Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ovBk8ygT-LF0mUGkEo_lzcEBGOg.roa
File: ovBk8ygT-LF0mUGkEo_lzcEBGOg.roa (raw, json)
Hash identifier: qk43IyyYk1iVId6zbZhlS3kjawrNGXpLkTuB0my37eA=
Subject key identifier: A2:F0:64:F3:28:13:F8:B1:74:99:41:A4:12:8F:E5:CD:C1:01:18:E8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018DD9E6F51FDD808EA729ABE959BC4DE364
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ovBk8ygT-LF0mUGkEo_lzcEBGOg.roa
Signing time: Sat 24 Feb 2024 06:56:48 +0000
ROA not before: Sat 24 Feb 2024 06:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Mar 2024 06:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d9:e6:f5:1f:dd:80:8e:a7:29:ab:e9:59:bc:4d:e3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 24 06:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2f064f32813f8b1749941a4128fe5cdc10118e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4b:aa:1b:8e:2e:56:3a:33:f1:ef:1c:a1:53:
b3:ce:7d:8b:30:ee:d3:28:ec:7f:a7:8d:ed:27:bd:
2f:e1:09:f6:a6:6f:05:fb:cf:ff:32:54:d0:e3:31:
a0:bd:21:c5:51:58:fc:4b:86:65:0a:d7:44:be:f4:
0e:8f:7f:fd:ab:dd:b4:1f:e1:f8:78:4c:ad:bd:f9:
1b:e5:9c:7a:14:61:3a:9f:af:eb:25:57:25:60:ef:
1c:c7:c2:64:9f:e4:c8:b0:fc:2d:6e:8a:ef:c7:ec:
d2:f9:d4:e7:aa:f9:38:e6:f0:30:d2:21:31:b4:ba:
75:b4:9f:59:34:72:3d:62:b7:36:78:94:6e:3d:f8:
a3:11:ad:50:fc:cc:dd:3c:d7:5a:55:21:34:b1:df:
27:f5:08:4e:9c:2e:28:f2:dd:f9:66:20:03:5a:c4:
3e:03:e1:2d:a9:5e:34:d9:97:3b:de:93:33:71:91:
87:93:8b:b6:61:31:a4:80:43:27:43:8e:d8:de:9a:
a2:6e:b5:a0:46:3b:46:4e:cb:9b:5d:31:ae:ca:30:
cf:c4:98:cd:86:fd:d3:fe:73:4e:4d:1d:eb:ce:9f:
83:fc:65:ad:0e:d4:78:ff:67:e9:d5:33:aa:c5:37:
06:45:f8:49:ed:7e:1a:a3:9a:95:63:13:24:f3:15:
d8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F0:64:F3:28:13:F8:B1:74:99:41:A4:12:8F:E5:CD:C1:01:18:E8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ovBk8ygT-LF0mUGkEo_lzcEBGOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.42.81.0/24
89.42.86.0/24
89.42.95.0/24
89.42.143.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.47.115.0/24
89.47.119.0/24
89.47.125.0/24
89.47.127.0/24
93.113.181.0/24
Signature Algorithm: sha256WithRSAEncryption
75:98:3a:80:f6:0a:5a:80:09:87:26:6c:9b:0c:7c:20:17:94:
0c:94:c2:e3:d0:11:23:96:45:b2:e5:c0:ab:bf:ea:f3:5f:7b:
fd:a6:e8:ba:b0:96:79:18:4a:90:79:82:95:91:13:08:39:c8:
28:19:c7:b4:89:12:15:51:40:f3:6c:8b:30:7f:90:07:03:ad:
d2:cf:05:c5:a1:4b:62:69:c6:6f:b8:38:f3:1d:7b:c4:0d:de:
c9:59:09:5f:f3:b8:bd:bd:64:5c:27:e0:85:cc:96:fa:f8:87:
99:2a:60:86:cb:fb:83:e8:dc:86:34:84:eb:5b:09:47:10:78:
78:92:5d:ed:d9:c0:00:ad:c1:5d:05:05:8a:cf:26:9f:d9:37:
2f:87:02:b9:f3:18:5e:2f:60:35:b4:1e:99:5f:10:6c:39:27:
f3:c4:90:a8:d8:b4:f1:06:6c:e0:00:67:cd:61:40:16:75:36:
06:44:15:6e:cd:05:09:cb:73:2e:a7:c4:8b:d3:ce:a8:bd:66:
f8:9e:cc:60:11:e6:dc:a8:f5:b6:32:bc:6f:7f:f3:f3:34:c6:
a4:b9:1d:dd:70:d7:f5:77:45:2e:95:55:fc:7d:56:be:9b:00:
ff:ad:6f:30:f8:4e:c6:8f:e6:3b:01:8d:e9:29:7d:07:da:2b:
8d:1d:c4:2b
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY3Z5vUf3YCOpymr6Vm8TeNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjI0MDY1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmYwNjRmMzI4MTNmOGIxNzQ5OTQxYTQxMjhmZTVjZGMxMDExOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50uqG44uVjoz8e8coVOzzn2LMO7T
KOx/p43tJ70v4Qn2pm8F+8//MlTQ4zGgvSHFUVj8S4ZlCtdEvvQOj3/9q920H+H4
eEytvfkb5Zx6FGE6n6/rJVclYO8cx8Jkn+TIsPwtborvx+zS+dTnqvk45vAw0iEx
tLp1tJ9ZNHI9Yrc2eJRuPfijEa1Q/MzdPNdaVSE0sd8n9QhOnC4o8t35ZiADWsQ+
A+EtqV402Zc73pMzcZGHk4u2YTGkgEMnQ47Y3pqibrWgRjtGTsubXTGuyjDPxJjN
hv3T/nNOTR3rzp+D/GWtDtR4/2fp1TOqxTcGRfhJ7X4ao5qVYxMk8xXY9wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKLwZPMoE/ixdJlBpBKP5c3BARjoMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvb3ZCazh5Z1QtTEYwbVVHa0VvX2x6Y0VCR09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBWSLgAwQA
WSLkAwQAWSLnAwQAWSpRAwQAWSpWAwQAWSpfAwQAWSqPAwQAWSuMAwQAWSuPAwQA
WS4AAwQAWS9zAwQAWS93AwQAWS99AwQAWS9/AwQAXXG1MA0GCSqGSIb3DQEBCwUA
A4IBAQB1mDqA9gpagAmHJmybDHwgF5QMlMLj0BEjlkWy5cCrv+rzX3v9pui6sJZ5
GEqQeYKVkRMIOcgoGce0iRIVUUDzbIswf5AHA63SzwXFoUtiacZvuDjzHXvEDd7J
WQlf87i9vWRcJ+CFzJb6+IeZKmCGy/uD6NyGNITrWwlHEHh4kl3t2cAArcFdBQWK
zyaf2TcvhwK58xheL2A1tB6ZXxBsOSfzxJCo2LTxBmzgAGfNYUAWdTYGRBVuzQUJ
y3Mup8SL086ovWb4nsxgEebcqPW2Mrxvf/PzNMakuR3dcNf1d0UulVX8fVa+mwD/
rW8w+E7Gj+Y7AY3pKX0H2iuNHcQr
-----END CERTIFICATE-----
Generated at Sat Mar 23 08:03:46 2024 by rpki-client on console-fra.rpki-client.org