Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r4zXHPP1J9tc-gzCtvuDldiFtkQ.roa
File: r4zXHPP1J9tc-gzCtvuDldiFtkQ.roa (raw, json)
Hash identifier: ypt3Na0CSb5eXkfctRZGVvbRYPh/zyrAz1YcwEYNy3Q=
Subject key identifier: AF:8C:D7:1C:F3:F5:27:DB:5C:FA:0C:C2:B6:FB:83:95:D8:85:B6:44
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D7958580EAC1DF92D544B700B3D4F8285
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r4zXHPP1J9tc-gzCtvuDldiFtkQ.roa
Signing time: Mon 05 Feb 2024 12:57:29 +0000
ROA not before: Mon 05 Feb 2024 12:57:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 06 Feb 2024 09:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:58:58:0e:ac:1d:f9:2d:54:4b:70:0b:3d:4f:82:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 5 12:57:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af8cd71cf3f527db5cfa0cc2b6fb8395d885b644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b6:95:c9:b2:fc:f6:db:a3:ce:32:13:a1:3e:
c7:ee:94:23:6b:30:51:67:c3:09:6b:44:b9:db:03:
e1:6f:25:b4:6b:b4:01:bc:f0:a7:04:ef:1a:14:53:
ca:ec:b4:b3:4d:8a:67:e6:c7:bd:8f:6a:ae:85:23:
df:23:63:bd:cf:3a:89:9d:a2:14:3a:c1:e0:d8:cc:
99:ea:74:a4:dd:ff:a9:4f:1a:79:45:bc:16:18:da:
58:ff:02:42:36:78:68:21:ff:70:70:5a:b1:5c:66:
46:be:37:7c:bd:00:31:e6:a4:6c:96:34:c2:c5:8f:
48:89:d8:96:14:c4:3a:d6:33:36:2f:91:60:3a:c1:
29:1e:5d:10:0b:c0:88:1d:6e:8c:b0:9f:50:bf:95:
d8:ec:d9:37:92:32:33:e7:e9:14:51:43:7f:d0:5c:
c7:d0:35:4a:16:7d:2a:e1:46:48:25:35:11:dc:47:
c2:ea:da:2c:9c:68:2a:f1:19:8d:66:ee:62:a6:7f:
47:ae:ff:75:cc:e1:d4:ba:3d:2e:45:6e:f7:d0:3b:
21:2b:28:03:f9:59:f8:67:6d:86:37:f8:94:be:88:
db:73:3d:21:7c:f6:ce:79:ce:4b:8c:57:23:4c:86:
43:78:fa:de:c5:6d:9a:f3:b0:69:fa:93:5c:5a:13:
14:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8C:D7:1C:F3:F5:27:DB:5C:FA:0C:C2:B6:FB:83:95:D8:85:B6:44
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r4zXHPP1J9tc-gzCtvuDldiFtkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0-89.47.98.255
89.47.100.0-89.47.111.255
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
3a:fb:76:a2:85:12:23:37:8e:bd:e0:d3:71:2f:fa:6d:50:31:
7c:9f:89:d1:9b:64:13:c0:6c:41:e2:6e:f0:39:72:90:24:b7:
c0:b8:77:20:25:47:da:4f:11:a5:2c:dc:0b:c0:b5:fd:77:c6:
7f:94:ea:e5:54:5e:e1:6d:a8:d0:c3:bb:e0:1b:38:57:d9:b4:
6b:a0:8c:6f:bb:2c:ad:56:5c:7f:63:0d:74:49:11:c0:9e:b8:
1c:b6:93:91:13:82:e9:ab:40:df:30:20:10:43:df:17:13:e2:
8d:fd:26:c1:1b:77:6d:d4:93:87:b5:35:11:b5:ad:db:4e:5e:
48:23:e7:8a:45:c8:96:5f:c1:54:ef:db:4e:b7:2b:42:60:bb:
67:ba:23:10:45:12:2e:b5:21:7d:59:75:bb:2a:de:0c:50:4c:
c3:fc:8b:e0:70:61:40:bb:b9:b4:27:7f:d9:a7:f1:f9:b2:bf:
24:02:8c:c6:22:05:e8:36:32:16:43:88:b2:a2:57:aa:8a:f7:
2b:ed:33:4e:39:86:e9:d6:ac:fa:2e:f5:d0:1f:cd:4d:c2:e2:
4b:a7:f7:4d:cb:6f:fa:83:3d:9f:ed:58:71:47:76:0b:70:ac:
eb:d5:28:6d:cf:3c:50:f1:f7:4f:9f:04:b7:3b:67:fb:b6:f8:
f1:9e:be:a2
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY15WFgOrB35LVRLcAs9T4KFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjA1MTI1NzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjhjZDcxY2YzZjUyN2RiNWNmYTBjYzJiNmZiODM5NWQ4ODViNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7aVybL89tujzjIToT7H7pQjazBR
Z8MJa0S52wPhbyW0a7QBvPCnBO8aFFPK7LSzTYpn5se9j2quhSPfI2O9zzqJnaIU
OsHg2MyZ6nSk3f+pTxp5RbwWGNpY/wJCNnhoIf9wcFqxXGZGvjd8vQAx5qRsljTC
xY9IidiWFMQ61jM2L5FgOsEpHl0QC8CIHW6MsJ9Qv5XY7Nk3kjIz5+kUUUN/0FzH
0DVKFn0q4UZIJTUR3EfC6tosnGgq8RmNZu5ipn9Hrv91zOHUuj0uRW730DshKygD
+Vn4Z22GN/iUvojbcz0hfPbOec5LjFcjTIZDePrexW2a87Bp+pNcWhMUBwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFK+M1xzz9SfbXPoMwrb7g5XYhbZEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcjR6WEhQUDFKOXRjLWd6Q3R2dURsZGlGdGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQAVmpR
AwQAWSIbAwQAWSOeAwQBWSbkAwQAWSdvAwQAWShDAwQAWS2kMAwDBAVZL2ADBABZ
L2IwDAMEAlkvZAMEBFkvYAMEAFkveAMEAFkvegMEAF1xzAMEAF1yTwMEAF1ywgME
ALzxAwMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOC
AQEAOvt2ooUSIzeOveDTcS/6bVAxfJ+J0ZtkE8BsQeJu8DlykCS3wLh3ICVH2k8R
pSzcC8C1/XfGf5Tq5VRe4W2o0MO74Bs4V9m0a6CMb7ssrVZcf2MNdEkRwJ64HLaT
kROC6atA3zAgEEPfFxPijf0mwRt3bdSTh7U1EbWt205eSCPnikXIll/BVO/bTrcr
QmC7Z7ojEEUSLrUhfVl1uyreDFBMw/yL4HBhQLu5tCd/2afx+bK/JAKMxiIF6DYy
FkOIsqJXqor3K+0zTjmG6das+i710B/NTcLiS6f3Tctv+oM9n+1YcUd2C3Cs69Uo
bc88UPH3T58Etztn+7b48Z6+og==
-----END CERTIFICATE-----
Generated at Tue Feb 6 12:06:58 2024 by rpki-client on console-ams.rpki-client.org