Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Yn3exNGXoJnF4vclNahJYd06D_0.roa
File: Yn3exNGXoJnF4vclNahJYd06D_0.roa (raw, json)
Hash identifier: iQMoUr4GXoOa6Rj7K1Xfgvqs4K6q10LJ3y/HvRgffoo=
Subject key identifier: 62:7D:DE:C4:D1:97:A0:99:C5:E2:F7:25:35:A8:49:61:DD:3A:0F:FD
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189863A2EA661A3F6F402F2CE26196AA05F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Yn3exNGXoJnF4vclNahJYd06D_0.roa
Signing time: Mon 24 Jul 2023 04:48:27 +0000
ROA not before: Mon 24 Jul 2023 04:48:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.42.91.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.42.90.0/24 maxlen: 24
89.42.94.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Jul 2023 17:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:86:3a:2e:a6:61:a3:f6:f4:02:f2:ce:26:19:6a:a0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 24 04:48:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=627ddec4d197a099c5e2f72535a84961dd3a0ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ac:a1:31:db:c9:5c:11:3d:cf:03:4f:41:31:
be:aa:12:e6:46:74:bd:2b:16:a2:92:86:e4:22:56:
83:8f:af:b2:c2:80:ae:6d:af:84:d2:f9:69:b5:be:
ce:50:9e:dd:db:92:42:1c:2d:8c:7d:3c:f9:09:d8:
8f:d5:24:6f:fb:31:85:bf:cc:ce:8c:2c:0e:90:3b:
55:53:07:bc:5d:dd:83:52:48:52:76:26:f2:22:29:
54:43:d4:22:8d:75:74:3f:21:44:26:4f:a9:39:6e:
f6:61:ec:5a:f0:48:b0:45:09:1a:70:3c:60:b8:d6:
47:dc:8c:8e:76:87:4f:ec:9a:02:26:1d:d0:03:95:
6b:7e:e9:71:7d:69:df:b2:06:da:d5:ee:eb:b5:ae:
a8:3c:b5:18:96:6b:64:c3:56:3e:77:0e:83:04:e8:
ed:85:88:e6:b2:07:8c:b1:fe:93:28:0e:7b:68:fc:
ad:cd:9e:8d:ba:1f:fa:a3:9b:d6:eb:6b:9e:44:84:
35:6e:e9:92:b9:e4:8c:b8:eb:0c:95:77:7b:23:e1:
0b:cc:fc:31:71:7d:dc:73:3e:f7:4c:0c:f3:85:c3:
ea:98:36:dc:7b:ce:5b:e4:05:d7:67:80:77:c7:e3:
f0:d8:eb:6a:4f:f6:36:74:44:f4:94:30:39:ef:d4:
11:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:7D:DE:C4:D1:97:A0:99:C5:E2:F7:25:35:A8:49:61:DD:3A:0F:FD
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Yn3exNGXoJnF4vclNahJYd06D_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.42.90.0/23
89.42.93.0-89.42.95.255
89.43.140.0/22
89.45.164.0/24
89.46.3.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
0e:06:be:06:a0:20:dd:6b:bc:51:07:4b:9b:16:41:18:88:e4:
5b:48:2f:ac:0d:fd:af:03:5c:33:dc:fe:52:ce:ae:6e:23:16:
7e:95:db:fe:d6:d5:47:ad:d3:61:eb:9c:56:0b:64:48:3c:24:
83:44:17:ef:91:6e:22:9f:6b:ea:1e:d7:6a:4b:0e:34:62:27:
4a:fb:b3:7c:81:b2:f5:a3:a3:3f:33:80:ed:49:a8:59:48:a5:
2f:7d:c5:08:5c:ef:3f:b1:db:f8:19:fd:ee:05:4e:f2:67:35:
9c:aa:98:55:93:ee:47:7c:d6:dd:86:d8:e6:7e:09:76:bf:29:
37:8a:04:9c:a4:52:ef:56:2f:c3:6d:33:b3:27:a3:90:d9:f0:
0f:88:7a:3c:30:26:d8:ad:62:1c:ff:81:a6:97:98:f3:6b:e6:
f5:0d:e2:65:e0:03:ac:c6:79:eb:52:ae:ea:0f:28:08:c2:8d:
4c:e4:44:ab:b3:d3:4e:45:c5:fe:eb:20:8a:44:52:53:f5:5d:
c5:05:ed:e7:f5:b6:64:83:98:5a:15:16:7c:87:90:71:65:70:
72:a1:49:f8:fe:fa:ff:7f:2d:f0:48:6a:38:74:1e:a3:13:31:
e2:24:a0:b6:2f:70:af:ab:16:01:f1:f9:15:cd:51:2e:5d:d5:
04:39:9f:74
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYmGOi6mYaP29ALyziYZaqBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzI0MDQ0ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjdkZGVjNGQxOTdhMDk5YzVlMmY3MjUzNWE4NDk2MWRkM2EwZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqyhMdvJXBE9zwNPQTG+qhLmRnS9
KxaikobkIlaDj6+ywoCuba+E0vlptb7OUJ7d25JCHC2MfTz5CdiP1SRv+zGFv8zO
jCwOkDtVUwe8Xd2DUkhSdibyIilUQ9QijXV0PyFEJk+pOW72Yexa8EiwRQkacDxg
uNZH3IyOdodP7JoCJh3QA5VrfulxfWnfsgba1e7rta6oPLUYlmtkw1Y+dw6DBOjt
hYjmsgeMsf6TKA57aPytzZ6Nuh/6o5vW62ueRIQ1bumSueSMuOsMlXd7I+ELzPwx
cX3ccz73TAzzhcPqmDbce85b5AXXZ4B3x+Pw2OtqT/Y2dET0lDA579QRbQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFGJ93sTRl6CZxeL3JTWoSWHdOg/9MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWW4zZXhOR1hvSm5GNHZjbE5haEpZZDA2RF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBiQQCAAEwgYIDBABZ
IQ0DBABZIhsDBANZIuADBABZI54DBAFZJcQDBABZJ28DBABZKEMDBAFZKlowDAME
AFkqXQMEBVkqQAMEAlkrjAMEAFktpDAMAwQAWS4DAwQAWS4EAwQFWS9gAwQDXXGw
AwQAXXHMAwQAXXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0G
CSqGSIb3DQEBCwUAA4IBAQAOBr4GoCDda7xRB0ubFkEYiORbSC+sDf2vA1wz3P5S
zq5uIxZ+ldv+1tVHrdNh65xWC2RIPCSDRBfvkW4in2vqHtdqSw40YidK+7N8gbL1
o6M/M4DtSahZSKUvfcUIXO8/sdv4Gf3uBU7yZzWcqphVk+5HfNbdhtjmfgl2vyk3
igScpFLvVi/DbTOzJ6OQ2fAPiHo8MCbYrWIc/4Gml5jza+b1DeJl4AOsxnnrUq7q
DygIwo1M5ESrs9NORcX+6yCKRFJT9V3FBe3n9bZkg5haFRZ8h5BxZXByoUn4/vr/
fy3wSGo4dB6jEzHiJKC2L3CvqxYB8fkVzVEuXdUEOZ90
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org