Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/robTn5x5W_dI9fCXdR1Y03xSuJQ.roa
File: robTn5x5W_dI9fCXdR1Y03xSuJQ.roa (raw, json)
Hash identifier: GGhWilACCJzkYvhcs00mRztX5pH699QkiG8DFw9Xa70=
Subject key identifier: AE:86:D3:9F:9C:79:5B:F7:48:F5:F0:97:75:1D:58:D3:7C:52:B8:94
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0191F28BB91CFB5DC1959039ED747A94CB89
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/robTn5x5W_dI9fCXdR1Y03xSuJQ.roa
Signing time: Sat 14 Sep 2024 21:58:48 +0000
ROA not before: Sat 14 Sep 2024 21:58:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.72.0/21 maxlen: 21
93.114.88.0/22 maxlen: 22
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 08:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f2:8b:b9:1c:fb:5d:c1:95:90:39:ed:74:7a:94:cb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 14 21:58:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae86d39f9c795bf748f5f097751d58d37c52b894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3e:74:b2:38:67:87:a1:e2:68:1e:b4:10:95:
52:62:c7:9a:bd:7a:73:ac:96:d0:ee:4d:2d:fd:83:
25:8b:df:04:30:8e:ef:15:9b:47:13:aa:9f:90:51:
ac:36:f3:93:37:bf:2d:d7:cc:90:17:9b:ec:db:8d:
15:be:fb:0a:69:fc:ff:28:20:1e:c7:c5:a3:a5:2c:
2b:f4:fd:05:77:20:3d:7e:a4:bf:41:e7:d9:b6:17:
e6:f4:76:9a:75:2d:a2:94:a3:1d:72:b5:ee:df:d3:
0f:f6:bd:00:93:f1:df:45:66:d8:73:39:7e:9b:bc:
40:b8:09:ca:45:ce:4b:73:0a:d4:78:b5:e9:19:51:
7f:f4:2f:16:35:4b:a5:97:39:55:f4:67:5b:32:46:
25:a0:f4:bd:67:30:95:ad:f5:cb:36:29:5f:e5:5a:
93:8b:13:32:4a:9c:41:8b:6a:a4:7b:c5:0e:b0:48:
b5:ef:b8:01:3a:99:7d:a7:f4:7e:82:67:2b:29:14:
42:52:de:37:9b:54:37:98:c1:5b:9e:28:66:a1:51:
95:6e:e7:8f:30:fa:bd:50:cf:6e:4e:56:ad:b2:51:
59:86:d3:39:c5:19:b4:94:6b:fb:6b:68:d1:0b:25:
80:45:34:c8:ff:2d:e1:54:cf:22:b2:74:7f:6a:d2:
65:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:86:D3:9F:9C:79:5B:F7:48:F5:F0:97:75:1D:58:D3:7C:52:B8:94
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/robTn5x5W_dI9fCXdR1Y03xSuJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0-89.47.98.255
89.47.101.0-89.47.111.255
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.72.0/21
93.114.88.0/22
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
40:59:be:64:bf:3c:89:ad:ab:70:f9:d9:21:b5:f9:61:d9:5e:
2a:9c:65:2a:10:9a:8b:67:d7:c1:67:b8:f7:d0:ce:9d:f4:9a:
6d:55:79:01:a6:5c:60:94:b1:fc:1d:f7:e9:9c:a4:47:0e:be:
22:ad:aa:79:90:a7:23:3e:9d:ab:eb:2d:9d:98:52:95:bd:5e:
ab:cb:b0:be:cf:5a:35:ed:77:b4:3c:c4:8c:e8:e8:32:b8:fb:
7b:17:ce:74:e7:d1:29:4c:bc:f3:8a:a5:23:c9:ad:4e:f0:f9:
ca:a5:96:e0:98:66:e9:9e:69:e4:e7:79:51:a3:fd:db:0f:6e:
9f:b3:44:07:af:b7:99:55:92:c9:8c:17:56:81:20:51:8f:b2:
43:c8:15:66:a4:c8:e2:51:4c:38:16:a5:9b:36:df:c9:d5:ad:
63:b1:ac:65:03:b9:3a:bd:cf:4a:e0:3b:d8:57:48:0d:a8:e3:
64:f3:65:4c:16:df:b7:71:7f:1f:f5:a5:6d:6a:8b:98:04:96:
e5:58:9a:cc:7a:1f:ad:13:fd:b8:9a:67:2c:13:62:8d:1d:ef:
b8:fc:46:57:04:66:fb:44:71:0a:e3:9d:6b:a2:67:2f:c1:5c:
74:66:93:79:9a:c1:c3:6d:6f:05:71:75:ce:fa:cc:af:89:f3:
5b:74:6e:68
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZHyi7kc+13BlZA57XR6lMuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwOTE0MjE1ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTg2ZDM5ZjljNzk1YmY3NDhmNWYwOTc3NTFkNThkMzdjNTJiODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD50sjhnh6HiaB60EJVSYseavXpz
rJbQ7k0t/YMli98EMI7vFZtHE6qfkFGsNvOTN78t18yQF5vs240VvvsKafz/KCAe
x8WjpSwr9P0FdyA9fqS/QefZthfm9HaadS2ilKMdcrXu39MP9r0Ak/HfRWbYczl+
m7xAuAnKRc5LcwrUeLXpGVF/9C8WNUullzlV9GdbMkYloPS9ZzCVrfXLNilf5VqT
ixMySpxBi2qke8UOsEi177gBOpl9p/R+gmcrKRRCUt43m1Q3mMFbnihmoVGVbueP
MPq9UM9uTlatslFZhtM5xRm0lGv7a2jRCyWARTTI/y3hVM8isnR/atJl5QIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFK6G05+ceVv3SPXwl3UdWNN8UriUMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcm9iVG41eDVXX2RJOWZDWGRSMVkwM3hTdUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQAVmpR
AwQAWSIbAwQAWSOeAwQAWSdvAwQAWShDAwQAWS2kMAwDBAVZL2ADBABZL2IwDAME
AFkvZQMEBFkvYAMEAFkveAMEAFkvegMEAF1xzAMEA11ySAMEAl1yWAMEAF1ywgME
ALzxAwMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOC
AQEAQFm+ZL88ia2rcPnZIbX5YdleKpxlKhCai2fXwWe499DOnfSabVV5AaZcYJSx
/B336ZykRw6+Iq2qeZCnIz6dq+stnZhSlb1eq8uwvs9aNe13tDzEjOjoMrj7exfO
dOfRKUy884qlI8mtTvD5yqWW4Jhm6Z5p5Od5UaP92w9un7NEB6+3mVWSyYwXVoEg
UY+yQ8gVZqTI4lFMOBalmzbfydWtY7GsZQO5Or3PSuA72FdIDajjZPNlTBbft3F/
H/WlbWqLmASW5ViazHofrRP9uJpnLBNijR3vuPxGVwRm+0RxCuOda6JnL8FcdGaT
eZrBw21vBXF1zvrMr4nzW3RuaA==
-----END CERTIFICATE-----
Generated at Mon Sep 23 12:23:18 2024 by rpki-client on console-fra.rpki-client.org