Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/i6NlmkiZUSZ1wd-2YyavTQbA3Yk.roa
File: i6NlmkiZUSZ1wd-2YyavTQbA3Yk.roa (raw, json)
Hash identifier: rSdbQBCvSAolflF9SEphGOGlvzmG72gRrfWlbqiPeCM=
Subject key identifier: 8B:A3:65:9A:48:99:51:26:75:C1:DF:B6:63:26:AF:4D:06:C0:DD:89
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018AD6E32DFB41BFA7B02FE237C6EEB026CB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/i6NlmkiZUSZ1wd-2YyavTQbA3Yk.roa
Signing time: Wed 27 Sep 2023 13:45:27 +0000
ROA not before: Wed 27 Sep 2023 13:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.180.0/24 maxlen: 24
93.113.182.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Oct 2023 16:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:e3:2d:fb:41:bf:a7:b0:2f:e2:37:c6:ee:b0:26:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 27 13:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ba3659a4899512675c1dfb66326af4d06c0dd89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:99:c7:39:24:a8:ea:68:20:12:b1:b6:72:51:
81:1b:f9:fb:d2:c1:be:5b:cc:d9:70:f9:07:98:07:
71:cd:cb:2b:6c:2d:8d:d1:7f:04:aa:f3:f6:03:6e:
70:0b:33:35:2f:86:d6:12:50:07:08:2c:b2:7d:a6:
e5:89:e2:e5:d7:e8:a1:5a:33:08:03:30:8c:4a:76:
d0:5b:17:12:33:c2:f4:17:be:8f:8f:4c:ac:f2:27:
d0:1f:65:a6:d0:6d:be:44:f7:fa:40:0f:de:53:3d:
62:b6:80:dc:38:7d:d0:58:9b:cd:42:b5:56:e2:ae:
b9:ae:d0:d4:e7:8e:5a:19:5b:c6:02:62:e7:fd:1a:
5e:0f:20:d6:72:68:e0:ef:01:17:7b:24:2b:dc:f7:
44:11:19:7e:e5:f8:c5:0e:95:23:46:4c:33:9b:1e:
f8:43:fe:e3:00:76:79:3c:d1:56:e3:67:22:47:6d:
ed:6d:09:25:58:33:a1:d7:6d:20:62:0a:a3:f0:c0:
0c:11:82:40:1c:34:bc:83:eb:6d:d3:dc:18:bf:65:
19:21:d8:ef:a7:af:3b:c8:ec:73:59:76:3b:4f:84:
2f:98:2e:f9:1f:44:d3:43:89:9b:21:68:53:80:fa:
c8:c6:e7:0b:93:55:19:1a:b0:7f:2e:a7:87:50:36:
d5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A3:65:9A:48:99:51:26:75:C1:DF:B6:63:26:AF:4D:06:C0:DD:89
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/i6NlmkiZUSZ1wd-2YyavTQbA3Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.180.0/22
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
24:d5:72:48:44:d1:18:87:cd:39:ae:4d:52:81:0e:f1:cb:f7:
73:aa:6b:99:7d:38:5d:46:a6:0f:3c:00:26:d2:69:0b:8b:25:
fa:44:b3:a7:c2:96:a7:bd:86:d8:9b:4f:b9:c6:cc:b7:74:1d:
d9:94:ed:f3:30:29:ba:c6:0d:21:d4:12:5a:40:34:51:10:5e:
c7:c7:ab:e8:7c:fe:15:90:93:50:aa:11:13:c6:12:9a:6c:bd:
f6:d9:0f:97:0c:96:c5:27:2b:3f:4c:ad:53:55:36:38:fc:6b:
88:45:1c:25:9a:f1:c0:96:00:10:4e:1a:e5:28:4b:90:8b:30:
0a:e8:db:12:f0:d6:af:2a:d2:02:5e:fe:60:bf:3c:70:9f:37:
bd:88:75:12:5e:48:d0:7d:93:d3:34:63:ce:c1:18:02:c9:36:
70:17:7e:3d:49:9e:29:ab:bd:b8:10:c8:1a:f6:7d:08:f2:ca:
6f:66:5f:0c:72:15:58:85:c9:0e:93:b3:12:11:63:8a:33:76:
3b:37:40:22:fd:cc:cd:3c:1f:a0:70:a3:03:6c:8d:a3:f5:24:
81:d1:1b:fc:4c:4e:71:80:11:40:7f:16:a5:fe:5b:2b:0a:e0:
a3:86:73:5e:e6:4f:3a:6e:d1:7e:d4:73:b1:40:37:c9:a3:e5:
be:6f:11:4a
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAYrW4y37Qb+nsC/iN8busCbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI3MTM0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmEzNjU5YTQ4OTk1MTI2NzVjMWRmYjY2MzI2YWY0ZDA2YzBkZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpnHOSSo6mggErG2clGBG/n70sG+
W8zZcPkHmAdxzcsrbC2N0X8EqvP2A25wCzM1L4bWElAHCCyyfablieLl1+ihWjMI
AzCMSnbQWxcSM8L0F76Pj0ys8ifQH2Wm0G2+RPf6QA/eUz1itoDcOH3QWJvNQrVW
4q65rtDU545aGVvGAmLn/RpeDyDWcmjg7wEXeyQr3PdEERl+5fjFDpUjRkwzmx74
Q/7jAHZ5PNFW42ciR23tbQklWDOh120gYgqj8MAMEYJAHDS8g+tt09wYv2UZIdjv
p687yOxzWXY7T4QvmC75H0TTQ4mbIWhTgPrIxucLk1UZGrB/LqeHUDbVuwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFIujZZpImVEmdcHftmMmr00GwN2JMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaTZObG1raVpVU1oxd2QtMll5YXZUUWJBM1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFkiGwME
AFki5AMEAVki5gMEAFkjngMEAFknbwMEAFkoQwMEAlkrjAMEAFktpAMEAFkuAwME
BVkvYAMEAl1xtAMEAF1xzAMEAF1yTwMEAF1ywgMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAJNVySETRGIfNOa5NUoEO8cv3c6pr
mX04XUamDzwAJtJpC4sl+kSzp8KWp72G2JtPucbMt3Qd2ZTt8zApusYNIdQSWkA0
URBex8er6Hz+FZCTUKoRE8YSmmy99tkPlwyWxScrP0ytU1U2OPxriEUcJZrxwJYA
EE4a5ShLkIswCujbEvDWryrSAl7+YL88cJ83vYh1El5I0H2T0zRjzsEYAsk2cBd+
PUmeKau9uBDIGvZ9CPLKb2ZfDHIVWIXJDpOzEhFjijN2OzdAIv3MzTwfoHCjA2yN
o/UkgdEb/ExOcYARQH8Wpf5bKwrgo4ZzXuZPOm7RftRzsUA3yaPlvm8RSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org