Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aLwbLITHCSui_OnlwVZuA_JceBM.roa
File: aLwbLITHCSui_OnlwVZuA_JceBM.roa (raw, json)
Hash identifier: 4hVuhK5nWPDvjix8z3BydXKKRHDg3Z+d/lieYe3gMjw=
Subject key identifier: 68:BC:1B:2C:84:C7:09:2B:A2:FC:E9:E5:C1:56:6E:03:F2:5C:78:13
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D754E83FD3C7847B18439AA45EF2C7110
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aLwbLITHCSui_OnlwVZuA_JceBM.roa
Signing time: Sun 04 Feb 2024 18:08:16 +0000
ROA not before: Sun 04 Feb 2024 18:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Feb 2024 11:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:4e:83:fd:3c:78:47:b1:84:39:aa:45:ef:2c:71:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 4 18:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68bc1b2c84c7092ba2fce9e5c1566e03f25c7813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:10:c9:6a:fc:8d:82:c2:c9:0d:af:98:9e:d2:
a5:47:59:06:60:a4:cd:3d:4b:3c:e4:6f:6d:d6:2b:
0a:9e:c1:3e:33:fa:03:a3:9d:fc:02:86:cf:38:d2:
34:44:bb:81:0a:28:64:a0:8a:a6:51:6f:c8:bd:30:
9f:c1:5f:23:f1:8c:c5:2f:e1:4a:3c:db:1a:6a:c0:
1c:7c:a6:f5:b2:63:2d:99:ac:f6:35:e3:fe:a6:7f:
8c:01:15:8e:5d:34:3a:ca:81:5d:fe:59:e4:f2:ad:
43:e5:46:11:8a:d1:62:11:24:96:1e:c0:da:7a:cc:
a1:b2:12:6c:f7:05:59:fd:75:ef:35:aa:7a:58:f4:
4a:3e:ed:ac:8b:20:e8:37:4a:0d:e2:20:66:b3:c8:
6e:f7:6f:49:df:d8:99:71:01:b1:8a:a2:7a:6e:d4:
5f:30:0c:43:47:79:d0:5f:1e:e7:0f:45:ee:14:6c:
cf:ce:ee:19:01:66:cc:71:59:64:aa:0f:36:7a:56:
8e:27:ed:42:79:89:da:86:5a:bb:73:d7:07:22:52:
d2:29:33:a6:58:e6:da:40:cb:5a:a3:6d:d1:23:fe:
53:22:0d:0f:13:44:a7:49:a7:0e:7c:06:ae:32:0b:
f2:a8:a7:f0:85:06:de:00:44:06:ff:30:f5:49:2b:
20:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BC:1B:2C:84:C7:09:2B:A2:FC:E9:E5:C1:56:6E:03:F2:5C:78:13
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aLwbLITHCSui_OnlwVZuA_JceBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
10:f0:0c:29:1e:9d:d3:fa:69:59:8f:42:de:32:d4:4e:81:c9:
55:f2:94:e5:0f:a7:c2:f2:33:5b:22:f5:0a:ff:ca:fd:b9:20:
b8:73:e6:da:9d:1a:4a:a3:22:8e:e1:9f:ea:61:e4:d6:65:7b:
85:58:5b:26:21:17:60:59:23:e0:9d:50:1a:89:40:80:40:6b:
d8:42:33:87:e9:be:72:0c:39:a5:ca:77:24:7f:28:90:8c:bc:
45:ec:7d:3a:66:75:64:98:3c:15:67:97:90:3d:ee:7c:32:a6:
7d:72:e6:8b:7d:cb:6a:61:77:17:0a:86:d2:60:82:37:a6:00:
51:a4:7a:7d:a0:9a:e0:b5:5b:c4:78:44:8d:25:f0:8d:13:02:
ad:95:d5:b9:67:82:6f:4e:77:ab:d4:de:ac:51:c4:db:b7:86:
0d:a2:04:bf:56:f4:d9:bf:f6:66:55:2f:0a:02:97:cc:bb:67:
cd:40:2f:6b:3e:30:92:de:63:d4:20:cf:3f:e8:3c:23:a4:ae:
54:4d:cd:b8:bb:cb:cb:c3:8a:dd:58:2d:ec:f5:e8:64:bc:15:
cf:d3:a0:f6:41:a1:1e:89:af:1d:2f:eb:2d:5b:dc:99:e9:1a:
b8:fa:98:ff:7a:8d:45:db:4d:c4:e7:e0:e9:b6:c1:9a:69:82:
c0:2f:40:22
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY11ToP9PHhHsYQ5qkXvLHEQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjA0MTgwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJjMWIyYzg0YzcwOTJiYTJmY2U5ZTVjMTU2NmUwM2YyNWM3ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxDJavyNgsLJDa+YntKlR1kGYKTN
PUs85G9t1isKnsE+M/oDo538AobPONI0RLuBCihkoIqmUW/IvTCfwV8j8YzFL+FK
PNsaasAcfKb1smMtmaz2NeP+pn+MARWOXTQ6yoFd/lnk8q1D5UYRitFiESSWHsDa
esyhshJs9wVZ/XXvNap6WPRKPu2siyDoN0oN4iBms8hu929J39iZcQGxiqJ6btRf
MAxDR3nQXx7nD0XuFGzPzu4ZAWbMcVlkqg82elaOJ+1CeYnahlq7c9cHIlLSKTOm
WObaQMtao23RI/5TIg0PE0SnSacOfAauMgvyqKfwhQbeAEQG/zD1SSsg7QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFGi8GyyExwkrovzp5cFWbgPyXHgTMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYUx3YkxJVEhDU3VpX09ubHdWWnVBX0pjZUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFZqUQME
AFkiGwMEAFkjngMEAVkm5AMEAFknbwMEAFkoQwMEAFktpAMEBFkvYAMEAFkveAME
AFkvegMEAF1xzAMEAF1yTwMEAF1ywgMEALzxAwMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAEPAMKR6d0/ppWY9C3jLUToHJVfKU
5Q+nwvIzWyL1Cv/K/bkguHPm2p0aSqMijuGf6mHk1mV7hVhbJiEXYFkj4J1QGolA
gEBr2EIzh+m+cgw5pcp3JH8okIy8Rex9OmZ1ZJg8FWeXkD3ufDKmfXLmi33LamF3
FwqG0mCCN6YAUaR6faCa4LVbxHhEjSXwjRMCrZXVuWeCb053q9TerFHE27eGDaIE
v1b02b/2ZlUvCgKXzLtnzUAvaz4wkt5j1CDPP+g8I6SuVE3NuLvLy8OK3Vgt7PXo
ZLwVz9Og9kGhHomvHS/rLVvcmekauPqY/3qNRdtNxOfg6bbBmmmCwC9AIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org