Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/X8EPqu8GG7MYd8c5teM7f1N6jbk.roa
File: X8EPqu8GG7MYd8c5teM7f1N6jbk.roa (raw, json)
Hash identifier: yoh/ZyArryaNPX9uj9647si0WwgF8eA8Or4CeWOCraI=
Subject key identifier: 5F:C1:0F:AA:EF:06:1B:B3:18:77:C7:39:B5:E3:3B:7F:53:7A:8D:B9
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BA9361D349EFE43431D37E95DDF6D6045
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/X8EPqu8GG7MYd8c5teM7f1N6jbk.roa
Signing time: Tue 07 Nov 2023 09:56:17 +0000
ROA not before: Tue 07 Nov 2023 09:56:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:36:1d:34:9e:fe:43:43:1d:37:e9:5d:df:6d:60:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 7 09:56:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fc10faaef061bb31877c739b5e33b7f537a8db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:26:d2:d7:21:74:00:bf:9f:24:5f:df:4a:31:
b5:4c:a3:e0:b8:3c:30:b8:3a:98:a2:c7:d2:c4:66:
ab:04:8a:5b:78:9a:a4:a8:64:3c:7e:a7:93:3e:87:
59:ee:73:58:99:e6:d8:30:fa:22:84:15:29:0f:07:
ff:b5:a1:08:4a:d7:f7:2f:73:58:b3:0a:9b:3a:da:
34:b5:86:9e:39:88:96:e6:20:39:d6:60:d0:63:f9:
51:ef:a0:9d:c3:29:22:fc:a5:c0:ea:0a:ee:e6:24:
aa:d4:0f:27:bd:b5:ce:5a:53:63:40:11:db:e0:22:
b4:db:5d:dd:66:c0:71:1d:f3:8e:6e:93:84:ec:d8:
7f:ff:e2:ae:7b:52:4c:ed:d9:3a:6c:36:da:ff:fe:
56:24:a0:a5:4b:83:cc:e9:c5:80:6e:5f:af:ac:da:
7f:45:e9:b0:93:40:31:36:43:aa:bf:2c:2d:6c:b7:
84:19:97:5a:d3:45:b5:d5:72:7d:80:1d:3a:4a:a4:
85:13:82:3a:b1:b6:7d:94:df:7a:a5:2a:d1:53:27:
ca:e2:08:91:3e:d4:90:68:62:e4:15:62:74:d8:d6:
44:91:28:72:5c:6d:0b:3f:de:54:a6:fd:a3:f8:3a:
79:57:26:7e:7e:44:2a:54:21:22:75:7c:ed:aa:22:
a1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C1:0F:AA:EF:06:1B:B3:18:77:C7:39:B5:E3:3B:7F:53:7A:8D:B9
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/X8EPqu8GG7MYd8c5teM7f1N6jbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/23
89.34.231.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
78:ef:11:29:4a:3d:3d:68:bf:c3:47:b7:d8:e8:5f:a8:86:be:
f5:6e:3d:e2:ed:06:e6:f6:aa:22:8a:74:e5:74:5d:a4:f0:ef:
55:01:6c:71:15:79:f6:e2:3d:65:48:b8:d3:b2:39:12:94:a6:
a0:6b:20:3d:e0:87:da:ea:d3:98:bb:d1:f9:68:a7:02:28:43:
4b:2c:47:ea:3e:b5:ce:a2:55:20:eb:36:d7:0f:c0:f1:f2:22:
41:dd:47:4b:3f:20:2f:b8:c6:e2:54:8b:73:4c:61:1e:3e:d6:
67:ae:be:20:e8:45:85:8a:c1:8e:d3:90:f2:59:c0:87:b6:64:
80:e4:7e:7a:56:b6:ae:dd:f8:0b:06:ea:e5:2e:97:c2:6d:e9:
89:a6:03:86:e3:84:38:83:b9:03:d5:c5:97:5b:2e:ef:33:40:
1a:10:c0:f7:06:82:0a:9b:99:b3:f9:1b:4b:86:76:24:7c:ce:
81:7b:26:16:75:e7:d3:62:7b:17:e6:87:db:28:ab:8a:35:f3:
22:27:ba:a8:0a:e9:12:25:dc:a1:07:17:a6:b4:d2:21:dd:46:
c7:26:3f:bc:3f:dd:be:b9:5c:e8:b5:87:cc:33:e0:08:58:c0:
84:1f:cf:5d:29:4e:dc:a0:ec:de:e1:ee:a6:d5:8a:4d:02:20:
b2:d4:d8:a8
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYupNh00nv5DQx036V3fbWBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA3MDk1NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmMxMGZhYWVmMDYxYmIzMTg3N2M3MzliNWUzM2I3ZjUzN2E4ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApibS1yF0AL+fJF/fSjG1TKPguDww
uDqYosfSxGarBIpbeJqkqGQ8fqeTPodZ7nNYmebYMPoihBUpDwf/taEIStf3L3NY
swqbOto0tYaeOYiW5iA51mDQY/lR76Cdwyki/KXA6gru5iSq1A8nvbXOWlNjQBHb
4CK0213dZsBxHfOObpOE7Nh//+Kue1JM7dk6bDba//5WJKClS4PM6cWAbl+vrNp/
Remwk0AxNkOqvywtbLeEGZda00W11XJ9gB06SqSFE4I6sbZ9lN96pSrRUyfK4giR
PtSQaGLkFWJ02NZEkShyXG0LP95Upv2j+Dp5VyZ+fkQqVCEidXztqiKhTQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFF/BD6rvBhuzGHfHObXjO39Teo25MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWDhFUHF1OEdHN01ZZDhjNXRlTTdmMU42amJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQBWSIaAwQA
WSLnAwQAWSOeAwQAWSdvAwQAWShDAwQAWSuPAwQAWS2kAwQAWS4DAwQFWS9gAwQA
XXHMAwQAXXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqG
SIb3DQEBCwUAA4IBAQB47xEpSj09aL/DR7fY6F+ohr71bj3i7Qbm9qoiinTldF2k
8O9VAWxxFXn24j1lSLjTsjkSlKagayA94Ifa6tOYu9H5aKcCKENLLEfqPrXOolUg
6zbXD8Dx8iJB3UdLPyAvuMbiVItzTGEePtZnrr4g6EWFisGO05DyWcCHtmSA5H56
Vrau3fgLBurlLpfCbemJpgOG44Q4g7kD1cWXWy7vM0AaEMD3BoIKm5mz+RtLhnYk
fM6BeyYWdefTYnsX5ofbKKuKNfMiJ7qoCukSJdyhBxemtNIh3UbHJj+8P92+uVzo
tYfMM+AIWMCEH89dKU7coOze4e6m1YpNAiCy1Nio
-----END CERTIFICATE-----
Generated at Tue Nov 7 13:50:41 2023 by rpki-client on console-fra.rpki-client.org