Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OlZOb2yU2iHm30CyZ0zghR7c2SE.roa
File: OlZOb2yU2iHm30CyZ0zghR7c2SE.roa (raw, json)
Hash identifier: HqX3fiFBdwY7R+eCnx+SNOkEjoCamSpxKh1nS3ke6Fc=
Subject key identifier: 3A:56:4E:6F:6C:94:DA:21:E6:DF:40:B2:67:4C:E0:85:1E:DC:D9:21
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BF700B8A796FF54CD094D4B5F6F9D4D2E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OlZOb2yU2iHm30CyZ0zghR7c2SE.roa
Signing time: Wed 22 Nov 2023 12:28:21 +0000
ROA not before: Wed 22 Nov 2023 12:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.225.0/24 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.116.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 Nov 2023 14:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:00:b8:a7:96:ff:54:cd:09:4d:4b:5f:6f:9d:4d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 22 12:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a564e6f6c94da21e6df40b2674ce0851edcd921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:91:b8:aa:83:25:e8:b8:82:3b:d1:25:33:d9:
27:6c:5f:db:b7:25:e5:6c:90:92:1d:65:b3:bd:1e:
05:53:7a:e4:78:8f:8a:a4:46:9e:d1:e5:b1:69:65:
c1:9c:2c:52:29:96:c2:51:53:46:4c:6c:9d:61:0c:
f9:90:97:37:5b:b0:12:8b:b2:ed:17:31:76:38:35:
3e:c9:ed:9d:e4:86:ac:38:a2:ab:02:fe:a9:c0:07:
fd:ed:19:35:42:66:06:37:01:51:bd:a0:34:75:f6:
05:3f:28:2a:b2:26:35:f6:2f:89:3c:cf:8c:7a:e7:
a5:a6:45:6d:d5:60:9d:0c:aa:c9:d8:b1:db:6e:8b:
31:4e:79:f9:0b:f4:3b:3f:f7:5e:8f:5c:cf:0a:a0:
f1:d9:0c:68:a6:34:e9:c8:20:9c:ee:ca:2e:82:8c:
05:df:2a:66:1c:01:c6:e4:2c:58:74:0b:5e:53:22:
f4:9d:0f:10:9a:ce:aa:52:5d:36:fa:26:5d:8c:53:
ce:cd:4d:2e:07:49:e8:2d:1f:57:86:74:c3:b7:e5:
a4:6c:0c:43:7f:48:4c:28:ce:5e:33:82:ee:47:d6:
5b:ec:49:b5:b4:ed:94:c2:2d:da:0c:cb:14:18:6c:
34:30:87:0f:f1:f7:1e:72:04:cf:56:d3:27:0d:68:
a2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:56:4E:6F:6C:94:DA:21:E6:DF:40:B2:67:4C:E0:85:1E:DC:D9:21
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OlZOb2yU2iHm30CyZ0zghR7c2SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.224.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
34:49:a9:e1:07:a8:ab:00:61:91:c0:65:30:27:54:15:58:d1:
10:52:99:11:c7:e3:d7:d1:b2:5d:f2:b9:d2:ac:f3:3b:39:72:
12:b1:2d:e0:ca:45:9c:7b:78:00:c7:ea:48:52:52:25:59:db:
c8:4a:a8:96:c2:19:12:89:74:44:0b:06:99:3f:60:ad:49:b1:
88:d4:3d:f9:92:8a:77:bc:ee:2e:6f:04:20:fb:e5:de:42:90:
0c:2f:61:29:61:4b:b8:70:b7:6c:03:14:91:45:e0:d1:e1:50:
c3:5c:48:fd:64:83:ee:1b:3e:90:66:a0:13:0e:07:d4:be:f4:
56:06:c2:3f:6c:75:97:c6:3e:4e:f7:ab:37:9e:47:55:9c:2f:
92:02:a6:ca:e1:05:49:72:d4:e5:af:5a:73:cd:21:09:ec:d6:
db:e6:a7:b2:91:6f:28:b4:fd:55:31:18:e4:7a:6a:7d:78:dc:
22:5b:da:ca:6b:df:a5:bc:35:95:a1:be:24:5d:a8:f4:7c:c4:
da:4c:0a:5c:13:c9:40:4d:7f:e7:b8:6b:9c:11:d4:d1:c0:b8:
9c:dd:f0:d4:7b:f1:12:9e:b4:72:41:c0:2e:cf:5f:33:b7:6e:
68:f2:2a:d7:3a:32:1c:1e:02:a1:a3:88:f3:7f:e1:3b:5f:f0:
63:66:8a:10
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYv3ALinlv9UzQlNS19vnU0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIyMTIyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU2NGU2ZjZjOTRkYTIxZTZkZjQwYjI2NzRjZTA4NTFlZGNkOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipG4qoMl6LiCO9ElM9knbF/btyXl
bJCSHWWzvR4FU3rkeI+KpEae0eWxaWXBnCxSKZbCUVNGTGydYQz5kJc3W7ASi7Lt
FzF2ODU+ye2d5IasOKKrAv6pwAf97Rk1QmYGNwFRvaA0dfYFPygqsiY19i+JPM+M
euelpkVt1WCdDKrJ2LHbbosxTnn5C/Q7P/dej1zPCqDx2QxopjTpyCCc7sougowF
3ypmHAHG5CxYdAteUyL0nQ8Qms6qUl02+iZdjFPOzU0uB0noLR9XhnTDt+WkbAxD
f0hMKM5eM4LuR9Zb7Em1tO2Uwi3aDMsUGGw0MIcP8fcecgTPVtMnDWiiswIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDpWTm9slNoh5t9AsmdM4IUe3NkhMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT2xaT2IyeVUyaUhtMzBDeVowemdoUjdjMlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAWSIbAwQB
WSLgAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQAXXJPAwQA
XXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEBCwUAA4IB
AQA0SanhB6irAGGRwGUwJ1QVWNEQUpkRx+PX0bJd8rnSrPM7OXISsS3gykWce3gA
x+pIUlIlWdvISqiWwhkSiXRECwaZP2CtSbGI1D35kop3vO4ubwQg++XeQpAML2Ep
YUu4cLdsAxSRReDR4VDDXEj9ZIPuGz6QZqATDgfUvvRWBsI/bHWXxj5O96s3nkdV
nC+SAqbK4QVJctTlr1pzzSEJ7Nbb5qeykW8otP1VMRjkemp9eNwiW9rKa9+lvDWV
ob4kXaj0fMTaTApcE8lATX/nuGucEdTRwLic3fDUe/ESnrRyQcAuz18zt25o8irX
OjIcHgKho4jzf+E7X/BjZooQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org