480FD
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BhyDQTVRGB6VzbuRrQsrlQjtMHI.roa
Signing time: Mon 28 Aug 2023 13:13:36 +0000
ROA not before: Mon 28 Aug 2023 13:13:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.225.0/24 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.224.0/22 maxlen: 22
89.34.226.0/24 maxlen: 24
89.34.228.0/23 maxlen: 23
89.34.227.0/24 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.229.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Aug 2023 15:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:47:3e:cf:a5:99:39:01:42:ec:8e:0e:3e:24:80:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 28 13:13:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=061c83413551181e95cdbb91ad0b2b9508ed3072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:17:40:33:14:72:a4:d7:29:c7:57:23:65:50:
a9:30:d9:a6:63:9e:5b:8f:cd:9c:0f:d9:b6:cc:a5:
85:c5:39:2f:ed:7b:eb:f5:da:29:11:9e:33:7e:ef:
53:4a:3b:e7:b6:09:ac:b7:0d:49:64:34:93:f9:eb:
69:a9:04:99:bf:80:c6:41:e6:18:59:04:45:58:a6:
61:78:a3:b5:3f:7d:1d:21:94:e9:e9:83:27:00:c5:
e8:e1:8f:90:09:c1:c6:c9:8d:66:dd:80:e0:40:48:
03:13:e4:c8:8c:04:75:ef:d5:69:ab:00:5e:01:ae:
83:e7:62:40:be:16:20:a7:a8:26:d4:7b:8c:92:13:
d3:60:fd:b5:10:58:cc:e6:f2:aa:29:21:b9:bc:2f:
4b:a2:3c:5b:a5:0c:6c:c8:08:f0:15:4a:f0:f3:a1:
05:bd:b0:f0:21:ff:0b:15:4f:78:39:62:ae:f1:ea:
78:a2:33:99:af:91:ee:3b:ef:9a:a1:7d:40:e0:73:
99:a3:1f:10:ac:58:f9:23:b2:fc:5e:4f:00:06:af:
aa:10:89:33:53:18:41:9b:8f:83:5c:76:21:ac:10:
ba:92:71:cc:69:33:05:2c:af:ec:56:37:dd:63:4b:
53:8b:19:67:67:d0:75:a7:29:18:f8:02:d9:3b:7b:
d2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1C:83:41:35:51:18:1E:95:CD:BB:91:AD:0B:2B:95:08:ED:30:72
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/BhyDQTVRGB6VzbuRrQsrlQjtMHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
4b:95:b8:e7:15:30:97:d9:c0:63:65:f7:55:82:1c:62:75:95:
dc:8d:ac:fc:73:ca:2d:82:bd:b8:28:b1:65:96:cc:28:fe:99:
11:8a:09:e6:6d:f2:be:ef:c3:1e:cc:8d:8c:60:27:23:89:64:
21:32:a5:35:cc:14:37:e1:f6:d5:8a:0e:90:18:30:ab:a7:f5:
f2:4f:68:ad:c2:12:9b:78:58:95:03:e2:67:aa:00:a5:45:c2:
94:3d:82:0b:a1:05:f4:b0:46:85:73:f9:f8:e2:2b:f4:63:8b:
05:49:db:e0:61:be:a8:7c:94:ab:d7:bf:8b:98:1f:02:d7:b6:
8b:c0:e4:5f:ca:27:b9:c7:9a:29:79:7c:eb:4a:d5:fb:3a:5c:
cb:dd:dc:8e:ea:44:c3:6a:ce:65:80:a1:88:2c:85:d0:43:ca:
21:e3:5a:83:a1:c6:b2:af:b2:aa:b4:76:3a:7a:bb:f9:8b:11:
32:9e:44:fe:c9:39:b8:fb:80:a2:85:70:a6:61:fb:b1:41:e1:
9e:99:27:2d:25:a5:80:25:f3:a1:28:41:2b:09:d5:7b:74:9c:
ba:96:f4:83:0e:fc:a3:38:df:1c:9b:66:63:0f:c4:f8:ff:3b:
b1:85:85:c3:93:99:8b:a1:d9:58:9d:20:71:d7:11:0c:8a:e0:
14:18:9f:e8
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYo8Rz7PpZk5AULsjg4+JID9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODI4MTMxMzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFjODM0MTM1NTExODFlOTVjZGJiOTFhZDBiMmI5NTA4ZWQzMDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBdAMxRypNcpx1cjZVCpMNmmY55b
j82cD9m2zKWFxTkv7Xvr9dopEZ4zfu9TSjvntgmstw1JZDST+etpqQSZv4DGQeYY
WQRFWKZheKO1P30dIZTp6YMnAMXo4Y+QCcHGyY1m3YDgQEgDE+TIjAR179VpqwBe
Aa6D52JAvhYgp6gm1HuMkhPTYP21EFjM5vKqKSG5vC9LojxbpQxsyAjwFUrw86EF
vbDwIf8LFU94OWKu8ep4ojOZr5HuO++aoX1A4HOZox8QrFj5I7L8Xk8ABq+qEIkz
UxhBm4+DXHYhrBC6knHMaTMFLK/sVjfdY0tTixlnZ9B1pykY+ALZO3vSEQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAYcg0E1URgelc27ka0LK5UI7TByMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQmh5RFFUVlJHQjZWemJ1UnJRc3JsUWp0TUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAFkhDQME
AFkiGwMEA1ki4AMEAFkjngMEAVklxAMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAME
AFkuAwMEBVkvYAMEA11xsAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjAN
BAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAS5W45xUwl9nAY2X3VYIc
YnWV3I2s/HPKLYK9uCixZZbMKP6ZEYoJ5m3yvu/DHsyNjGAnI4lkITKlNcwUN+H2
1YoOkBgwq6f18k9orcISm3hYlQPiZ6oApUXClD2CC6EF9LBGhXP5+OIr9GOLBUnb
4GG+qHyUq9e/i5gfAte2i8DkX8onuceaKXl860rV+zpcy93cjupEw2rOZYChiCyF
0EPKIeNag6HGsq+yqrR2Onq7+YsRMp5E/sk5uPuAooVwpmH7sUHhnpknLSWlgCXz
oShBKwnVe3Scupb0gw78ozjfHJtmYw/E+P87sYWFw5OZi6HZWJ0gcdcRDIrgFBif
6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:18 2024 by rpki-client on console-fra.rpki-client.org