Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rJnZnq3ESfAasZxyIHdZWcSj64k.roa
File: rJnZnq3ESfAasZxyIHdZWcSj64k.roa (raw, json)
Hash identifier: b1pqqOP8F9UPHOwvPX1ab5e5/row82yvtJ5teh/ekH4=
Subject key identifier: AC:99:D9:9E:AD:C4:49:F0:1A:B1:9C:72:20:77:59:59:C4:A3:EB:89
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BA9F0E269E182D812471A9D8D2BB8EA5D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rJnZnq3ESfAasZxyIHdZWcSj64k.roa
Signing time: Tue 07 Nov 2023 13:20:17 +0000
ROA not before: Tue 07 Nov 2023 13:20:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Nov 2023 06:43:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:f0:e2:69:e1:82:d8:12:47:1a:9d:8d:2b:b8:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 7 13:20:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac99d99eadc449f01ab19c7220775959c4a3eb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:1c:2a:ce:4f:7b:47:e2:91:1d:25:aa:2f:
c5:27:b6:04:cb:0d:c5:20:53:07:ba:aa:af:59:fc:
d8:44:3b:bb:4b:4b:42:d0:82:cd:e3:2f:5e:95:88:
f1:22:43:3b:1b:c4:07:57:e9:93:52:a5:53:80:d5:
ca:10:4a:18:f0:44:d7:a4:b3:1d:1a:86:bf:9b:0f:
43:bd:b1:18:72:17:cc:7b:89:7b:68:f5:65:60:66:
be:fa:b8:c4:27:b3:41:03:da:3a:ce:df:07:31:52:
3c:08:ae:80:ee:fd:57:d9:fb:a9:87:94:14:76:fe:
19:6f:39:eb:b1:59:1e:c6:ac:c8:33:ce:b6:0e:84:
52:c5:c9:97:4c:4f:71:e8:7a:c4:64:f7:25:9d:4f:
ff:3d:e8:5e:6e:e5:09:0a:a2:ca:14:b4:ef:74:65:
ec:3f:ad:af:13:88:6d:64:e0:99:5f:8d:e1:68:5c:
3a:da:d7:aa:2b:8a:ef:31:88:7b:35:d1:b4:03:a7:
3a:85:5f:17:73:bc:28:fe:ca:2a:b3:27:75:f9:77:
38:05:24:eb:6e:3c:b0:5f:c4:a1:bd:eb:6c:61:19:
6b:95:7b:f2:d2:24:3c:99:fa:5d:b4:81:f7:48:d7:
c8:46:22:ad:7b:c3:68:d2:69:f8:29:2d:3c:55:61:
80:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:99:D9:9E:AD:C4:49:F0:1A:B1:9C:72:20:77:59:59:C4:A3:EB:89
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rJnZnq3ESfAasZxyIHdZWcSj64k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
50:28:6b:a6:39:51:e5:9b:a7:7e:e3:0c:fe:93:5d:ac:f1:0f:
6d:99:65:4a:72:57:50:eb:3f:52:45:f8:a8:0c:43:ee:14:5c:
d5:1a:38:0a:8f:f6:d4:0d:a9:5c:bf:a8:43:e0:1d:7a:40:e8:
d8:ef:45:ed:d1:b6:18:87:0d:8f:c5:7a:4e:85:1f:0c:f5:53:
30:63:6f:ca:2c:bc:f1:c7:48:d8:55:08:74:fa:b5:84:bc:83:
38:a2:2e:66:19:33:80:6b:97:6c:1c:fd:46:3b:e1:8e:81:17:
f9:77:45:f5:ef:d9:bb:17:c4:7a:71:e2:03:08:22:ad:d2:d8:
6a:f4:ed:e5:da:a0:20:c2:f9:fa:52:99:0d:e6:da:27:36:0a:
62:3b:60:bb:ff:6c:fe:69:4b:df:b3:f9:42:58:57:a7:f2:73:
07:52:d9:60:e1:d2:1c:c4:53:cd:22:b7:59:37:b4:5c:e4:a9:
99:9d:37:25:14:6e:5b:74:39:f5:12:f5:f7:bb:75:37:66:ae:
b6:7c:92:75:8f:66:2b:5f:0c:d9:23:59:1d:6d:01:e9:bc:4e:
05:44:5c:e3:85:ab:b5:28:c4:a3:6f:8f:b3:9a:87:e5:da:37:
e2:23:ed:19:9a:02:26:7e:7a:a6:5e:fb:86:28:c9:75:f7:3b:
30:a8:2e:c7
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYup8OJp4YLYEkcanY0ruOpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA3MTMyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk5ZDk5ZWFkYzQ0OWYwMWFiMTljNzIyMDc3NTk1OWM0YTNlYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxIcKs5Pe0fikR0lqi/FJ7YEyw3F
IFMHuqqvWfzYRDu7S0tC0ILN4y9elYjxIkM7G8QHV+mTUqVTgNXKEEoY8ETXpLMd
Goa/mw9DvbEYchfMe4l7aPVlYGa++rjEJ7NBA9o6zt8HMVI8CK6A7v1X2fuph5QU
dv4ZbznrsVkexqzIM862DoRSxcmXTE9x6HrEZPclnU//PehebuUJCqLKFLTvdGXs
P62vE4htZOCZX43haFw62teqK4rvMYh7NdG0A6c6hV8Xc7wo/soqsyd1+Xc4BSTr
bjywX8ShvetsYRlrlXvy0iQ8mfpdtIH3SNfIRiKte8No0mn4KS08VWGABwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFKyZ2Z6txEnwGrGcciB3WVnEo+uJMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvckpuWm5xM0VTZkFhc1p4eUlIZFpXY1NqNjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQBWSIaAwQA
WSOeAwQAWSdvAwQAWShDAwQAWSuPAwQAWS2kAwQAWS4DAwQFWS9gAwQAXXHMAwQA
XXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEB
CwUAA4IBAQBQKGumOVHlm6d+4wz+k12s8Q9tmWVKcldQ6z9SRfioDEPuFFzVGjgK
j/bUDalcv6hD4B16QOjY70Xt0bYYhw2PxXpOhR8M9VMwY2/KLLzxx0jYVQh0+rWE
vIM4oi5mGTOAa5dsHP1GO+GOgRf5d0X179m7F8R6ceIDCCKt0thq9O3l2qAgwvn6
UpkN5tonNgpiO2C7/2z+aUvfs/lCWFen8nMHUtlg4dIcxFPNIrdZN7Rc5KmZnTcl
FG5bdDn1EvX3u3U3Zq62fJJ1j2YrXwzZI1kdbQHpvE4FRFzjhau1KMSjb4+zmofl
2jfiI+0ZmgImfnqmXvuGKMl19zswqC7H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org