Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YzLSDcy1YRlenMb8QCojTxvbWpw.roa
File: YzLSDcy1YRlenMb8QCojTxvbWpw.roa (raw, json)
Hash identifier: vwRK4hhRxM5A95wJ7kU/F0RTZML+Gf4JPXu+9saQ6LU=
Subject key identifier: 63:32:D2:0D:CC:B5:61:19:5E:9C:C6:FC:40:2A:23:4F:1B:DB:5A:9C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018A3C3B150F52848B5CBB8ACFFA3287B2B8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YzLSDcy1YRlenMb8QCojTxvbWpw.roa
Signing time: Mon 28 Aug 2023 13:00:19 +0000
ROA not before: Mon 28 Aug 2023 13:00:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
89.34.228.0/23 maxlen: 23
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Aug 2023 13:13:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:3b:15:0f:52:84:8b:5c:bb:8a:cf:fa:32:87:b2:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 28 13:00:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6332d20dccb561195e9cc6fc402a234f1bdb5a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:23:3c:1c:48:c8:ff:33:03:e7:9a:e4:d1:
74:03:76:a0:8d:bc:f1:92:67:7b:61:46:79:43:3f:
69:21:18:92:fa:86:81:ba:90:ef:01:63:bd:1b:b4:
cf:9c:5c:4d:19:4c:01:7a:8e:ce:58:86:35:1b:88:
39:4d:77:c2:ad:d6:1f:29:35:ff:96:6e:5d:3a:0d:
89:74:b2:f9:6d:2f:6b:79:bc:06:df:4a:e0:ae:d3:
af:7e:39:d1:f1:ae:8e:ff:05:6f:49:e0:3a:9c:ad:
05:05:45:cf:84:b4:98:b8:33:d0:ab:45:9b:be:40:
78:b4:66:c9:97:db:94:20:76:7c:8d:39:23:a1:1b:
15:41:aa:98:4b:4c:48:12:8b:c3:31:7a:ff:76:95:
f1:bd:0c:9c:fc:51:00:2d:04:f0:e6:4d:cf:38:d8:
e6:f1:c7:2e:69:54:f6:cc:60:5a:97:bc:bd:d6:18:
2a:ab:e0:14:9f:4c:20:22:e2:40:e0:c1:88:e7:76:
f2:0f:a1:d0:33:53:69:f7:fe:7f:d5:c1:09:eb:fc:
76:6d:ed:6e:60:0b:c3:de:fe:93:be:b9:10:ff:ec:
82:f4:67:1c:b5:3e:ac:3c:09:89:62:50:b0:3c:fb:
49:8d:5e:76:1a:68:7e:16:e9:77:47:71:e7:dd:d5:
c2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:32:D2:0D:CC:B5:61:19:5E:9C:C6:FC:40:2A:23:4F:1B:DB:5A:9C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YzLSDcy1YRlenMb8QCojTxvbWpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
65:b9:d5:58:26:33:1c:21:65:b8:04:e4:88:66:10:45:42:5e:
6c:e4:21:4c:a0:cc:49:7f:34:b8:88:f5:4d:f1:33:2d:79:48:
b7:f3:0d:d8:74:26:b8:a9:44:45:41:53:36:11:bf:26:e3:e8:
9c:5a:ce:3d:27:2d:80:bb:fe:05:9e:6e:36:d0:80:9c:ca:02:
ee:02:0b:f6:7d:df:55:1f:61:6b:88:b7:4e:ed:37:5d:89:2a:
46:47:df:a7:ce:68:fd:82:72:82:a1:10:0f:86:0d:90:28:52:
51:30:b4:dd:4c:5b:d1:7d:be:7a:be:b9:6e:b5:65:d6:82:3e:
ce:8c:37:80:46:af:ea:a2:3a:ac:62:30:b9:14:42:2d:11:2e:
25:0f:c0:05:0e:47:b7:19:b6:bc:29:af:a2:5f:c7:e0:06:07:
f3:e4:1f:2a:b6:6f:54:25:02:1e:4b:67:a7:fd:c0:ff:b5:75:
47:9a:3c:87:ee:01:71:7e:67:e8:0d:47:ba:26:d3:1e:7e:8b:
69:da:4e:99:51:07:cf:f0:b9:5c:fc:9e:bc:38:55:36:d3:87:
f1:46:02:8c:b0:82:d9:3e:db:93:de:c8:65:2a:f7:aa:d3:fb:
da:22:fc:da:2c:14:54:10:94:e6:0d:f8:7b:3c:7d:48:61:9b:
fe:be:d3:6c
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYo8OxUPUoSLXLuKz/oyh7K4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODI4MTMwMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMyZDIwZGNjYjU2MTE5NWU5Y2M2ZmM0MDJhMjM0ZjFiZGI1YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotkjPBxIyP8zA+ea5NF0A3agjbzx
kmd7YUZ5Qz9pIRiS+oaBupDvAWO9G7TPnFxNGUwBeo7OWIY1G4g5TXfCrdYfKTX/
lm5dOg2JdLL5bS9rebwG30rgrtOvfjnR8a6O/wVvSeA6nK0FBUXPhLSYuDPQq0Wb
vkB4tGbJl9uUIHZ8jTkjoRsVQaqYS0xIEovDMXr/dpXxvQyc/FEALQTw5k3PONjm
8ccuaVT2zGBal7y91hgqq+AUn0wgIuJA4MGI53byD6HQM1Np9/5/1cEJ6/x2be1u
YAvD3v6TvrkQ/+yC9GcctT6sPAmJYlCwPPtJjV52Gmh+Ful3R3Hn3dXCNwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFGMy0g3MtWEZXpzG/EAqI08b21qcMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWXpMU0RjeTFZUmxlbk1iOFFDb2pUeHZiV3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAFkhDQME
AFkiGwMEA1ki4AMEAFkjngMEAVklxAMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAME
AFkuAwMEBVkvYAMEA11xsAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjAN
BAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAZbnVWCYzHCFluATkiGYQ
RUJebOQhTKDMSX80uIj1TfEzLXlIt/MN2HQmuKlERUFTNhG/JuPonFrOPSctgLv+
BZ5uNtCAnMoC7gIL9n3fVR9ha4i3Tu03XYkqRkffp85o/YJygqEQD4YNkChSUTC0
3Uxb0X2+er65brVl1oI+zow3gEav6qI6rGIwuRRCLREuJQ/ABQ5Htxm2vCmvol/H
4AYH8+QfKrZvVCUCHktnp/3A/7V1R5o8h+4BcX5n6A1HuibTHn6LadpOmVEHz/C5
XPyevDhVNtOH8UYCjLCC2T7bk97IZSr3qtP72iL82iwUVBCU5g34ezx9SGGb/r7T
bA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org