Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L5hW6ReoVxB8NTlaMajwuawMkRo.roa
File: L5hW6ReoVxB8NTlaMajwuawMkRo.roa (raw, json)
Hash identifier: Xr7DP18xjiBbzGALQzX357P9MLPCjPvJegS4hO1zoCk=
Subject key identifier: 2F:98:56:E9:17:A8:57:10:7C:35:39:5A:31:A8:F0:B9:AC:0C:91:1A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B6736F366AFA07B55BB024965F3BEA8E3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L5hW6ReoVxB8NTlaMajwuawMkRo.roa
Signing time: Wed 25 Oct 2023 14:22:16 +0000
ROA not before: Wed 25 Oct 2023 14:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 25 Oct 2023 15:55:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:36:f3:66:af:a0:7b:55:bb:02:49:65:f3:be:a8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 25 14:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f9856e917a857107c35395a31a8f0b9ac0c911a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5d:08:cd:ab:06:85:6a:dd:4f:3f:33:5a:c5:
90:19:02:dc:0b:3c:50:7a:ad:00:9d:50:14:e5:01:
5a:5c:c8:a7:c0:b0:52:1a:44:4f:7a:3b:85:5f:41:
d0:21:26:b8:fa:7f:bf:ef:d8:fc:28:e4:cc:1f:10:
1a:7f:88:61:a9:1a:da:c0:ee:5e:1a:dd:63:ff:3e:
3e:af:f8:e4:7f:9c:aa:2f:84:63:1b:d6:a5:5d:bf:
77:ee:a7:e0:39:29:ac:1a:ff:ed:f0:24:3d:23:3a:
76:9d:da:a1:ba:6f:eb:6c:4f:9f:e7:a0:17:53:bd:
51:87:c0:55:8c:00:0a:53:a6:61:5e:4c:84:7c:72:
cc:71:30:81:31:dc:82:ec:a3:69:e1:ee:1a:5c:33:
76:84:e3:f3:1b:8c:55:db:12:c3:e4:61:3a:fc:c7:
18:ec:25:63:27:ce:9f:c5:e1:e7:fb:fa:cd:57:15:
df:7e:b9:bd:84:77:a6:6e:3e:68:7a:cc:15:c1:7b:
d5:35:c3:2c:3e:f7:e9:03:93:ca:60:07:c5:0a:91:
1a:d6:a0:98:47:ae:fb:c6:3d:4f:ea:66:9b:07:a4:
78:d2:30:57:f1:e1:c2:6f:57:5f:00:83:cc:00:70:
db:48:ba:ae:ef:23:40:f5:8e:0e:b6:6b:ae:3b:c8:
c8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:98:56:E9:17:A8:57:10:7C:35:39:5A:31:A8:F0:B9:AC:0C:91:1A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/L5hW6ReoVxB8NTlaMajwuawMkRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.181.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
28:b3:87:65:1f:e0:3b:98:01:cd:5d:71:16:a7:7e:c1:4c:3b:
4c:53:c0:aa:4e:38:57:52:06:7c:39:9e:81:e2:5d:ba:8b:47:
82:f3:d1:23:63:1b:2e:6e:7c:84:11:a1:54:0c:f7:a7:cd:85:
46:e9:c2:df:25:da:0e:98:db:ef:54:84:a9:a6:11:be:7f:51:
f3:62:cd:ab:79:34:b2:92:f4:56:16:21:d7:2f:e4:ba:4d:7d:
2e:8c:10:4d:df:21:2a:52:cc:3a:13:28:93:1d:0e:6d:08:10:
6e:e5:af:d6:0d:27:85:fb:00:aa:f7:e5:b4:3c:87:f4:a9:ef:
51:93:2c:86:fa:cc:b2:5e:e1:0b:62:68:8c:fb:e2:e9:d5:e2:
76:11:a5:fb:83:a9:1c:43:ee:b5:99:10:3b:2d:46:85:41:d8:
73:1e:48:0c:b9:20:df:21:82:5d:92:d4:4f:41:65:39:08:d9:
c8:a3:70:f9:e3:d0:07:f9:c3:68:77:2e:c7:1a:56:06:1f:27:
2a:27:7b:1a:29:83:6f:fe:70:06:8f:91:eb:08:a2:f4:ff:4b:
b5:a3:37:3d:c5:1c:b7:55:54:2c:e2:40:66:f7:61:fc:b3:1e:
ee:19:02:a8:9b:12:8b:95:50:5b:e8:38:86:51:ec:94:4a:d0:
90:5c:0e:70
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYtnNvNmr6B7VbsCSWXzvqjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI1MTQyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk4NTZlOTE3YTg1NzEwN2MzNTM5NWEzMWE4ZjBiOWFjMGM5MTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi10IzasGhWrdTz8zWsWQGQLcCzxQ
eq0AnVAU5QFaXMinwLBSGkRPejuFX0HQISa4+n+/79j8KOTMHxAaf4hhqRrawO5e
Gt1j/z4+r/jkf5yqL4RjG9alXb937qfgOSmsGv/t8CQ9Izp2ndqhum/rbE+f56AX
U71Rh8BVjAAKU6ZhXkyEfHLMcTCBMdyC7KNp4e4aXDN2hOPzG4xV2xLD5GE6/McY
7CVjJ86fxeHn+/rNVxXffrm9hHembj5oeswVwXvVNcMsPvfpA5PKYAfFCpEa1qCY
R677xj1P6mabB6R40jBX8eHCb1dfAIPMAHDbSLqu7yNA9Y4OtmuuO8jITQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFC+YVukXqFcQfDU5WjGo8LmsDJEaMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvTDVoVzZSZW9WeEI4TlRsYU1hand1YXdNa1JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAMEAFkuAwME
BVkvYAMEAF1xtQMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAKLOHZR/gO5gBzV1xFqd+wUw7TFPA
qk44V1IGfDmegeJduotHgvPRI2MbLm58hBGhVAz3p82FRunC3yXaDpjb71SEqaYR
vn9R82LNq3k0spL0VhYh1y/kuk19LowQTd8hKlLMOhMokx0ObQgQbuWv1g0nhfsA
qvfltDyH9KnvUZMshvrMsl7hC2JojPvi6dXidhGl+4OpHEPutZkQOy1GhUHYcx5I
DLkg3yGCXZLUT0FlOQjZyKNw+ePQB/nDaHcuxxpWBh8nKid7GimDb/5wBo+R6wii
9P9LtaM3PcUct1VULOJAZvdh/LMe7hkCqJsSi5VQW+g4hlHslErQkFwOcA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org