Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/RwBJVtd4e7Y3FdTD03utbxI1SRY.roa
File: RwBJVtd4e7Y3FdTD03utbxI1SRY.roa (raw, json)
Hash identifier: iGMAAUv0TyvtEnkwPJV3qkGhW0bajKpKIPN82pbeoBo=
Subject key identifier: 47:00:49:56:D7:78:7B:B6:37:15:D4:C3:D3:7B:AD:6F:12:35:49:16
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018EDB47E9E460B702E31056E2A265682B27
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/RwBJVtd4e7Y3FdTD03utbxI1SRY.roa
Signing time: Sun 14 Apr 2024 06:25:07 +0000
ROA not before: Sun 14 Apr 2024 06:25:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 06:57:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:47:e9:e4:60:b7:02:e3:10:56:e2:a2:65:68:2b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 14 06:25:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47004956d7787bb63715d4c3d37bad6f12354916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d5:c2:ab:4c:55:85:99:87:02:f5:77:ad:84:
b3:cb:5e:51:32:22:81:c4:bc:b1:ad:15:4b:c5:c0:
d8:0c:d1:19:76:56:41:45:76:43:2e:42:ac:76:9c:
aa:f4:b2:27:3b:6a:68:6c:a4:ba:c3:2d:4f:34:10:
65:92:53:0d:7b:24:7b:8c:9a:17:19:63:6d:23:b9:
8d:2f:c4:51:40:89:94:ff:3f:4f:e6:41:f8:af:24:
39:7b:8d:aa:fb:92:8a:e8:62:07:5b:62:48:95:57:
e5:45:f4:cc:8b:84:5d:26:71:b2:3c:5a:18:61:48:
55:91:d4:97:de:70:e9:56:a4:16:0c:ee:ef:8a:0c:
c5:ea:a1:98:9a:05:fe:88:85:a7:ac:89:01:7b:2f:
24:69:d5:b8:a2:71:4a:33:d9:59:a6:a7:7f:c6:b7:
0b:b1:31:9a:e4:2e:11:cc:17:68:71:20:e7:55:fc:
02:e7:70:7c:48:c8:1a:73:f4:2d:12:0a:72:a6:8a:
96:9b:0b:1f:b0:eb:e2:78:fc:54:b7:1c:22:e1:00:
aa:1a:1d:a7:ab:a9:c1:ea:5a:e7:b2:bf:f8:2b:1a:
4b:46:64:a7:bc:0f:49:a9:5d:c6:8b:ab:ef:b6:f9:
e8:f7:d0:8a:ac:24:d2:0b:87:e4:ec:bf:51:a5:1c:
37:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:00:49:56:D7:78:7B:B6:37:15:D4:C3:D3:7B:AD:6F:12:35:49:16
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/RwBJVtd4e7Y3FdTD03utbxI1SRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.40.82.0/24
89.42.81.0/24
89.42.86.0/24
89.42.95.0/24
89.42.143.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.47.99.0/24
89.47.115.0/24
89.47.117.0/24
89.47.119.0/24
89.47.125.0/24
89.47.127.0/24
93.113.181.0/24
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:fa:6b:8d:09:c1:d0:02:5d:94:96:8d:2d:9c:0d:01:12:c3:
15:41:33:f8:78:0f:df:c1:7b:4b:28:14:5e:a1:e3:f9:84:c5:
f7:20:d6:c5:d0:ac:7d:c0:67:bc:79:1d:11:ec:b7:66:a3:e5:
ac:2d:aa:05:ed:84:82:d8:cc:f2:9b:92:f5:e1:bb:4f:f1:55:
a4:46:82:3f:7a:d7:be:7e:e7:54:c5:3e:81:d7:d5:e8:e4:3d:
f2:99:8b:58:0a:3b:db:da:fc:64:c9:2d:ec:da:ad:53:ef:06:
78:d6:9c:6a:f7:05:9d:94:59:7a:c4:0b:be:55:14:95:ae:1d:
e6:a9:86:d1:86:4e:b9:17:5a:3a:5b:2d:f5:88:5a:64:ec:6a:
15:42:3e:81:a9:db:71:ea:58:a4:2e:e5:8f:c8:ba:1b:81:83:
32:d2:62:e0:88:82:8c:55:1b:76:15:6e:5a:2b:a8:7a:c6:b3:
38:ec:59:5b:62:c3:d4:65:d4:f7:42:0a:69:8e:62:17:30:46:
62:22:b5:90:72:e4:0e:93:c8:b5:94:6c:03:ea:dd:ac:97:6c:
9b:cb:8b:b8:d6:4c:7e:0b:8f:df:96:7c:c3:dd:6e:5b:54:74:
7c:34:4a:75:e5:36:c3:d6:10:2f:5b:b4:94:65:bc:27:e0:da:
f7:63:a6:8f
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY7bR+nkYLcC4xBW4qJlaCsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwNDE0MDYyNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzAwNDk1NmQ3Nzg3YmI2MzcxNWQ0YzNkMzdiYWQ2ZjEyMzU0OTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9XCq0xVhZmHAvV3rYSzy15RMiKB
xLyxrRVLxcDYDNEZdlZBRXZDLkKsdpyq9LInO2pobKS6wy1PNBBlklMNeyR7jJoX
GWNtI7mNL8RRQImU/z9P5kH4ryQ5e42q+5KK6GIHW2JIlVflRfTMi4RdJnGyPFoY
YUhVkdSX3nDpVqQWDO7vigzF6qGYmgX+iIWnrIkBey8kadW4onFKM9lZpqd/xrcL
sTGa5C4RzBdocSDnVfwC53B8SMgac/QtEgpypoqWmwsfsOviePxUtxwi4QCqGh2n
q6nB6lrnsr/4KxpLRmSnvA9JqV3Gi6vvtvno99CKrCTSC4fk7L9RpRw3kQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFEcASVbXeHu2NxXUw9N7rW8SNUkWMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvUndCSlZ0ZDRlN1kzRmRURDAzdXRieEkxU1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAVki4AME
AFki5AMEAFki5wMEAFkoUgMEAFkqUQMEAFkqVgMEAFkqXwMEAFkqjwMEAFkrjAME
AFkrjwMEAFkuAAMEAFkvYwMEAFkvcwMEAFkvdQMEAFkvdwMEAFkvfQMEAFkvfwME
AF1xtQMEALllaTANBgkqhkiG9w0BAQsFAAOCAQEATvprjQnB0AJdlJaNLZwNARLD
FUEz+HgP38F7SygUXqHj+YTF9yDWxdCsfcBnvHkdEey3ZqPlrC2qBe2EgtjM8puS
9eG7T/FVpEaCP3rXvn7nVMU+gdfV6OQ98pmLWAo729r8ZMkt7NqtU+8GeNacavcF
nZRZesQLvlUUla4d5qmG0YZOuRdaOlst9YhaZOxqFUI+ganbcepYpC7lj8i6G4GD
MtJi4IiCjFUbdhVuWiuoesazOOxZW2LD1GXU90IKaY5iFzBGYiK1kHLkDpPItZRs
A+rdrJdsm8uLuNZMfguP35Z8w91uW1R0fDRKdeU2w9YQL1u0lGW8J+Da92Omjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org