Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/avp0gpfC1ch4x2FYoM5RV07Us1g.roa
File: avp0gpfC1ch4x2FYoM5RV07Us1g.roa (raw, json)
Hash identifier: sV6yQxR1OML0ZhQEPAoER2xql36g7V58IuXpUl4xMhE=
Subject key identifier: 6A:FA:74:82:97:C2:D5:C8:78:C7:61:58:A0:CE:51:57:4E:D4:B3:58
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BE36223FF190E5619738B743F3B3B24A0
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/avp0gpfC1ch4x2FYoM5RV07Us1g.roa
Signing time: Sat 18 Nov 2023 17:02:21 +0000
ROA not before: Sat 18 Nov 2023 17:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
89.34.225.0/24 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
89.34.227.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e3:62:23:ff:19:0e:56:19:73:8b:74:3f:3b:3b:24:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 18 17:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6afa748297c2d5c878c76158a0ce51574ed4b358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6c:9f:7d:ed:63:5c:8b:60:37:69:31:f5:59:
06:fd:d8:ea:43:51:47:3c:5d:e4:c2:fd:c6:cf:0d:
d5:56:98:35:f2:91:a4:9a:79:7b:d8:1c:0b:a5:3f:
be:0c:d1:98:40:ad:07:ff:ac:99:8f:06:90:60:61:
2b:40:94:47:b3:64:4d:d0:b9:8b:b6:6d:36:36:92:
91:96:ba:a1:66:64:35:75:01:bf:82:73:5e:cc:2d:
5c:c1:ad:6c:c7:e3:4f:45:b0:58:63:6c:62:5a:00:
46:14:2c:96:0d:fe:83:32:9d:f6:7f:4a:31:0f:47:
81:fa:d6:28:48:bd:dd:82:db:6c:75:6a:95:fc:f0:
7d:b0:37:ba:2d:84:d0:08:f6:13:04:48:34:8a:f6:
ac:b8:fe:af:28:6f:09:c0:41:4b:cc:b2:cd:3a:ac:
a9:34:3c:86:46:18:9a:38:92:62:44:6d:10:58:a9:
0e:e2:65:ef:35:61:50:3b:e8:5f:e7:19:d1:b4:f0:
15:da:02:dc:ef:df:04:e6:5a:7d:ce:04:8a:bf:11:
2b:aa:5e:c7:4e:77:f3:98:87:25:99:12:4c:c3:9c:
ef:fb:12:bf:b9:47:ad:68:2e:5f:e0:f8:d6:d2:17:
ac:e0:3b:bd:aa:93:c8:b6:e5:06:9e:fd:37:48:19:
d7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:FA:74:82:97:C2:D5:C8:78:C7:61:58:A0:CE:51:57:4E:D4:B3:58
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/avp0gpfC1ch4x2FYoM5RV07Us1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.224.0/23
89.34.227.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
35:83:45:01:be:17:f5:ab:29:4f:46:38:31:fd:c1:08:1c:28:
47:14:df:77:fb:0a:29:3b:73:cd:59:74:66:73:c1:6d:86:79:
7e:82:98:1d:9e:d6:d3:62:58:73:dd:e5:71:ae:00:93:d7:e7:
7e:0e:e8:c0:7d:e5:8d:3b:a5:e0:4d:28:a8:9c:2e:dd:cb:37:
cb:43:45:f5:b3:23:dc:dc:bd:25:c6:8e:c1:50:01:f2:02:a8:
3e:35:e7:28:0b:1b:38:00:e1:f0:10:b7:d7:fb:3e:8f:1d:11:
97:38:cf:e6:46:bb:32:c0:45:43:54:4b:b6:a5:db:4e:a0:be:
e4:f8:b7:7a:64:04:39:ed:5b:4c:5e:f5:a6:b0:22:b9:67:ba:
67:dd:40:03:d7:ee:a6:7e:97:f6:f7:66:46:da:d4:94:4d:a8:
5b:47:78:ac:2b:9c:0b:8f:31:1f:67:4c:17:75:2f:43:08:ab:
e6:cc:cd:d9:77:ab:6b:a9:ba:8e:b5:be:5d:f1:43:e0:83:1a:
a0:48:05:64:5f:54:a0:38:12:98:1f:62:73:cf:97:df:a8:e0:
37:9a:8a:73:71:1b:bd:91:11:46:84:81:90:f7:be:ef:02:9e:
c3:7e:60:9e:d1:fd:82:c1:92:fc:a9:8c:6e:09:f2:f7:98:ed:
52:17:0c:2d
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYvjYiP/GQ5WGXOLdD87OySgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTE4MTcwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWZhNzQ4Mjk3YzJkNWM4NzhjNzYxNThhMGNlNTE1NzRlZDRiMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGyffe1jXItgN2kx9VkG/djqQ1FH
PF3kwv3Gzw3VVpg18pGkmnl72BwLpT++DNGYQK0H/6yZjwaQYGErQJRHs2RN0LmL
tm02NpKRlrqhZmQ1dQG/gnNezC1cwa1sx+NPRbBYY2xiWgBGFCyWDf6DMp32f0ox
D0eB+tYoSL3dgttsdWqV/PB9sDe6LYTQCPYTBEg0ivasuP6vKG8JwEFLzLLNOqyp
NDyGRhiaOJJiRG0QWKkO4mXvNWFQO+hf5xnRtPAV2gLc798E5lp9zgSKvxErql7H
TnfzmIclmRJMw5zv+xK/uUetaC5f4PjW0hes4Du9qpPItuUGnv03SBnXsQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGr6dIKXwtXIeMdhWKDOUVdO1LNYMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvYXZwMGdwZkMxY2g0eDJGWW9NNVJWMDdVczFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAWSIbAwQB
WSLgAwQAWSLjAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kAwQFWS9gAwQAXXHMAwQA
XXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEB
CwUAA4IBAQA1g0UBvhf1qylPRjgx/cEIHChHFN93+wopO3PNWXRmc8Fthnl+gpgd
ntbTYlhz3eVxrgCT1+d+DujAfeWNO6XgTSionC7dyzfLQ0X1syPc3L0lxo7BUAHy
Aqg+NecoCxs4AOHwELfX+z6PHRGXOM/mRrsywEVDVEu2pdtOoL7k+Ld6ZAQ57VtM
XvWmsCK5Z7pn3UAD1+6mfpf292ZG2tSUTahbR3isK5wLjzEfZ0wXdS9DCKvmzM3Z
d6trqbqOtb5d8UPggxqgSAVkX1SgOBKYH2Jzz5ffqOA3mopzcRu9kRFGhIGQ977v
Ap7DfmCe0f2CwZL8qYxuCfL3mO1SFwwt
-----END CERTIFICATE-----
Generated at Mon Nov 20 13:56:17 2023 by rpki-client on console-fra.rpki-client.org