Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a3SGP-k9Uq3F8nlxXygzVdFYoi0.roa
File: a3SGP-k9Uq3F8nlxXygzVdFYoi0.roa (raw, json)
Hash identifier: XklWsVxVIXoZsYnMMuVZ/RPmr/UigacaccfFqZ60sJU=
Subject key identifier: 6B:74:86:3F:E9:3D:52:AD:C5:F2:79:71:5F:28:33:55:D1:58:A2:2D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B8458D57C326AEFAF34EBD7D2E03027B5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a3SGP-k9Uq3F8nlxXygzVdFYoi0.roa
Signing time: Tue 31 Oct 2023 06:08:16 +0000
ROA not before: Tue 31 Oct 2023 06:08:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Nov 2023 09:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:58:d5:7c:32:6a:ef:af:34:eb:d7:d2:e0:30:27:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 31 06:08:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b74863fe93d52adc5f279715f283355d158a22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fb:6d:3a:0f:d1:29:36:af:70:2e:a8:cf:33:
c5:c5:48:63:b0:1c:dd:99:ef:21:27:6d:2c:ef:a6:
a6:35:6d:ab:f7:f1:d7:04:52:ef:c3:72:d8:25:db:
8b:df:b5:e6:b0:d8:09:e9:af:77:0b:9a:5d:cb:d8:
7d:49:fd:ca:5a:0c:28:8d:00:2e:47:0b:80:07:46:
f2:a5:48:d6:d4:b7:c0:b7:6a:cd:d9:51:8b:7e:60:
9d:de:18:ce:d1:13:45:c4:cb:cd:28:ca:86:7a:55:
16:76:34:34:62:d5:52:91:39:e5:03:58:dc:66:02:
4b:2d:c8:de:85:51:d8:6c:2b:d0:96:cf:0d:37:bb:
16:88:40:dc:8d:3b:a9:76:12:f9:bf:71:45:e9:1c:
5a:08:79:92:84:19:18:e6:f4:97:61:18:5d:06:46:
b0:b7:d2:57:7c:59:46:3c:a6:1a:96:40:4a:29:44:
d1:ed:6b:8e:0c:26:f2:54:05:88:ff:c4:f0:a7:dd:
12:bb:de:91:11:54:8e:4b:6f:66:fe:27:57:ce:e8:
a2:44:0e:36:e0:f1:65:8c:36:3d:13:50:ee:08:49:
e4:32:db:b5:49:cf:f2:ee:d3:01:30:33:92:94:7a:
5f:fb:b1:7b:82:a8:d8:46:ff:34:5c:b9:35:19:fd:
15:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:74:86:3F:E9:3D:52:AD:C5:F2:79:71:5F:28:33:55:D1:58:A2:2D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/a3SGP-k9Uq3F8nlxXygzVdFYoi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
47:1d:bd:5e:57:cf:85:6f:cf:8f:2e:b7:0f:1d:63:57:76:16:
47:bc:f5:c0:0d:00:09:fe:e7:2e:c5:6a:8c:21:05:10:78:0c:
3a:e9:fe:f4:e0:ae:34:21:91:48:16:e8:44:8a:91:ad:26:b8:
89:32:d8:64:5a:37:dd:0f:77:b2:b9:f1:02:a9:d5:ee:81:8c:
2e:02:ab:d8:d7:15:61:97:6f:3a:3b:da:29:1f:0d:a0:59:df:
b6:2a:dd:93:c1:3d:a6:ed:04:56:66:dd:8b:dd:96:50:a0:e1:
34:82:a6:17:af:0f:dd:2c:79:fb:48:52:68:83:15:78:55:76:
fa:00:4c:7c:95:78:83:b6:c1:c6:31:58:31:3c:aa:a6:fc:83:
0e:12:a5:70:65:27:d5:f5:a5:30:c1:5f:69:45:ac:88:82:67:
65:41:8c:3f:31:5b:e8:35:4d:14:50:df:56:83:80:c5:8b:03:
eb:8e:75:55:ef:bb:90:b8:3b:f4:5b:62:7d:48:80:4b:55:0b:
9d:ab:0f:d0:f4:51:75:21:71:33:ef:09:35:38:72:dc:09:3d:
06:7b:67:40:54:2a:9f:0b:d2:a6:86:36:0e:77:7d:08:4a:0a:
a9:5f:24:7d:57:82:e6:4d:ff:c0:9d:20:67:98:13:70:2b:e3:
81:97:e6:1d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYuEWNV8MmrvrzTr19LgMCe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDMxMDYwODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc0ODYzZmU5M2Q1MmFkYzVmMjc5NzE1ZjI4MzM1NWQxNThhMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfttOg/RKTavcC6ozzPFxUhjsBzd
me8hJ20s76amNW2r9/HXBFLvw3LYJduL37XmsNgJ6a93C5pdy9h9Sf3KWgwojQAu
RwuAB0bypUjW1LfAt2rN2VGLfmCd3hjO0RNFxMvNKMqGelUWdjQ0YtVSkTnlA1jc
ZgJLLcjehVHYbCvQls8NN7sWiEDcjTupdhL5v3FF6RxaCHmShBkY5vSXYRhdBkaw
t9JXfFlGPKYalkBKKUTR7WuODCbyVAWI/8Twp90Su96REVSOS29m/idXzuiiRA42
4PFljDY9E1DuCEnkMtu1Sc/y7tMBMDOSlHpf+7F7gqjYRv80XLk1Gf0VFQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGt0hj/pPVKtxfJ5cV8oM1XRWKItMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYTNTR1AtazlVcTNGOG5seFh5Z3pWZEZZb2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAFkrjwMEAFktpAMEAFkuAwME
BVkvYAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFN
GDANBgkqhkiG9w0BAQsFAAOCAQEARx29XlfPhW/Pjy63Dx1jV3YWR7z1wA0ACf7n
LsVqjCEFEHgMOun+9OCuNCGRSBboRIqRrSa4iTLYZFo33Q93srnxAqnV7oGMLgKr
2NcVYZdvOjvaKR8NoFnftirdk8E9pu0EVmbdi92WUKDhNIKmF68P3Sx5+0hSaIMV
eFV2+gBMfJV4g7bBxjFYMTyqpvyDDhKlcGUn1fWlMMFfaUWsiIJnZUGMPzFb6DVN
FFDfVoOAxYsD6451Ve+7kLg79FtifUiAS1ULnasP0PRRdSFxM+8JNThy3Ak9Bntn
QFQqnwvSpoY2Dnd9CEoKqV8kfVeC5k3/wJ0gZ5gTcCvjgZfmHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org