Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_2vc-B-eYwBSEfxpkmCkSb75uU8.roa
File: _2vc-B-eYwBSEfxpkmCkSb75uU8.roa (raw, json)
Hash identifier: Z3hNZwTrmTYC9WUTXxKNWYSAx9+P+uOmuf3cbq3kO4g=
Subject key identifier: FF:6B:DC:F8:1F:9E:63:00:52:11:FC:69:92:60:A4:49:BE:F9:B9:4F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018972A5AB08CCE8797445E6079F3DE6EF31
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_2vc-B-eYwBSEfxpkmCkSb75uU8.roa
Signing time: Thu 20 Jul 2023 09:33:26 +0000
ROA not before: Thu 20 Jul 2023 09:33:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
89.33.12.0/23 maxlen: 23
89.33.12.0/24 maxlen: 24
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.2.0/23 maxlen: 23
89.46.2.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Jul 2023 14:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:a5:ab:08:cc:e8:79:74:45:e6:07:9f:3d:e6:ef:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 20 09:33:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff6bdcf81f9e63005211fc699260a449bef9b94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:7b:c8:95:b1:db:ce:c5:30:48:50:2c:5e:
ad:9e:65:19:8a:32:3d:76:a2:80:1b:fe:68:41:22:
f8:5c:38:4d:b8:86:89:34:2b:fd:9b:4c:12:81:b5:
40:f2:c3:35:14:22:0c:4f:99:d3:db:c4:65:ee:b5:
9b:a9:35:cb:1e:96:02:8f:7e:01:c2:da:03:bc:d9:
37:46:87:e5:09:f1:61:2a:37:83:4d:f4:ee:66:0b:
65:8e:73:7a:35:7b:e0:b4:cc:4e:2c:bd:76:37:db:
73:4c:de:e9:a5:06:9a:51:a4:07:74:5c:d1:9f:6e:
bf:3a:1d:a1:b2:21:3f:2b:b6:8a:6c:e6:06:0f:85:
1a:6e:d3:94:90:0d:91:44:d0:87:92:de:5c:53:83:
7b:d3:a3:e4:22:28:d8:32:2f:04:ff:f6:af:4b:b8:
85:9f:02:37:a3:e5:f1:45:de:76:3a:f5:93:81:36:
d4:f1:bd:ca:9e:12:8b:6a:46:3d:a5:21:9d:fc:3c:
3f:fb:1b:0e:bb:ac:d9:c1:0b:55:67:bb:11:1f:38:
83:a2:42:d6:70:fd:fe:73:62:9e:bf:06:2b:ae:c5:
07:23:9b:70:42:a4:37:a9:a7:82:49:59:46:b8:af:
ef:da:e5:83:2f:01:52:9a:e4:42:4b:8e:d5:76:e2:
3c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6B:DC:F8:1F:9E:63:00:52:11:FC:69:92:60:A4:49:BE:F9:B9:4F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/_2vc-B-eYwBSEfxpkmCkSb75uU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/23
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.2.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
46:d4:58:2b:3c:59:f5:ba:1c:29:d1:6f:9f:51:af:e5:ae:79:
48:7e:c8:11:41:b4:ae:51:5d:fc:67:4b:d4:37:ad:2c:4a:bf:
1f:02:ad:af:8a:f7:1d:2f:be:63:8a:fd:03:6c:ba:10:00:94:
5f:67:46:6b:01:5c:87:99:1e:14:13:a3:41:76:73:97:6f:70:
5f:b8:32:e2:e6:08:a4:22:9e:61:93:54:07:2d:d9:82:d5:ed:
22:bf:88:80:b1:28:c8:58:4f:12:a1:2d:0a:53:5a:ec:04:af:
d2:e4:c4:cf:b0:ca:d1:c6:c8:2e:5e:82:b9:c7:e9:9a:c0:ab:
69:32:ba:20:2c:2f:7c:b6:2a:0f:55:b3:5c:4d:77:79:4b:e7:
23:21:62:66:c3:75:4b:11:00:36:11:28:29:fc:cf:99:cb:33:
07:bd:9e:ce:81:d3:34:cf:d0:f5:8b:bd:ad:9f:07:0c:f4:90:
0e:c7:a6:be:4d:6d:7d:4b:53:bf:7c:92:ac:55:9f:ec:8e:06:
b2:4e:25:eb:7e:d3:e2:86:34:3c:69:f6:b3:c2:a1:b7:51:8e:
04:6c:76:1a:96:fc:b7:e2:3a:cc:6a:1d:38:3e:c4:ed:07:db:
48:c6:fc:81:f5:a2:60:b4:53:31:f3:ec:38:a9:38:22:76:dc:
8a:7d:41:a3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYlypasIzOh5dEXmB5895u8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzIwMDkzMzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjZiZGNmODFmOWU2MzAwNTIxMWZjNjk5MjYwYTQ0OWJlZjliOTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje17yJWx287FMEhQLF6tnmUZijI9
dqKAG/5oQSL4XDhNuIaJNCv9m0wSgbVA8sM1FCIMT5nT28Rl7rWbqTXLHpYCj34B
wtoDvNk3RoflCfFhKjeDTfTuZgtljnN6NXvgtMxOLL12N9tzTN7ppQaaUaQHdFzR
n26/Oh2hsiE/K7aKbOYGD4UabtOUkA2RRNCHkt5cU4N706PkIijYMi8E//avS7iF
nwI3o+XxRd52OvWTgTbU8b3KnhKLakY9pSGd/Dw/+xsOu6zZwQtVZ7sRHziDokLW
cP3+c2KevwYrrsUHI5twQqQ3qaeCSVlGuK/v2uWDLwFSmuRCS47VduI8PwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFP9r3PgfnmMAUhH8aZJgpEm++blPMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvXzJ2Yy1CLWVZd0JTRWZ4cGttQ2tTYjc1dVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQBWSEM
AwQAWSIbAwQDWSLgAwQAWSOeAwQBWSXEAwQAWSdvAwQAWShDAwQCWSuMAwQAWS2k
MAwDBAFZLgIDBABZLgQDBAVZL2ADBANdcbADBABdccwDBABdck8DBABdcsIDBALB
E8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcNAQELBQADggEBAEbUWCs8
WfW6HCnRb59Rr+WueUh+yBFBtK5RXfxnS9Q3rSxKvx8Cra+K9x0vvmOK/QNsuhAA
lF9nRmsBXIeZHhQTo0F2c5dvcF+4MuLmCKQinmGTVAct2YLV7SK/iICxKMhYTxKh
LQpTWuwEr9LkxM+wytHGyC5egrnH6ZrAq2kyuiAsL3y2Kg9Vs1xNd3lL5yMhYmbD
dUsRADYRKCn8z5nLMwe9ns6B0zTP0PWLva2fBwz0kA7Hpr5NbX1LU798kqxVn+yO
BrJOJet+0+KGNDxp9rPCobdRjgRsdhqW/LfiOsxqHTg+xO0H20jG/IH1omC0UzHz
7DipOCJ23Ip9QaM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org