Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PKgCQ-K6sVRMMMh42aE9oyIHNNk.roa
File: PKgCQ-K6sVRMMMh42aE9oyIHNNk.roa (raw, json)
Hash identifier: IlOejU34g9wVyS05l3wPCbelUz6VU7Uzq9M3Lv8quNs=
Subject key identifier: 3C:A8:02:43:E2:BA:B1:54:4C:30:C8:78:D9:A1:3D:A3:22:07:34:D9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B692CA8A6085019F73B0BEB8ACBD3DA0E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PKgCQ-K6sVRMMMh42aE9oyIHNNk.roa
Signing time: Wed 25 Oct 2023 23:30:16 +0000
ROA not before: Wed 25 Oct 2023 23:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 26 Oct 2023 10:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:69:2c:a8:a6:08:50:19:f7:3b:0b:eb:8a:cb:d3:da:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 25 23:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ca80243e2bab1544c30c878d9a13da3220734d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:45:57:06:7e:81:56:53:1f:b6:7e:a7:2f:d2:
90:f1:8a:c1:49:3c:f9:8b:bc:a8:35:c9:35:60:d1:
6c:e4:d9:4c:2c:f8:6d:b4:82:7b:11:39:37:15:21:
ad:74:93:ef:62:4c:cc:31:11:a9:c1:62:6b:7a:32:
82:11:be:05:79:29:32:a3:fe:d2:40:f8:51:f3:12:
50:93:4a:6b:63:b7:b4:a4:f6:d7:12:60:0c:5c:93:
26:f1:78:92:b5:62:ce:12:e3:5e:3b:f4:b6:00:f2:
d3:fc:9d:ac:fd:6a:7f:67:8c:69:3f:90:43:17:1a:
c9:9d:27:b9:7d:b7:51:1b:d2:5f:6e:c8:d5:20:16:
6b:70:7b:22:71:40:a2:bf:83:fc:83:3e:a7:20:e8:
8a:19:b8:8e:70:d7:39:37:13:50:c6:45:90:ea:63:
dd:41:cf:6e:09:79:57:01:7b:54:b2:0e:5b:d4:08:
87:d6:23:f6:97:09:26:d1:dd:28:11:04:05:3f:53:
24:bc:36:e9:f4:3f:be:4a:60:83:27:12:ea:a7:0c:
9e:d1:00:ca:fd:59:43:a1:4c:2e:ee:c1:9c:e9:39:
38:1b:96:2b:ed:99:ee:a9:8b:fa:91:0d:90:e8:c1:
d9:c4:71:cc:35:a8:49:28:d1:7f:9e:e8:fd:fe:80:
57:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A8:02:43:E2:BA:B1:54:4C:30:C8:78:D9:A1:3D:A3:22:07:34:D9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/PKgCQ-K6sVRMMMh42aE9oyIHNNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.181.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
06:cc:f8:21:aa:c6:ac:30:5e:62:70:4f:3c:7a:98:7d:5f:f2:
f8:f5:29:80:3e:b3:9a:f8:1a:13:0e:ec:0e:20:66:59:ad:b5:
ee:1a:23:92:6d:b3:b4:cd:a5:a2:a1:1e:ad:d7:6c:6a:91:ea:
20:cf:3d:e9:2d:20:37:b1:13:e7:dc:3e:40:1c:c2:77:cf:27:
76:c3:6b:fe:11:4d:93:10:77:79:09:bc:ab:43:c3:11:84:f2:
63:c2:f5:35:71:28:a9:60:b0:02:01:ef:d9:86:b3:17:da:01:
79:42:93:ef:84:bb:89:ac:ee:65:1e:87:df:d5:a1:1b:92:7c:
e7:79:45:e6:e1:7f:e1:f5:f7:0c:97:1b:44:aa:25:d5:15:e8:
53:af:74:6c:3b:ae:a4:e8:bb:99:33:4f:ef:78:a0:92:8d:08:
ea:a9:ed:50:35:d9:ce:14:dc:da:af:e1:d5:38:99:a9:9f:e2:
cc:73:71:d5:22:e6:3b:53:9e:e5:62:32:df:0c:8b:a8:17:6e:
74:83:d5:cc:b8:43:d7:48:b2:34:af:22:c6:50:b3:b7:c7:66:
fc:99:80:37:55:73:94:65:e5:a9:5b:57:c5:bb:24:19:67:b0:
91:e4:83:1a:01:5d:b6:f3:83:8e:21:34:cf:ec:d8:bd:2b:f3:
58:46:c0:23
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYtpLKimCFAZ9zsL64rL09oOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI1MjMzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E4MDI0M2UyYmFiMTU0NGMzMGM4NzhkOWExM2RhMzIyMDczNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0VXBn6BVlMftn6nL9KQ8YrBSTz5
i7yoNck1YNFs5NlMLPhttIJ7ETk3FSGtdJPvYkzMMRGpwWJrejKCEb4FeSkyo/7S
QPhR8xJQk0prY7e0pPbXEmAMXJMm8XiStWLOEuNeO/S2APLT/J2s/Wp/Z4xpP5BD
FxrJnSe5fbdRG9JfbsjVIBZrcHsicUCiv4P8gz6nIOiKGbiOcNc5NxNQxkWQ6mPd
Qc9uCXlXAXtUsg5b1AiH1iP2lwkm0d0oEQQFP1MkvDbp9D++SmCDJxLqpwye0QDK
/VlDoUwu7sGc6Tk4G5Yr7ZnuqYv6kQ2Q6MHZxHHMNahJKNF/nuj9/oBXsQIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFDyoAkPiurFUTDDIeNmhPaMiBzTZMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUEtnQ1EtSzZzVlJNTU1oNDJhRTlveUlITk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAFkrjwMEAFktpAMEAFkuAwME
BVkvYAMEAF1xtQMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEABsz4IarGrDBeYnBPPHqYfV/y+PUp
gD6zmvgaEw7sDiBmWa217hojkm2ztM2loqEerddsapHqIM896S0gN7ET59w+QBzC
d88ndsNr/hFNkxB3eQm8q0PDEYTyY8L1NXEoqWCwAgHv2YazF9oBeUKT74S7iazu
ZR6H39WhG5J853lF5uF/4fX3DJcbRKol1RXoU690bDuupOi7mTNP73igko0I6qnt
UDXZzhTc2q/h1TiZqZ/izHNx1SLmO1Oe5WIy3wyLqBdudIPVzLhD10iyNK8ixlCz
t8dm/JmAN1VzlGXlqVtXxbskGWewkeSDGgFdtvODjiE0z+zYvSvzWEbAIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:49 2024 by rpki-client on console-ams.rpki-client.org