Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U0r3MmfEyuexPbY8bHLzKR6iSgY.roa
File: U0r3MmfEyuexPbY8bHLzKR6iSgY.roa (raw, json)
Hash identifier: 5kPnR27/35pi+9n8X8DMwB6dCm8uWFPtqHv+1NdGShk=
Subject key identifier: 53:4A:F7:32:67:C4:CA:E7:B1:3D:B6:3C:6C:72:F3:29:1E:A2:4A:06
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BA5234CC60E480DF8EAE6282BDA12EF1B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U0r3MmfEyuexPbY8bHLzKR6iSgY.roa
Signing time: Mon 06 Nov 2023 14:57:15 +0000
ROA not before: Mon 06 Nov 2023 14:57:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
185.101.104.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:23:4c:c6:0e:48:0d:f8:ea:e6:28:2b:da:12:ef:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 6 14:57:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=534af73267c4cae7b13db63c6c72f3291ea24a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ad:3d:75:c5:7e:0d:5b:a3:f2:c4:ec:06:51:
98:b6:11:23:14:66:7d:51:f2:fa:6b:a9:2b:9d:f0:
4a:c7:c9:3d:62:88:01:0a:f2:6c:80:eb:f7:1e:d1:
e6:ca:ee:f0:77:32:d8:df:e9:d2:96:2f:e7:eb:a9:
b0:b9:3f:1b:86:62:dd:62:78:a7:06:ab:fb:ed:ba:
2a:cd:4d:e5:24:2d:46:0d:c6:50:76:2f:5a:8f:62:
da:49:b8:de:56:31:9b:ea:f0:02:69:57:e6:1f:ac:
60:e6:51:c4:77:1a:b7:2e:7e:95:35:d4:d1:2e:98:
96:02:19:7a:bd:07:f9:a0:1e:2a:f3:53:1b:92:d8:
d2:ed:49:64:ad:49:20:83:eb:9b:60:16:ae:a7:b1:
eb:b0:0e:3f:db:45:41:dc:3f:30:2b:ae:a3:68:26:
db:bb:28:0e:83:e0:ea:c5:de:c5:2b:ff:b8:5e:84:
3b:b4:36:48:c2:e1:20:c2:68:0c:2a:54:1d:46:af:
12:df:fc:7e:2c:81:df:75:b6:91:ac:18:02:56:4c:
01:2c:62:62:6d:cd:c5:d6:dd:ba:bf:d0:af:3a:04:
ff:88:e7:cb:45:73:c6:93:c8:48:1a:64:a8:88:73:
f2:4f:ab:69:52:bd:37:bb:d0:e4:6a:33:40:d2:44:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4A:F7:32:67:C4:CA:E7:B1:3D:B6:3C:6C:72:F3:29:1E:A2:4A:06
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U0r3MmfEyuexPbY8bHLzKR6iSgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/23
89.34.231.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
185.101.104.0/23
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
0f:19:0c:cb:4b:ce:ed:2d:14:28:02:be:1a:65:41:24:01:95:
99:84:30:c8:46:4f:d4:16:9d:08:cb:a2:8a:5e:e8:e3:ce:96:
fc:0b:79:d0:90:68:a1:d7:1e:1e:90:3a:bb:76:1c:d4:26:98:
23:00:f3:bc:8f:07:d3:90:0d:ae:31:20:b5:6c:ae:f9:00:f1:
76:d7:b5:b1:cf:e7:47:67:e9:2c:7b:9b:e7:64:bc:5d:a8:07:
b5:f0:19:6c:f9:e0:e7:c0:f3:b3:a1:56:85:cf:a1:b3:69:60:
04:46:e2:14:b4:a3:9f:1c:0b:60:c6:5e:26:ca:d0:07:79:ce:
37:9d:56:b6:ac:6c:fc:29:35:88:91:50:ec:76:f1:a4:d3:3c:
ac:8b:77:9b:9f:f4:c2:9b:1b:97:69:13:0d:8d:0e:5e:2f:d1:
e1:ae:04:99:bc:84:6a:3f:6f:6e:69:ef:9c:fb:9e:d8:85:6a:
df:89:c4:c7:76:63:5d:2d:c9:ae:ce:35:4a:e9:5d:1c:5a:b8:
d8:4c:77:87:38:aa:03:b9:5b:81:73:86:e7:57:f6:ef:90:1b:
d3:ae:64:22:56:08:8b:cb:06:f7:b4:0f:2a:94:02:f9:3e:9a:
c2:f2:2d:99:08:ac:9e:cd:fe:b9:98:a5:db:ac:16:2d:a7:4c:
69:5d:48:db
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYulI0zGDkgN+OrmKCvaEu8bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA2MTQ1NzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRhZjczMjY3YzRjYWU3YjEzZGI2M2M2YzcyZjMyOTFlYTI0YTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK09dcV+DVuj8sTsBlGYthEjFGZ9
UfL6a6krnfBKx8k9YogBCvJsgOv3HtHmyu7wdzLY3+nSli/n66mwuT8bhmLdYnin
Bqv77boqzU3lJC1GDcZQdi9aj2LaSbjeVjGb6vACaVfmH6xg5lHEdxq3Ln6VNdTR
LpiWAhl6vQf5oB4q81MbktjS7UlkrUkgg+ubYBaup7HrsA4/20VB3D8wK66jaCbb
uygOg+Dqxd7FK/+4XoQ7tDZIwuEgwmgMKlQdRq8S3/x+LIHfdbaRrBgCVkwBLGJi
bc3F1t26v9CvOgT/iOfLRXPGk8hIGmSoiHPyT6tpUr03u9DkajNA0kQc/QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFFNK9zJnxMrnsT22PGxy8ykeokoGMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVTByM01tZkV5dWV4UGJZOGJITHpLUjZpU2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAVkiGgME
AFki5wMEAFkjngMEAFknbwMEAFkoQwMEAFkrjwMEAFktpAMEAFkuAwMEBVkvYAME
AF1xzAMEAF1yTwMEAF1ywgMEAbllaAMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFN
GDANBgkqhkiG9w0BAQsFAAOCAQEADxkMy0vO7S0UKAK+GmVBJAGVmYQwyEZP1Bad
CMuiil7o486W/At50JBoodceHpA6u3Yc1CaYIwDzvI8H05ANrjEgtWyu+QDxdte1
sc/nR2fpLHub52S8XagHtfAZbPng58Dzs6FWhc+hs2lgBEbiFLSjnxwLYMZeJsrQ
B3nON51Wtqxs/Ck1iJFQ7HbxpNM8rIt3m5/0wpsbl2kTDY0OXi/R4a4EmbyEaj9v
bmnvnPue2IVq34nEx3ZjXS3Jrs41SuldHFq42Ex3hziqA7lbgXOG51f275Ab065k
IlYIi8sG97QPKpQC+T6awvItmQisns3+uZil26wWLadMaV1I2w==
-----END CERTIFICATE-----
Generated at Tue Nov 7 10:36:29 2023 by rpki-client on console-ams.rpki-client.org