Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aTn4WibCWQuBgIROolphbgICMio.roa
File: aTn4WibCWQuBgIROolphbgICMio.roa (raw, json)
Hash identifier: 3rp6TAJ6w7jtTBppLvU5R94Go8uOjpRkYtzTq5mXrLI=
Subject key identifier: 69:39:F8:5A:26:C2:59:0B:81:80:84:4E:A2:5A:61:6E:02:02:32:2A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018625F35587B8B956BE44D9ECDFBFE0A212
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aTn4WibCWQuBgIROolphbgICMio.roa
Signing time: Mon 06 Feb 2023 08:59:09 +0000
ROA not before: Mon 06 Feb 2023 08:59:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.12.0/23 maxlen: 23
188.241.240.0/23 maxlen: 23
188.241.240.0/24 maxlen: 24
188.241.241.0/24 maxlen: 24
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.42.80.0/21 maxlen: 22
89.42.88.0/21 maxlen: 22
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.2.0/23 maxlen: 23
89.46.2.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.46.0.0/23 maxlen: 23
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Mar 2023 12:04:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:f3:55:87:b8:b9:56:be:44:d9:ec:df:bf:e0:a2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 6 08:59:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6939f85a26c2590b8180844ea25a616e0202322a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c6:74:28:c8:59:01:52:70:67:06:1c:98:88:
8e:74:d1:f7:59:c9:cc:cd:c1:7f:10:80:76:62:2d:
5a:f5:96:cc:a6:b6:87:98:5d:41:b9:e0:f8:f0:2d:
48:01:ae:1b:64:62:bb:cc:97:e7:e4:fd:87:45:80:
3f:cb:2c:5c:7f:df:c0:d7:60:77:79:12:65:91:6e:
33:2f:ea:af:96:ef:1a:8f:e5:dd:d3:25:c1:76:d3:
55:9a:f8:a6:2e:17:a5:16:8c:22:88:7e:ad:4d:f9:
55:a1:5e:87:6b:98:66:71:6f:50:5e:86:57:6d:1d:
6e:e5:c9:9b:7e:a9:a8:b1:2a:2d:6f:70:14:56:f1:
a6:76:e1:eb:1e:bd:c5:76:58:a6:de:6d:cc:6b:5d:
64:24:05:7a:c0:86:fc:95:f3:53:a8:59:95:8c:5b:
5f:79:32:87:7e:8a:91:7e:6f:03:b0:f5:80:09:82:
50:2c:9e:90:3a:0b:39:7b:6e:67:7e:d0:7e:fb:a9:
f0:ff:27:ac:e8:94:f9:3a:49:fc:d8:b0:13:8c:82:
84:9d:6d:a1:58:51:e4:3d:64:96:ec:91:01:14:47:
df:7d:a7:c3:ee:7e:97:17:5b:02:e0:f3:84:85:ec:
13:24:9c:e9:85:4f:a5:27:f2:51:b8:e0:3c:2f:c0:
b5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:39:F8:5A:26:C2:59:0B:81:80:84:4E:A2:5A:61:6E:02:02:32:2A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/aTn4WibCWQuBgIROolphbgICMio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/23
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.42.80.0/20
89.43.140.0/22
89.45.164.0/24
89.46.0.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.240.0/23
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
0c:57:26:7b:fd:10:9a:db:11:57:77:88:f0:2f:8d:d3:ce:4b:
21:ce:75:4e:80:cb:22:bf:cf:c6:15:11:24:c6:7e:0a:d8:bf:
78:cb:29:85:4c:43:a5:4a:8d:60:10:a7:19:e8:21:4e:21:9b:
35:2b:e9:6e:38:fc:49:4d:da:61:b0:55:32:d3:65:91:15:37:
4f:2c:64:6f:07:a8:61:7e:1e:ec:ef:67:7c:92:cd:08:f9:29:
29:5c:d3:35:c3:ca:01:27:3b:e2:3f:fb:82:7a:13:6b:a6:03:
94:9d:0e:73:7b:d0:30:2c:d6:56:29:af:71:bf:25:b7:6c:27:
aa:70:3d:83:f7:6f:ce:af:83:a9:dc:94:c7:77:4f:68:90:3f:
34:2a:55:b1:f2:0c:85:87:d5:96:5a:ed:e1:99:d0:48:c3:4a:
03:c9:f9:e2:9c:c8:31:0d:72:da:61:82:7f:36:c6:1b:ad:31:
b5:b2:02:99:9a:c0:da:61:95:81:a9:25:36:ec:55:25:5f:14:
3f:d0:58:4d:63:45:ce:55:9f:ab:a0:70:0c:d9:bf:49:b8:fc:
57:10:e5:08:fe:eb:e2:62:60:2c:a1:af:a8:e2:7c:e7:d1:23:
32:42:fb:55:e3:d0:ad:99:29:8b:81:42:ac:aa:d2:f0:7b:8e:
56:37:64:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYYl81WHuLlWvkTZ7N+/4KISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMjA2MDg1OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM5Zjg1YTI2YzI1OTBiODE4MDg0NGVhMjVhNjE2ZTAyMDIzMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Z0KMhZAVJwZwYcmIiOdNH3WcnM
zcF/EIB2Yi1a9ZbMpraHmF1BueD48C1IAa4bZGK7zJfn5P2HRYA/yyxcf9/A12B3
eRJlkW4zL+qvlu8aj+Xd0yXBdtNVmvimLhelFowiiH6tTflVoV6Ha5hmcW9QXoZX
bR1u5cmbfqmosSotb3AUVvGmduHrHr3Fdlim3m3Ma11kJAV6wIb8lfNTqFmVjFtf
eTKHfoqRfm8DsPWACYJQLJ6QOgs5e25nftB++6nw/yes6JT5Okn82LATjIKEnW2h
WFHkPWSW7JEBFEfffafD7n6XF1sC4POEhewTJJzphU+lJ/JRuOA8L8C1IQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFGk5+FomwlkLgYCETqJaYW4CAjIqMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYVRuNFdpYkNXUXVCZ0lST29scGhiZ0lDTWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB/BAIAATB5AwQBWSEM
AwQAWSIbAwQDWSLgAwQAWSOeAwQBWSXEAwQAWSdvAwQAWShDAwQEWSpQAwQCWSuM
AwQAWS2kMAsDAwFZLgMEAFkuBAMEBVkvYAMEA11xsAMEAF1xzAMEAF1yTwMEAF1y
wgMEAbzx8AMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsF
AAOCAQEADFcme/0QmtsRV3eI8C+N085LIc51ToDLIr/PxhURJMZ+Cti/eMsphUxD
pUqNYBCnGeghTiGbNSvpbjj8SU3aYbBVMtNlkRU3TyxkbweoYX4e7O9nfJLNCPkp
KVzTNcPKASc74j/7gnoTa6YDlJ0Oc3vQMCzWVimvcb8lt2wnqnA9g/dvzq+DqdyU
x3dPaJA/NCpVsfIMhYfVllrt4ZnQSMNKA8n54pzIMQ1y2mGCfzbGG60xtbICmZrA
2mGVgaklNuxVJV8UP9BYTWNFzlWfq6BwDNm/Sbj8VxDlCP7r4mJgLKGvqOJ859Ej
MkL7VePQrZkpi4FCrKrS8HuOVjdk7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org