Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ffJx5MJ2O-GdbplUT21zMHOyZPo.roa
File: ffJx5MJ2O-GdbplUT21zMHOyZPo.roa (raw, json)
Hash identifier: pv5ILd6QDcPxmj6tti+s+ate3dRgDKHtsNgKvjjlX1E=
Subject key identifier: 7D:F2:71:E4:C2:76:3B:E1:9D:6E:99:54:4F:6D:73:30:73:B2:64:FA
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C026019CFA173C7CEB6D394C6DEFE7DA2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ffJx5MJ2O-GdbplUT21zMHOyZPo.roa
Signing time: Fri 24 Nov 2023 17:28:21 +0000
ROA not before: Fri 24 Nov 2023 17:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Nov 2023 09:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:60:19:cf:a1:73:c7:ce:b6:d3:94:c6:de:fe:7d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 24 17:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7df271e4c2763be19d6e99544f6d733073b264fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:dc:56:eb:a4:d9:a7:92:64:5f:41:f8:08:b5:
39:37:0f:65:f7:c9:8d:c3:55:f9:b7:f7:65:39:3a:
c6:a3:62:43:5f:61:e9:27:ec:ee:ba:d4:a0:e8:31:
f6:40:93:05:5d:f6:51:a5:47:ab:2d:0a:4d:21:cb:
f1:88:41:43:b1:25:8b:6d:ed:1c:ad:77:7a:03:22:
10:5b:b6:1f:ce:12:50:d9:f2:67:1b:22:b9:07:d1:
77:57:63:c0:48:d6:48:fd:23:c9:93:e2:ea:e0:75:
0b:80:9c:6d:8a:fb:5b:88:37:05:8b:d3:78:76:51:
f8:ee:74:fe:3f:d9:d0:a0:cc:9e:31:2c:0c:e5:9d:
5c:4c:a6:f9:ca:55:31:e4:db:41:86:74:62:76:ee:
ae:d3:77:c7:f5:57:43:81:2f:b9:ff:6a:27:6c:a7:
0c:28:a9:c3:01:7c:62:f2:2d:41:29:a8:d9:b9:30:
29:bf:06:b6:86:c5:99:b8:54:f0:db:c8:56:76:83:
3f:8a:e7:13:d0:0b:7e:26:27:dc:8b:2d:34:0c:e1:
f8:21:1d:cd:8a:b8:00:ee:f9:97:18:bb:4e:e5:04:
68:e5:ab:03:d5:1b:35:11:89:9e:14:d0:5e:d4:8b:
7b:0e:c5:c1:c7:a7:bb:bb:8d:da:91:bb:62:ae:fd:
6a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F2:71:E4:C2:76:3B:E1:9D:6E:99:54:4F:6D:73:30:73:B2:64:FA
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ffJx5MJ2O-GdbplUT21zMHOyZPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.114.0/23
89.47.118.0-89.47.122.255
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
7a:ec:bf:ee:e2:e2:15:f3:2d:d3:c2:60:9f:6c:36:ce:8d:3a:
ce:c3:a4:26:8f:bc:53:49:2b:d7:a5:14:07:3f:bb:eb:0c:a1:
20:93:dc:4b:5f:a1:8a:5e:e4:72:15:f9:27:44:10:9a:08:c5:
58:fc:03:31:cb:8c:af:f3:55:15:32:2a:fa:0f:e4:9a:88:aa:
07:f5:79:c1:fb:eb:72:61:2a:65:a1:c9:12:93:7d:05:7c:31:
76:7a:36:4c:9f:64:8a:c1:b4:bb:bd:3b:3a:62:c9:b5:01:e7:
84:92:df:bb:0d:71:c1:78:72:f7:5f:a1:50:da:71:fc:af:b4:
0a:54:41:9a:8b:13:f0:f6:b5:81:d0:18:12:4d:5c:13:cf:f8:
4b:9a:f5:6e:05:fc:23:3d:e3:18:a1:d1:d2:58:a8:c0:31:60:
49:38:55:a7:01:30:78:5b:09:85:11:54:8a:ea:de:01:b8:2b:
76:93:93:4b:8c:74:aa:f1:e3:cc:01:1b:90:ed:a8:76:e0:e6:
c2:89:d3:60:74:58:ae:18:81:25:ed:e2:56:41:7c:72:5d:d5:
de:79:f8:ef:89:a6:9a:74:ee:84:ce:80:4b:52:fe:51:44:6d:
90:03:46:e9:c6:b2:0a:42:f9:00:63:4d:dd:67:61:b6:74:f9:
45:a5:7b:23
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYwCYBnPoXPHzrbTlMbe/n2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI0MTcyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGYyNzFlNGMyNzYzYmUxOWQ2ZTk5NTQ0ZjZkNzMzMDczYjI2NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7txW66TZp5JkX0H4CLU5Nw9l98mN
w1X5t/dlOTrGo2JDX2HpJ+zuutSg6DH2QJMFXfZRpUerLQpNIcvxiEFDsSWLbe0c
rXd6AyIQW7YfzhJQ2fJnGyK5B9F3V2PASNZI/SPJk+Lq4HULgJxtivtbiDcFi9N4
dlH47nT+P9nQoMyeMSwM5Z1cTKb5ylUx5NtBhnRidu6u03fH9VdDgS+5/2onbKcM
KKnDAXxi8i1BKajZuTApvwa2hsWZuFTw28hWdoM/iucT0At+Jifciy00DOH4IR3N
irgA7vmXGLtO5QRo5asD1Rs1EYmeFNBe1It7DsXBx6e7u43akbtirv1qiQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFH3yceTCdjvhnW6ZVE9tczBzsmT6MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvZmZKeDVNSjJPLUdkYnBsVVQyMXpNSE95WlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQAWSIbAwQA
WSOeAwQAWSdvAwQAWShDAwQAWS2kAwQEWS9gAwQBWS9yMAwDBAFZL3YDBABZL3oD
BABdccwDBABdck8DBABdcsIDBALBE8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJ
KoZIhvcNAQELBQADggEBAHrsv+7i4hXzLdPCYJ9sNs6NOs7DpCaPvFNJK9elFAc/
u+sMoSCT3EtfoYpe5HIV+SdEEJoIxVj8AzHLjK/zVRUyKvoP5JqIqgf1ecH763Jh
KmWhyRKTfQV8MXZ6NkyfZIrBtLu9OzpiybUB54SS37sNccF4cvdfoVDacfyvtApU
QZqLE/D2tYHQGBJNXBPP+Eua9W4F/CM94xih0dJYqMAxYEk4VacBMHhbCYURVIrq
3gG4K3aTk0uMdKrx48wBG5DtqHbg5sKJ02B0WK4YgSXt4lZBfHJd1d55+O+Jppp0
7oTOgEtS/lFEbZADRunGsgpC+QBjTd1nYbZ0+UWleyM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org