Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GYkKjdr_4JXvNdLUzBmgpzVHvyY.roa
File: GYkKjdr_4JXvNdLUzBmgpzVHvyY.roa (raw, json)
Hash identifier: EaKvzyCJ8mackDhM0BBPUcAX3EqQFKcwyDs1CQIfzG0=
Subject key identifier: 19:89:0A:8D:DA:FF:E0:95:EF:35:D2:D4:CC:19:A0:A7:35:47:BF:26
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D6FBD0A7704F90B474823E484FF560F64
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GYkKjdr_4JXvNdLUzBmgpzVHvyY.roa
Signing time: Sat 03 Feb 2024 16:11:16 +0000
ROA not before: Sat 03 Feb 2024 16:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 09:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6f:bd:0a:77:04:f9:0b:47:48:23:e4:84:ff:56:0f:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 3 16:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=19890a8ddaffe095ef35d2d4cc19a0a73547bf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7d:eb:76:50:ba:20:1b:1f:e5:b7:6c:8c:69:
70:ca:74:82:12:bb:50:41:69:54:8d:cf:2c:48:06:
a4:5f:94:06:f6:e1:c4:aa:f9:ed:1d:51:25:6a:24:
b0:30:3b:f0:ac:c3:9e:b0:a9:49:65:3c:f7:e4:ae:
42:17:ff:7c:39:59:40:2e:13:1f:03:c5:9b:f4:19:
d9:4e:21:b9:9e:9d:37:66:6e:8a:eb:71:13:b7:76:
5b:73:ce:6e:95:1e:f9:40:f0:ab:32:ee:da:0e:ae:
cd:15:dc:5c:c0:00:bc:b4:6d:03:e3:3b:27:bc:96:
1b:20:53:58:1a:07:01:97:14:87:0a:2b:52:73:ea:
a9:c1:5c:67:61:ae:be:8a:0a:f1:8f:87:98:9c:74:
3e:07:1f:21:d9:ab:b9:6e:73:80:55:8c:fd:b2:be:
66:86:54:21:2e:57:6f:bc:8a:8b:be:7c:67:dd:9b:
81:04:03:15:c0:4f:8c:7a:d4:af:2b:f4:47:fa:66:
ee:6e:a0:19:4f:b5:e1:1f:aa:a6:d7:8f:5b:51:24:
a4:8d:3d:77:d4:f4:37:ad:9e:93:e7:31:92:9a:db:
06:d7:30:90:f6:35:cf:cd:91:22:89:fb:d9:5b:14:
17:61:c6:69:d5:02:86:5b:b0:77:4e:ee:2c:f9:f8:
29:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:89:0A:8D:DA:FF:E0:95:EF:35:D2:D4:CC:19:A0:A7:35:47:BF:26
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GYkKjdr_4JXvNdLUzBmgpzVHvyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.86.0/24
89.42.95.0/24
89.42.143.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.47.115.0/24
89.47.119.0/24
89.47.125.0/24
89.47.127.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
42:58:a0:be:f8:b7:f4:72:f9:04:f4:d5:0c:46:5c:b5:20:d2:
95:57:4c:a0:cc:34:a9:c3:e6:e2:e9:23:4d:be:b3:07:50:59:
91:f0:38:8d:04:0d:d6:c9:92:c5:20:0b:cc:cf:81:54:05:67:
2b:f6:33:c6:c5:16:8e:4e:2e:13:b3:db:f4:c6:c9:32:c3:c7:
53:f6:fb:b0:90:d4:d1:7f:b5:ca:a4:2e:e2:e4:6f:5c:69:80:
bf:3f:1d:db:4d:ae:c2:93:cb:dc:68:70:17:48:db:96:15:17:
16:b7:3a:5b:a0:9b:38:ba:c1:50:1a:36:bc:f3:65:05:33:21:
58:d7:33:16:d0:e1:3e:4f:24:dc:df:99:47:75:93:21:4a:f5:
3e:da:b7:03:cb:39:37:de:b3:14:48:c2:9d:83:bd:65:43:cd:
b0:b2:e2:35:fa:44:1b:6b:28:47:41:39:fe:02:19:df:41:8c:
17:74:e3:aa:25:74:f7:44:b5:e7:8b:fe:37:c3:1d:17:81:37:
79:4d:84:a8:3a:d0:67:bd:25:3d:3e:29:b2:8c:13:e5:71:cf:
7e:03:21:8a:08:31:28:f1:dc:ea:01:ea:02:27:c7:e5:64:a2:
8e:8b:d7:0a:6d:bc:da:0a:a8:2e:0d:22:b5:3e:08:3b:4f:02:
c0:8f:be:32
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY1vvQp3BPkLR0gj5IT/Vg9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAzMTYxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg5MGE4ZGRhZmZlMDk1ZWYzNWQyZDRjYzE5YTBhNzM1NDdiZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn3rdlC6IBsf5bdsjGlwynSCErtQ
QWlUjc8sSAakX5QG9uHEqvntHVElaiSwMDvwrMOesKlJZTz35K5CF/98OVlALhMf
A8Wb9BnZTiG5np03Zm6K63ETt3Zbc85ulR75QPCrMu7aDq7NFdxcwAC8tG0D4zsn
vJYbIFNYGgcBlxSHCitSc+qpwVxnYa6+igrxj4eYnHQ+Bx8h2au5bnOAVYz9sr5m
hlQhLldvvIqLvnxn3ZuBBAMVwE+MetSvK/RH+mbubqAZT7XhH6qm149bUSSkjT13
1PQ3rZ6T5zGSmtsG1zCQ9jXPzZEiifvZWxQXYcZp1QKGW7B3Tu4s+fgptwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBmJCo3a/+CV7zXS1MwZoKc1R78mMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvR1lrS2pkcl80Slh2TmRMVXpCbWdwelZIdnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBWSLgAwQA
WSLkAwQAWSLnAwQAWSpRAwQAWSpWAwQAWSpfAwQAWSqPAwQAWSuMAwQAWSuPAwQA
WS4AAwQAWS9zAwQAWS93AwQAWS99AwQAWS9/AwQAXXG1MA0GCSqGSIb3DQEBCwUA
A4IBAQBCWKC++Lf0cvkE9NUMRly1INKVV0ygzDSpw+bi6SNNvrMHUFmR8DiNBA3W
yZLFIAvMz4FUBWcr9jPGxRaOTi4Ts9v0xskyw8dT9vuwkNTRf7XKpC7i5G9caYC/
Px3bTa7Ck8vcaHAXSNuWFRcWtzpboJs4usFQGja882UFMyFY1zMW0OE+TyTc35lH
dZMhSvU+2rcDyzk33rMUSMKdg71lQ82wsuI1+kQbayhHQTn+AhnfQYwXdOOqJXT3
RLXni/43wx0XgTd5TYSoOtBnvSU9PimyjBPlcc9+AyGKCDEo8dzqAeoCJ8flZKKO
i9cKbbzaCqguDSK1Pgg7TwLAj74y
-----END CERTIFICATE-----
Generated at Mon Feb 5 11:49:38 2024 by rpki-client on console-fra.rpki-client.org