Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YA-DNcnBKo110ESVupsZI7GfQFc.roa
File: YA-DNcnBKo110ESVupsZI7GfQFc.roa (raw, json)
Hash identifier: 2lmzwtLNhM8S3Vdi9zGk01f/M7s9pFBiaDTn+2/ll/8=
Subject key identifier: 60:0F:83:35:C9:C1:2A:8D:75:D0:44:95:BA:9B:19:23:B1:9F:40:57
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01893EEBD7FA86588C2D82E09F065233BF15
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YA-DNcnBKo110ESVupsZI7GfQFc.roa
Signing time: Mon 10 Jul 2023 08:29:50 +0000
ROA not before: Mon 10 Jul 2023 08:29:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.12.0/23 maxlen: 23
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.2.0/23 maxlen: 23
89.46.2.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.46.0.0/23 maxlen: 23
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:eb:d7:fa:86:58:8c:2d:82:e0:9f:06:52:33:bf:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 10 08:29:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=600f8335c9c12a8d75d04495ba9b1923b19f4057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f2:5b:3d:6b:2c:02:63:f7:eb:33:77:55:0c:
42:f2:3e:24:51:37:dc:ac:e9:a0:dd:af:b0:05:f6:
a0:fc:e7:20:2d:60:ec:a1:76:ed:2f:e1:14:f0:67:
60:90:26:d8:f7:b8:d7:2c:fe:7e:d0:df:af:13:0c:
79:5c:fe:a4:7b:10:64:fe:f1:ca:9f:86:13:d6:65:
aa:fd:3b:f3:b3:14:0b:97:8f:d7:6e:0f:0d:32:43:
2e:83:04:31:54:ab:b1:f6:83:6a:60:82:6c:cc:21:
8f:b5:1c:bc:b8:95:b7:42:02:55:0c:49:a1:d8:b6:
86:76:94:3c:65:16:34:e1:b5:65:27:83:4f:6a:9b:
ad:30:0d:49:80:7d:a4:5e:2f:b6:72:2d:77:95:1f:
92:e3:c0:59:32:6e:44:ca:66:f7:02:05:69:82:c2:
a5:63:59:28:d6:63:da:98:05:c6:ec:fa:d4:72:4c:
16:9a:2a:54:1c:e7:8e:fc:34:c0:03:05:ba:d7:d6:
01:4d:91:41:14:bd:ce:67:25:63:82:19:65:57:26:
92:9c:50:4d:41:f8:04:0f:ff:3a:a4:2e:28:1f:73:
a9:3f:78:ee:38:b3:1e:86:17:b3:25:a6:76:4a:a1:
2b:41:49:8a:ff:52:e1:90:39:1b:f1:82:9d:60:af:
45:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0F:83:35:C9:C1:2A:8D:75:D0:44:95:BA:9B:19:23:B1:9F:40:57
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YA-DNcnBKo110ESVupsZI7GfQFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/23
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.0.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
3a:47:1f:f6:b0:86:ed:a6:bd:65:7e:99:3f:b5:5e:9d:c8:96:
3e:62:bb:8b:a7:ae:58:ab:d2:36:a3:a3:ed:91:79:16:7f:84:
a0:ca:89:90:6a:3c:f2:5a:0c:71:2e:79:bd:18:bb:01:d0:f3:
7b:f1:c0:df:91:f2:56:30:99:0b:60:56:05:22:bd:e0:e1:20:
b6:61:7b:c0:f2:15:54:d4:6a:34:e4:1b:91:e1:a8:ba:23:2a:
d6:45:2d:31:dc:6e:01:7f:6b:dd:91:fc:f5:cf:68:2b:17:24:
38:4c:27:84:41:03:40:66:3b:0d:c1:83:46:bf:02:7a:27:d0:
1b:11:51:ad:2c:6e:7b:1a:10:81:fa:4b:55:e3:83:c1:cc:43:
45:a1:07:a0:7f:1e:3c:3f:1d:ea:b1:fc:14:59:fe:4b:13:43:
ac:b3:0f:2e:ab:10:e9:c5:fe:3a:cd:a1:4e:ee:6c:6d:f0:c6:
99:42:d4:78:0f:07:d6:bb:58:81:19:ca:a7:6c:f4:ca:7d:16:
76:26:43:49:df:bb:69:89:1a:39:ef:55:ef:72:53:ff:9b:7b:
4f:bd:1d:3d:cc:0d:9b:8a:b4:37:aa:7c:ea:68:ef:d5:f0:65:
87:69:8e:5e:a2:5c:fa:7a:5c:1e:11:b2:87:85:51:28:ca:75:
f3:c9:a7:62
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYk+69f6hliMLYLgnwZSM78VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzEwMDgyOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBmODMzNWM5YzEyYThkNzVkMDQ0OTViYTliMTkyM2IxOWY0MDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfJbPWssAmP36zN3VQxC8j4kUTfc
rOmg3a+wBfag/OcgLWDsoXbtL+EU8GdgkCbY97jXLP5+0N+vEwx5XP6kexBk/vHK
n4YT1mWq/TvzsxQLl4/Xbg8NMkMugwQxVKux9oNqYIJszCGPtRy8uJW3QgJVDEmh
2LaGdpQ8ZRY04bVlJ4NPaputMA1JgH2kXi+2ci13lR+S48BZMm5Eymb3AgVpgsKl
Y1ko1mPamAXG7PrUckwWmipUHOeO/DTAAwW619YBTZFBFL3OZyVjghllVyaSnFBN
QfgED/86pC4oH3OpP3juOLMehhezJaZ2SqErQUmK/1LhkDkb8YKdYK9F2QIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFGAPgzXJwSqNddBElbqbGSOxn0BXMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWUEtRE5jbkJLbzExMEVTVnVwc1pJN0dmUUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBzBAIAATBtAwQBWSEM
AwQAWSIbAwQDWSLgAwQAWSOeAwQBWSXEAwQAWSdvAwQAWShDAwQCWSuMAwQAWS2k
MAsDAwFZLgMEAFkuBAMEBVkvYAMEA11xsAMEAF1xzAMEAF1yTwMEAF1ywgMEAsET
wAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAOkcf9rCG
7aa9ZX6ZP7VenciWPmK7i6euWKvSNqOj7ZF5Fn+EoMqJkGo88loMcS55vRi7AdDz
e/HA35HyVjCZC2BWBSK94OEgtmF7wPIVVNRqNOQbkeGouiMq1kUtMdxuAX9r3ZH8
9c9oKxckOEwnhEEDQGY7DcGDRr8CeifQGxFRrSxuexoQgfpLVeODwcxDRaEHoH8e
PD8d6rH8FFn+SxNDrLMPLqsQ6cX+Os2hTu5sbfDGmULUeA8H1rtYgRnKp2z0yn0W
diZDSd+7aYkaOe9V73JT/5t7T70dPcwNm4q0N6p86mjv1fBlh2mOXqJc+npcHhGy
h4VRKMp188mnYg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:03 2023 by rpki-client on console-fra.rpki-client.org