Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/szDel88qTUxEx3tv6OiaBdEgXgY.roa
File: szDel88qTUxEx3tv6OiaBdEgXgY.roa (raw, json)
Hash identifier: 3L1VG/HrVKkYuCdoxVWym24F4EHbADlHxmUMTJaLie8=
Subject key identifier: B3:30:DE:97:CF:2A:4D:4C:44:C7:7B:6F:E8:E8:9A:05:D1:20:5E:06
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018988E527C85416035C4E633B7F20DAA691
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/szDel88qTUxEx3tv6OiaBdEgXgY.roa
Signing time: Mon 24 Jul 2023 17:14:26 +0000
ROA not before: Mon 24 Jul 2023 17:14:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.13.0/24 maxlen: 24
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.35.158.0/24 maxlen: 24
89.42.94.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:88:e5:27:c8:54:16:03:5c:4e:63:3b:7f:20:da:a6:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 24 17:14:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b330de97cf2a4d4c44c77b6fe8e89a05d1205e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:83:37:9a:59:e2:d4:2b:86:9e:7b:76:c9:f7:
b0:b1:a6:af:09:bd:87:67:4c:c1:f4:20:6b:96:f4:
d0:ac:51:37:36:dc:e2:2b:d4:77:f6:a5:e6:cb:1e:
d5:7b:b5:07:a9:5c:30:d3:f5:0a:2e:ff:1a:8e:87:
5c:14:6c:0b:22:a7:ac:f3:25:22:fc:43:95:88:ad:
2d:e8:22:06:dc:84:a8:91:50:74:a9:09:63:6f:9c:
91:7b:b4:1c:f3:49:43:08:84:4b:fe:c6:b9:e2:f7:
64:3e:b8:f4:05:8d:1f:91:7f:91:05:d1:60:6d:ad:
9f:d0:e9:d6:c8:25:3c:83:bb:1f:1e:72:77:f3:36:
81:3a:0b:ce:11:45:92:d4:ad:a0:f2:42:ae:2b:9f:
ae:31:61:c3:ce:82:e9:54:d6:00:96:f9:a4:e2:ac:
bc:b1:3c:fa:1b:e0:9a:3c:b0:24:6e:d2:25:4f:e7:
a1:c9:90:d8:3d:8e:63:15:3f:fd:02:bc:87:69:90:
d3:2e:fc:4e:bd:33:eb:22:b3:77:9d:c6:91:06:1d:
10:0d:e0:d3:fc:ab:97:38:f3:89:7c:2f:d7:a7:58:
37:79:bd:97:ba:d3:27:20:ad:1b:aa:aa:8c:70:6c:
30:e5:4e:78:94:66:2b:8e:aa:e3:09:fc:ae:20:7f:
18:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:30:DE:97:CF:2A:4D:4C:44:C7:7B:6F:E8:E8:9A:05:D1:20:5E:06
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/szDel88qTUxEx3tv6OiaBdEgXgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.13.0/24
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.42.93.0-89.42.95.255
89.43.140.0/22
89.45.164.0/24
89.46.3.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
1b:d5:74:b2:3f:5e:65:a2:a2:eb:d2:a0:74:cb:f2:61:20:6e:
c9:a8:dc:e7:4a:f8:f9:b6:a8:b6:3f:ca:44:75:b3:1b:f2:fe:
c9:8a:91:b9:8f:e2:1d:07:a0:65:74:df:42:c3:d1:dd:ef:ba:
9e:01:0e:cf:4d:81:86:c9:20:a3:94:91:84:44:5e:3f:f1:1a:
61:f5:32:57:fb:36:18:a7:4e:8b:61:98:6c:c9:a3:c0:19:54:
4d:2a:ff:51:cd:56:ad:74:f4:d9:df:a7:dc:17:48:6d:8a:33:
f9:d1:9c:1f:a7:06:c8:97:eb:2c:a4:c1:42:da:2c:94:fc:6f:
82:bf:d9:ee:cf:e4:66:69:b6:73:58:e9:9b:c0:74:2c:80:c9:
b1:c7:5a:12:be:2c:eb:b3:af:c8:81:86:33:f9:50:54:54:0b:
56:7d:c8:76:27:3c:c0:2e:ae:4e:59:7a:29:fc:cf:86:30:5e:
c4:f0:92:64:50:13:3a:37:c1:08:07:68:71:e7:09:6b:c1:a0:
36:07:92:03:a7:6a:52:03:68:f3:af:47:23:46:c4:f3:f1:43:
2f:56:dc:12:6e:03:01:14:45:56:6f:11:cd:75:bf:d0:5a:9c:
2b:66:84:53:43:60:45:2c:b8:18:c2:91:35:f6:3b:5f:c0:30:
16:e3:01:35
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYmI5SfIVBYDXE5jO38g2qaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzI0MTcxNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMwZGU5N2NmMmE0ZDRjNDRjNzdiNmZlOGU4OWEwNWQxMjA1ZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4M3mlni1CuGnnt2yfewsaavCb2H
Z0zB9CBrlvTQrFE3NtziK9R39qXmyx7Ve7UHqVww0/UKLv8ajodcFGwLIqes8yUi
/EOViK0t6CIG3ISokVB0qQljb5yRe7Qc80lDCIRL/sa54vdkPrj0BY0fkX+RBdFg
ba2f0OnWyCU8g7sfHnJ38zaBOgvOEUWS1K2g8kKuK5+uMWHDzoLpVNYAlvmk4qy8
sTz6G+CaPLAkbtIlT+ehyZDYPY5jFT/9AryHaZDTLvxOvTPrIrN3ncaRBh0QDeDT
/KuXOPOJfC/Xp1g3eb2XutMnIK0bqqqMcGww5U54lGYrjqrjCfyuIH8YUQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFLMw3pfPKk1MRMd7b+jomgXRIF4GMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvc3pEZWw4OHFUVXhFeDN0djZPaWFCZEVnWGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEAFkh
DQMEAFkiGwMEA1ki4AMEAFkjngMEAVklxAMEAFknbwMEAFkoQzAMAwQAWSpdAwQF
WSpAAwQCWSuMAwQAWS2kMAwDBABZLgMDBABZLgQDBAVZL2ADBANdcbADBABdccwD
BABdck8DBABdcsIDBALBE8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcN
AQELBQADggEBABvVdLI/XmWiouvSoHTL8mEgbsmo3OdK+Pm2qLY/ykR1sxvy/smK
kbmP4h0HoGV030LD0d3vup4BDs9NgYbJIKOUkYREXj/xGmH1Mlf7NhinTothmGzJ
o8AZVE0q/1HNVq109Nnfp9wXSG2KM/nRnB+nBsiX6yykwULaLJT8b4K/2e7P5GZp
tnNY6ZvAdCyAybHHWhK+LOuzr8iBhjP5UFRUC1Z9yHYnPMAurk5Zein8z4YwXsTw
kmRQEzo3wQgHaHHnCWvBoDYHkgOnalIDaPOvRyNGxPPxQy9W3BJuAwEURVZvEc11
v9BanCtmhFNDYEUsuBjCkTX2O1/AMBbjATU=
Generated at Tue Jul 25 06:57:18 2023 by rpki-client on console-ams.rpki-client.org