Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/EkZrRleYTLS0CBu9BM0SFlBTJMg.roa
File: EkZrRleYTLS0CBu9BM0SFlBTJMg.roa (raw, json)
Hash identifier: HAQJnrzGnv16kzNy4qAubgkcbu64elLJP9qDjV0QUdY=
Subject key identifier: 12:46:6B:46:57:98:4C:B4:B4:08:1B:BD:04:CD:12:16:50:53:24:C8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B6148178C38E090D0639E01C8135A38AE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/EkZrRleYTLS0CBu9BM0SFlBTJMg.roa
Signing time: Tue 24 Oct 2023 10:43:16 +0000
ROA not before: Tue 24 Oct 2023 10:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:48:17:8c:38:e0:90:d0:63:9e:01:c8:13:5a:38:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 24 10:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12466b4657984cb4b4081bbd04cd1216505324c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:88:ed:48:d6:df:35:e2:ae:13:c0:cd:e8:45:
eb:4a:a4:db:02:86:e8:c8:23:14:45:c6:94:fc:b6:
e5:3d:fa:20:15:c6:15:06:4c:b0:f0:62:8b:ca:fe:
0a:05:a5:5f:0e:41:08:03:ec:97:41:0e:e5:ff:d3:
c1:80:e7:a6:26:97:b6:ea:eb:a4:cb:0f:70:10:ce:
45:5a:6f:d7:48:a5:05:9a:dd:22:4e:8f:89:ca:b6:
90:e0:fb:52:98:63:85:0a:9a:d4:b8:c2:6d:8d:c9:
16:64:03:ca:d4:29:ae:81:e2:7c:05:46:4a:9e:a1:
c8:53:1a:70:56:50:3a:34:b4:f8:ed:e1:09:1e:90:
0c:9a:d0:7c:d0:2d:fb:d6:b4:4e:60:b7:a0:55:55:
40:26:6f:03:6a:cf:5e:65:0a:f7:ed:2c:8d:51:54:
72:2e:00:76:b4:3a:de:af:05:5f:9d:c1:a9:cb:7b:
6e:c9:11:a9:d8:f5:53:7b:41:68:e3:39:b7:6d:b3:
b1:c9:46:9a:08:3b:47:2f:f7:6b:20:75:02:20:d8:
8f:26:ab:5b:48:32:89:af:98:0a:e5:83:cb:86:8e:
e2:91:32:8a:62:18:07:33:b5:c6:8a:8c:f7:56:6a:
e3:0d:9a:fb:85:55:4c:9d:22:ce:d9:f7:b2:74:2b:
23:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:46:6B:46:57:98:4C:B4:B4:08:1B:BD:04:CD:12:16:50:53:24:C8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/EkZrRleYTLS0CBu9BM0SFlBTJMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.181.0/24
93.113.183.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.218.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
2e:1d:14:e8:ce:06:db:55:d8:fb:8c:ad:78:86:95:ce:2b:e1:
bf:ef:54:ed:98:c2:51:c6:12:2c:40:f5:a2:97:5f:ed:64:5b:
bb:1b:53:a2:8a:50:d0:64:dc:75:0e:62:2e:3a:73:65:3e:71:
50:91:e4:87:c5:79:f9:e8:7c:8f:83:0e:d4:b0:7c:97:9b:90:
dc:78:3e:45:85:64:a3:93:33:24:9c:02:79:cf:75:f0:e3:1e:
f2:8a:94:5f:cb:29:1c:39:6a:dd:23:cc:66:94:56:49:ff:68:
21:7b:82:1b:79:85:7d:77:f8:6e:b2:01:62:fe:17:30:2f:6f:
95:e6:63:dd:d6:9a:b7:cd:de:bc:3e:26:32:c1:27:da:c5:a7:
90:43:5a:6f:da:a5:1f:10:b5:46:07:35:02:a4:46:02:b4:86:
a8:96:7c:b2:14:ea:a7:1f:27:97:e8:23:7b:f5:8e:97:0d:fb:
e6:d3:c4:f6:0c:b3:90:d2:be:98:48:52:b8:84:f2:47:67:23:
0d:23:f5:5b:41:ff:f2:26:e7:4e:b1:e7:3f:1d:41:00:9f:f1:
54:10:f5:a0:c3:32:1d:4d:ef:5b:42:74:1d:c7:cc:00:82:f6:
87:7d:27:8f:70:07:a3:c7:87:c3:f3:e5:ad:8d:03:a9:d6:2d:
34:2c:63:e4
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYthSBeMOOCQ0GOeAcgTWjiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI0MTA0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjQ2NmI0NjU3OTg0Y2I0YjQwODFiYmQwNGNkMTIxNjUwNTMyNGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYjtSNbfNeKuE8DN6EXrSqTbAobo
yCMURcaU/LblPfogFcYVBkyw8GKLyv4KBaVfDkEIA+yXQQ7l/9PBgOemJpe26uuk
yw9wEM5FWm/XSKUFmt0iTo+JyraQ4PtSmGOFCprUuMJtjckWZAPK1CmugeJ8BUZK
nqHIUxpwVlA6NLT47eEJHpAMmtB80C371rROYLegVVVAJm8Das9eZQr37SyNUVRy
LgB2tDrerwVfncGpy3tuyRGp2PVTe0Fo4zm3bbOxyUaaCDtHL/drIHUCINiPJqtb
SDKJr5gK5YPLho7ikTKKYhgHM7XGioz3VmrjDZr7hVVMnSLO2feydCsjbQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFBJGa0ZXmEy0tAgbvQTNEhZQUyTIMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRWtaclJsZVlUTFMwQ0J1OUJNMFNGbEJUSk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQAWSIb
AwQAWSLkAwQBWSLmAwQAWSOeAwQAWSdvAwQAWShDAwQCWSuMAwQAWS2kAwQAWS4D
AwQFWS9gAwQAXXG1AwQAXXG3AwQAXXHMAwQAXXJPAwQAXXLCAwQAvPHaAwQCwRPA
AwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEBCwUAA4IBAQAuHRTozgbb
Vdj7jK14hpXOK+G/71TtmMJRxhIsQPWil1/tZFu7G1OiilDQZNx1DmIuOnNlPnFQ
keSHxXn56HyPgw7UsHyXm5DceD5FhWSjkzMknAJ5z3Xw4x7yipRfyykcOWrdI8xm
lFZJ/2ghe4IbeYV9d/husgFi/hcwL2+V5mPd1pq3zd68PiYywSfaxaeQQ1pv2qUf
ELVGBzUCpEYCtIaolnyyFOqnHyeX6CN79Y6XDfvm08T2DLOQ0r6YSFK4hPJHZyMN
I/VbQf/yJudOsec/HUEAn/FUEPWgwzIdTe9bQnQdx8wAgvaHfSePcAejx4fD8+Wt
jQOp1i00LGPk
-----END CERTIFICATE-----
Generated at Tue Oct 24 13:12:12 2023 by rpki-client on console-fra.rpki-client.org