Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rnKNXoBqSxzVuvNAhs1tWss76ig.roa
File: rnKNXoBqSxzVuvNAhs1tWss76ig.roa (raw, json)
Hash identifier: X9gfQY0UYxgBlUg5agcSYC/0MirHS/H8RhpxUO+1BmM=
Subject key identifier: AE:72:8D:5E:80:6A:4B:1C:D5:BA:F3:40:86:CD:6D:5A:CB:3B:EA:28
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BADABC7DD363856B79DD2366FD0F9C64C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rnKNXoBqSxzVuvNAhs1tWss76ig.roa
Signing time: Wed 08 Nov 2023 06:43:18 +0000
ROA not before: Wed 08 Nov 2023 06:43:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Nov 2023 14:40:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:ab:c7:dd:36:38:56:b7:9d:d2:36:6f:d0:f9:c6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 8 06:43:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae728d5e806a4b1cd5baf34086cd6d5acb3bea28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:b2:ab:2f:25:92:e8:16:ab:ff:73:08:1f:
8f:29:42:6c:be:3b:c7:33:d7:ca:d1:a6:57:57:4f:
15:64:72:a1:65:37:79:fd:de:bc:b1:93:43:fc:75:
90:20:6d:9a:40:75:43:6a:7f:cd:b3:7e:27:b3:31:
b1:c9:be:86:d6:a1:b5:65:3a:64:3c:21:1a:42:4d:
44:06:04:75:55:35:9f:fd:94:b1:81:61:3b:d5:11:
70:fa:4d:f5:87:4c:d9:a1:b1:d5:1c:7e:0c:e5:bc:
97:50:e3:21:ec:73:b0:e2:fe:a6:9b:10:a1:dd:e9:
c6:59:ca:e2:13:c6:a2:96:f6:ad:13:16:d7:ad:f3:
57:da:59:34:47:b3:be:55:50:51:65:df:2a:92:b7:
8a:3e:f3:6d:95:80:b9:a8:45:af:17:bd:01:6f:de:
83:4d:58:2d:6c:11:3e:f7:3c:c4:e7:0d:cf:4a:29:
ee:8c:7f:c9:19:c1:39:e2:d1:aa:ee:a1:54:b2:fa:
6b:60:52:a4:ef:ef:2e:79:04:ad:53:d9:7f:93:1e:
1d:35:b5:2e:fb:0f:e9:f3:fa:65:a7:6c:d4:f6:d3:
b0:64:fe:78:ac:5c:6f:9e:ac:38:5f:8c:14:06:30:
be:8d:55:9e:be:d4:c5:61:fc:57:3e:d1:e6:d9:dc:
b9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:72:8D:5E:80:6A:4B:1C:D5:BA:F3:40:86:CD:6D:5A:CB:3B:EA:28
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/rnKNXoBqSxzVuvNAhs1tWss76ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.143.0/24
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
33:c8:5e:53:24:d4:4e:47:f2:64:0b:3a:08:95:64:37:57:38:
70:77:ed:70:27:84:2b:30:ac:ca:24:2a:f5:c1:07:2d:7c:85:
01:b5:97:6f:6b:ed:67:db:10:2b:bb:e9:d6:0c:1f:52:ef:ac:
c7:c1:09:c4:3d:97:3f:5c:12:a1:72:8c:4b:12:54:30:48:12:
c8:3a:72:8c:2d:c2:93:30:7e:31:f7:59:59:10:04:d7:84:43:
ab:f2:0d:f9:04:dd:62:cd:fb:37:53:e1:bc:4d:98:b2:c2:2c:
5d:cc:f5:69:56:71:3d:48:f4:a6:48:0d:4e:08:66:33:5d:39:
09:4b:3d:36:96:17:60:2c:c1:e3:89:57:e7:c6:ee:3f:d3:c7:
06:31:dd:53:60:e3:af:f1:8e:f6:fb:bd:f0:2f:ed:ba:ab:48:
fa:c0:a3:48:39:bd:09:bd:93:17:63:0d:a3:3f:cd:4a:ae:ea:
cd:e4:2b:42:0a:b9:0b:3d:3f:7f:e1:34:5f:0b:28:39:9b:58:
15:3c:cf:b1:81:7c:ff:38:41:2d:e0:59:9b:be:33:9b:13:96:
71:89:2c:16:36:6b:c3:ff:8a:3e:78:38:29:22:0e:3a:37:98:
e3:a5:ce:21:78:79:5e:3e:82:37:76:6c:43:75:55:fc:45:7e:
ef:94:07:06
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYutq8fdNjhWt53SNm/Q+cZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTA4MDY0MzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTcyOGQ1ZTgwNmE0YjFjZDViYWYzNDA4NmNkNmQ1YWNiM2JlYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk+yqy8lkugWq/9zCB+PKUJsvjvH
M9fK0aZXV08VZHKhZTd5/d68sZND/HWQIG2aQHVDan/Ns34nszGxyb6G1qG1ZTpk
PCEaQk1EBgR1VTWf/ZSxgWE71RFw+k31h0zZobHVHH4M5byXUOMh7HOw4v6mmxCh
3enGWcriE8ailvatExbXrfNX2lk0R7O+VVBRZd8qkreKPvNtlYC5qEWvF70Bb96D
TVgtbBE+9zzE5w3PSinujH/JGcE54tGq7qFUsvprYFKk7+8ueQStU9l/kx4dNbUu
+w/p8/plp2zU9tOwZP54rFxvnqw4X4wUBjC+jVWevtTFYfxXPtHm2dy54wIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFK5yjV6Aaksc1brzQIbNbVrLO+ooMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcm5LTlhvQnFTeHpWdXZOQWhzMXRXc3M3NmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAWSIbAwQA
WSOeAwQAWSdvAwQAWShDAwQAWSuPAwQAWS2kAwQAWS4DAwQFWS9gAwQAXXHMAwQA
XXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAgAU0YMA0GCSqGSIb3DQEB
CwUAA4IBAQAzyF5TJNROR/JkCzoIlWQ3Vzhwd+1wJ4QrMKzKJCr1wQctfIUBtZdv
a+1n2xAru+nWDB9S76zHwQnEPZc/XBKhcoxLElQwSBLIOnKMLcKTMH4x91lZEATX
hEOr8g35BN1izfs3U+G8TZiywixdzPVpVnE9SPSmSA1OCGYzXTkJSz02lhdgLMHj
iVfnxu4/08cGMd1TYOOv8Y72+73wL+26q0j6wKNIOb0JvZMXYw2jP81KrurN5CtC
CrkLPT9/4TRfCyg5m1gVPM+xgXz/OEEt4FmbvjObE5ZxiSwWNmvD/4o+eDgpIg46
N5jjpc4heHlePoI3dmxDdVX8RX7vlAcG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org