Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/V9j7yw9v6L_5fVfEkzQiTONRkIA.roa
File: V9j7yw9v6L_5fVfEkzQiTONRkIA.roa (raw, json)
Hash identifier: PlmvZi10kEqaFZz0mW1kgmpy1LCOdygq0aUqJj58wMs=
Subject key identifier: 57:D8:FB:CB:0F:6F:E8:BF:F9:7D:57:C4:93:34:22:4C:E3:51:90:80
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C010C711F6CBA4F28ED3A5818CF67B0BE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/V9j7yw9v6L_5fVfEkzQiTONRkIA.roa
Signing time: Fri 24 Nov 2023 11:17:21 +0000
ROA not before: Fri 24 Nov 2023 11:17:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Nov 2023 12:16:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:01:0c:71:1f:6c:ba:4f:28:ed:3a:58:18:cf:67:b0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 24 11:17:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57d8fbcb0f6fe8bff97d57c49334224ce3519080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:d5:7d:32:e7:dc:90:12:da:03:92:ac:b5:
d9:a3:8f:9d:b3:36:38:bd:61:a4:1e:61:54:30:e7:
59:4f:67:61:46:33:c6:f6:bf:f7:ad:6a:0c:33:55:
d2:fa:51:4c:dc:23:d2:f6:b5:eb:d6:3c:e7:58:01:
0b:2e:0a:93:cb:34:8a:ba:1f:c0:50:f2:b7:4e:be:
9d:b1:e1:cb:a5:99:19:e1:9d:4f:d4:63:5b:e5:a7:
b9:7a:ad:32:00:f1:65:9d:b9:18:d5:42:9c:23:fe:
ae:34:a7:01:57:23:b7:83:f1:4d:a4:f1:17:93:41:
16:e3:e5:03:89:8c:ea:ed:22:a5:10:50:38:af:cf:
22:f5:55:f8:86:f7:44:4a:d9:e5:dc:06:03:d3:53:
ef:ae:ee:83:fb:4e:02:38:c1:ff:77:0c:8e:9f:5e:
e6:19:27:66:30:0e:f8:44:3f:3d:b3:29:43:19:0b:
a2:09:11:a1:4c:95:03:86:57:34:8a:c1:f0:c1:bf:
4b:ff:0e:1c:4d:f9:f8:67:72:3f:90:7f:08:a0:c2:
cc:15:b4:b4:03:b0:97:79:a9:e3:b1:2d:76:74:5f:
99:51:62:0b:e7:77:64:24:6d:21:53:ab:8a:a5:55:
2a:42:2a:1e:70:05:ee:a6:81:7a:a7:3a:45:de:d0:
60:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D8:FB:CB:0F:6F:E8:BF:F9:7D:57:C4:93:34:22:4C:E3:51:90:80
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/V9j7yw9v6L_5fVfEkzQiTONRkIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.114.0/23
89.47.118.0/24
89.47.120.0-89.47.122.255
89.47.125.0-89.47.127.255
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
07:d2:b5:94:24:3b:eb:f7:4c:f5:4e:67:9c:f3:5e:12:9b:cf:
cd:9e:c4:e8:80:b0:2c:08:c3:e3:4c:6f:2e:e4:05:77:86:46:
7f:74:c0:7f:56:56:c5:8d:d1:d4:27:ad:6c:74:69:c6:6d:d0:
db:50:13:98:b7:32:bb:de:15:b9:46:62:37:1d:77:39:2d:e7:
09:12:e5:a2:e2:bc:dd:65:dc:59:74:93:d4:71:88:12:74:c7:
21:04:b7:97:02:f5:c4:94:32:e2:5e:ae:34:09:d6:9b:4f:03:
b6:24:2c:64:98:d6:24:93:0c:9e:3b:77:5f:1a:ef:dc:23:f2:
72:93:76:9b:6e:71:92:a8:e8:e8:17:e8:60:64:bb:e5:30:c6:
38:a0:ce:a0:5e:bd:72:91:53:d1:5c:9c:df:83:cf:77:e5:7e:
5a:12:a1:c8:82:b3:01:58:6a:ae:e7:85:60:11:f4:c4:0d:eb:
3f:78:c0:0d:5c:98:e2:ea:d6:dc:67:29:92:88:00:cf:ff:62:
0c:90:42:9d:72:34:12:82:1c:d4:12:3a:99:33:70:d3:e2:0f:
ef:27:30:68:7c:15:0c:72:06:dd:5b:d2:09:a1:ab:18:fb:c9:
6b:5e:dc:83:dc:52:09:19:15:94:c3:be:10:1d:6b:09:e8:99:
b1:34:20:58
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYwBDHEfbLpPKO06WBjPZ7C+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI0MTExNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2Q4ZmJjYjBmNmZlOGJmZjk3ZDU3YzQ5MzM0MjI0Y2UzNTE5MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrLVfTLn3JAS2gOSrLXZo4+dszY4
vWGkHmFUMOdZT2dhRjPG9r/3rWoMM1XS+lFM3CPS9rXr1jznWAELLgqTyzSKuh/A
UPK3Tr6dseHLpZkZ4Z1P1GNb5ae5eq0yAPFlnbkY1UKcI/6uNKcBVyO3g/FNpPEX
k0EW4+UDiYzq7SKlEFA4r88i9VX4hvdEStnl3AYD01Pvru6D+04COMH/dwyOn17m
GSdmMA74RD89sylDGQuiCRGhTJUDhlc0isHwwb9L/w4cTfn4Z3I/kH8IoMLMFbS0
A7CXeanjsS12dF+ZUWIL53dkJG0hU6uKpVUqQioecAXupoF6pzpF3tBgiwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFFfY+8sPb+i/+X1XxJM0IkzjUZCAMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVjlqN3l3OXY2TF81ZlZmRWt6UWlUT05Sa0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqAwQAWSIb
AwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQEWS9gAwQBWS9yAwQAWS92MAwDBANZ
L3gDBABZL3owDAMEAFkvfQMEB1kvAAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAME
AcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAB9K1lCQ76/dM
9U5nnPNeEpvPzZ7E6ICwLAjD40xvLuQFd4ZGf3TAf1ZWxY3R1CetbHRpxm3Q21AT
mLcyu94VuUZiNx13OS3nCRLlouK83WXcWXST1HGIEnTHIQS3lwL1xJQy4l6uNAnW
m08DtiQsZJjWJJMMnjt3Xxrv3CPycpN2m25xkqjo6BfoYGS75TDGOKDOoF69cpFT
0Vyc34PPd+V+WhKhyIKzAVhqrueFYBH0xA3rP3jADVyY4urW3GcpkogAz/9iDJBC
nXI0EoIc1BI6mTNw0+IP7ycwaHwVDHIG3VvSCaGrGPvJa17cg9xSCRkVlMO+EB1r
CeiZsTQgWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org