Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rCY5t5NnObJSJlP0A6mvHGPzJJU.roa
File: rCY5t5NnObJSJlP0A6mvHGPzJJU.roa (raw, json)
Hash identifier: 4ixMPAfUvFTZDIijY1roC15r9rjcyt2lGUY4UNcOWQ4=
Subject key identifier: AC:26:39:B7:93:67:39:B2:52:26:53:F4:03:A9:AF:1C:63:F3:24:95
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB6F05197650186D947043D43F4FBB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rCY5t5NnObJSJlP0A6mvHGPzJJU.roa
Signing time: Sun 01 Jan 2023 19:25:04 +0000
ROA not before: Sun 01 Jan 2023 19:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 93.114.194.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
188.241.218.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:6f:05:19:76:50:18:6d:94:70:43:d4:3f:4f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac2639b7936739b2522653f403a9af1c63f32495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:48:23:0e:01:bb:b0:ec:64:b4:2e:18:6b:a1:
84:2b:60:8b:f6:97:f6:b4:71:d4:03:f2:2a:51:f0:
a2:94:ef:12:34:4f:48:23:b5:61:b5:88:34:ea:f3:
53:21:94:a1:43:f5:d1:5e:ca:b0:df:3d:13:ea:13:
73:99:df:bf:b1:d1:76:1b:c1:56:87:71:f9:01:4b:
85:04:ca:f6:d9:06:39:8d:44:f9:28:ad:09:b5:79:
86:dc:ae:69:55:2a:cf:29:8e:fd:72:e7:09:44:d6:
bc:73:5e:d0:33:31:27:51:d5:11:93:f0:77:79:7c:
31:83:aa:bb:4e:fe:7a:27:42:94:af:08:7b:fb:82:
0e:e7:2a:c6:7f:91:13:7b:34:66:7d:36:f9:2c:bd:
ed:2c:f1:35:76:e6:ec:f8:47:f4:b5:56:1a:2b:6d:
9d:06:68:52:7e:0c:6b:13:70:7e:86:e9:83:a5:d4:
da:15:76:53:d3:35:c8:35:1f:57:f9:5d:71:e6:5b:
da:89:24:0b:a8:57:b8:0e:30:ad:91:5f:79:76:27:
47:81:10:d2:11:76:28:16:b0:25:0e:0b:cb:4e:fa:
0c:ed:9c:c4:fd:e7:1d:67:9e:0a:cc:1f:cb:c4:52:
03:bf:b7:8b:9f:5d:d3:62:88:66:fc:41:ca:64:02:
f9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:26:39:B7:93:67:39:B2:52:26:53:F4:03:A9:AF:1C:63:F3:24:95
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rCY5t5NnObJSJlP0A6mvHGPzJJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.241.218.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:4b:a6:c6:37:c1:96:82:38:08:25:22:ec:47:37:25:b5:49:
92:9e:48:99:3f:56:46:04:0c:71:2e:b6:b8:fb:a3:7a:a1:fe:
ff:f8:23:96:23:2b:6d:62:d3:4f:1c:b2:1e:61:cb:97:c8:88:
17:54:ff:3d:a2:87:9f:c4:08:e1:af:cc:a1:7e:bd:cc:13:60:
d8:eb:56:a4:39:d4:6e:d2:db:7c:65:7a:fc:55:70:f8:23:5b:
93:2b:68:87:0f:8b:08:06:60:96:9e:e5:c4:3a:d1:09:0f:02:
b2:2c:fd:30:d8:54:12:f9:12:12:83:28:f5:09:7c:4d:c8:38:
81:cc:a8:41:44:9e:40:29:2d:9e:57:10:a5:4b:56:3e:0c:1c:
b4:8e:3a:e2:a0:0b:77:c8:fd:d2:12:25:a9:02:04:72:00:a3:
62:c7:5f:1f:af:ee:4b:0a:78:52:03:b3:1f:5b:6f:d1:de:aa:
3a:99:31:51:11:31:88:c8:0e:1f:f8:d9:e5:72:b6:9d:ca:c2:
93:c2:a4:59:89:90:f7:fc:9b:26:2d:ca:60:cd:99:66:a0:a1:
34:d6:7d:a1:23:5b:b4:62:4f:2f:95:71:4e:bf:c3:dd:69:4f:
f9:44:db:8e:8b:2e:8b:7a:80:74:e1:e3:d9:94:1e:fa:1d:27:
ea:4b:d4:8b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVuy28FGXZQGG2UcEPUP0+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI2MzliNzkzNjczOWIyNTIyNjUzZjQwM2E5YWYxYzYzZjMyNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUgjDgG7sOxktC4Ya6GEK2CL9pf2
tHHUA/IqUfCilO8SNE9II7VhtYg06vNTIZShQ/XRXsqw3z0T6hNzmd+/sdF2G8FW
h3H5AUuFBMr22QY5jUT5KK0JtXmG3K5pVSrPKY79cucJRNa8c17QMzEnUdURk/B3
eXwxg6q7Tv56J0KUrwh7+4IO5yrGf5ETezRmfTb5LL3tLPE1dubs+Ef0tVYaK22d
BmhSfgxrE3B+humDpdTaFXZT0zXINR9X+V1x5lvaiSQLqFe4DjCtkV95didHgRDS
EXYoFrAlDgvLTvoM7ZzE/ecdZ54KzB/LxFIDv7eLn13TYohm/EHKZAL5PQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKwmObeTZzmyUiZT9AOprxxj8ySVMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvckNZNXQ1Tm5PYkpTSmxQMEE2bXZIR1B6SkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVmuyAwQA
WSIbAwQBWSReAwQBWSm0AwQAXXLCAwQAuWVrAwQBvPHaMA0GCSqGSIb3DQEBCwUA
A4IBAQBaS6bGN8GWgjgIJSLsRzcltUmSnkiZP1ZGBAxxLra4+6N6of7/+COWIytt
YtNPHLIeYcuXyIgXVP89ooefxAjhr8yhfr3ME2DY61akOdRu0tt8ZXr8VXD4I1uT
K2iHD4sIBmCWnuXEOtEJDwKyLP0w2FQS+RISgyj1CXxNyDiBzKhBRJ5AKS2eVxCl
S1Y+DBy0jjrioAt3yP3SEiWpAgRyAKNix18fr+5LCnhSA7MfW2/R3qo6mTFRETGI
yA4f+NnlcradysKTwqRZiZD3/JsmLcpgzZlmoKE01n2hI1u0Yk8vlXFOv8PdaU/5
RNuOiy6LeoB04ePZlB76HSfqS9SL
-----END CERTIFICATE-----
Generated at Tue Oct 24 11:07:45 2023 by rpki-client on console-fra.rpki-client.org