Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tbagBcLCl2wK9XpZDnu8GY8jTug.roa
File: tbagBcLCl2wK9XpZDnu8GY8jTug.roa (raw, json)
Hash identifier: LInGiKnEAn9kxofldMF9AH2E2omjXuEm50eqFKuf+ig=
Subject key identifier: B5:B6:A0:05:C2:C2:97:6C:0A:F5:7A:59:0E:7B:BC:19:8F:23:4E:E8
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018929CEE0797FAA82E1913E400093BD0AD8
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tbagBcLCl2wK9XpZDnu8GY8jTug.roa
Signing time: Thu 06 Jul 2023 06:06:10 +0000
ROA not before: Thu 06 Jul 2023 06:06:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 89.33.12.0/23 maxlen: 23
193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.176.0/21 maxlen: 21
93.113.181.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.42.80.0/21 maxlen: 22
89.42.88.0/21 maxlen: 22
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.2.0/23 maxlen: 23
89.46.2.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.46.0.0/23 maxlen: 23
195.28.2.0/23 maxlen: 23
89.34.224.0/21 maxlen: 21
89.34.224.0/22 maxlen: 22
89.34.228.0/23 maxlen: 23
89.34.230.0/23 maxlen: 23
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.37.196.0/23 maxlen: 23
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:29:ce:e0:79:7f:aa:82:e1:91:3e:40:00:93:bd:0a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 6 06:06:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b6a005c2c2976c0af57a590e7bbc198f234ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ad:6e:b0:a4:73:56:54:14:b5:f6:29:61:f1:
9b:59:5b:e4:76:6b:02:29:dc:a8:a4:c7:c9:9f:1d:
ce:45:af:12:5a:88:c4:7b:69:f5:7c:8e:99:b3:34:
6b:f3:ec:b7:9a:3c:eb:b3:02:22:cd:80:20:cf:7d:
24:b3:31:b3:ea:34:13:ad:13:f1:73:eb:13:59:70:
f0:ae:96:37:26:45:3a:a3:e4:bb:61:65:12:26:bb:
5b:79:7e:27:71:bb:52:94:a3:32:e9:98:05:ff:39:
a9:ff:45:fe:fa:99:a8:51:5a:14:5a:82:36:15:c1:
98:bd:8c:10:95:1c:45:bc:28:93:cc:96:4f:be:77:
13:20:1a:dd:a6:78:48:ba:a4:ae:51:d2:ac:70:d0:
e2:ba:8c:cb:12:f3:e4:84:b7:13:3b:e6:6a:57:ed:
c1:17:ca:9b:57:73:0b:0d:67:85:2b:a0:b7:8f:ed:
59:1d:b8:ce:5e:52:06:3a:83:5c:c1:5f:69:56:b7:
40:d6:1a:fb:4d:c0:68:12:22:8c:eb:90:80:3b:13:
03:61:fe:d7:01:c1:e5:bf:26:9f:ad:ec:db:60:b3:
e9:f0:96:f9:0b:a9:a9:60:fc:52:fe:b3:4c:b3:b2:
be:05:85:85:ac:3e:00:dd:94:81:8d:19:a1:4a:98:
e7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B6:A0:05:C2:C2:97:6C:0A:F5:7A:59:0E:7B:BC:19:8F:23:4E:E8
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tbagBcLCl2wK9XpZDnu8GY8jTug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.12.0/23
89.34.27.0/24
89.34.224.0/21
89.35.158.0/24
89.37.196.0/23
89.39.111.0/24
89.40.67.0/24
89.42.80.0/20
89.43.140.0/22
89.45.164.0/24
89.46.0.0-89.46.4.255
89.47.96.0/19
93.113.176.0/21
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
13:71:72:d5:cf:f1:bc:49:0f:cf:d4:57:41:b3:ef:b1:6d:ee:
25:67:cc:c2:f5:4c:03:d7:9a:e8:53:c5:13:90:e4:59:8c:da:
8a:80:c0:1c:61:44:01:05:b7:da:b8:27:80:5e:e1:99:ae:d0:
f2:4a:5e:00:5d:1a:4a:97:b0:ad:c6:ec:82:57:aa:69:98:67:
12:b2:bd:66:2a:36:aa:bc:08:5c:12:30:4b:61:9e:fa:b3:db:
7a:bf:55:53:bb:02:7f:a1:f9:60:c6:8e:d1:c2:20:f2:ca:35:
be:3a:df:75:99:13:8b:ef:32:db:94:2a:ae:e2:30:b4:0d:ba:
ea:3d:bc:e1:1c:ea:b0:bc:38:5e:92:0d:25:fb:1b:c0:3b:d2:
1f:e0:a5:db:c9:56:45:cf:63:c7:c8:1a:72:a9:f2:12:34:e6:
ee:19:99:dd:ba:9d:73:6b:f4:14:62:83:12:f5:f6:6f:ca:96:
20:c9:40:d1:40:6b:a8:a1:e5:2e:65:40:49:4a:76:d1:53:dc:
9b:6c:a4:c8:3f:6f:a7:32:ba:5f:6c:3d:e1:07:97:d8:b7:34:
a4:44:f5:ce:b3:d3:c3:0a:18:5c:c9:7a:58:51:bb:5a:89:78:
0c:6b:0e:88:c8:62:55:79:db:60:d8:30:bf:77:2b:96:bc:88:
b1:c4:dc:b7
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYkpzuB5f6qC4ZE+QACTvQrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwNzA2MDYwNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI2YTAwNWMyYzI5NzZjMGFmNTdhNTkwZTdiYmMxOThmMjM0ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja1usKRzVlQUtfYpYfGbWVvkdmsC
KdyopMfJnx3ORa8SWojEe2n1fI6ZszRr8+y3mjzrswIizYAgz30kszGz6jQTrRPx
c+sTWXDwrpY3JkU6o+S7YWUSJrtbeX4ncbtSlKMy6ZgF/zmp/0X++pmoUVoUWoI2
FcGYvYwQlRxFvCiTzJZPvncTIBrdpnhIuqSuUdKscNDiuozLEvPkhLcTO+ZqV+3B
F8qbV3MLDWeFK6C3j+1ZHbjOXlIGOoNcwV9pVrdA1hr7TcBoEiKM65CAOxMDYf7X
AcHlvyafrezbYLPp8Jb5C6mpYPxS/rNMs7K+BYWFrD4A3ZSBjRmhSpjn/wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFLW2oAXCwpdsCvV6WQ57vBmPI07oMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdGJhZ0JjTENsMndLOVhwWkRudThHWThqVHVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijB5BAIAATBzAwQBWSEM
AwQAWSIbAwQDWSLgAwQAWSOeAwQBWSXEAwQAWSdvAwQAWShDAwQEWSpQAwQCWSuM
AwQAWS2kMAsDAwFZLgMEAFkuBAMEBVkvYAMEA11xsAMEAF1xzAMEAF1yTwMEAF1y
wgMEAsETwAMEAcMcAjANBAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEA
E3Fy1c/xvEkPz9RXQbPvsW3uJWfMwvVMA9ea6FPFE5DkWYzaioDAHGFEAQW32rgn
gF7hma7Q8kpeAF0aSpewrcbsgleqaZhnErK9Zio2qrwIXBIwS2Ge+rPber9VU7sC
f6H5YMaO0cIg8so1vjrfdZkTi+8y25QqruIwtA266j284RzqsLw4XpINJfsbwDvS
H+Cl28lWRc9jx8gacqnyEjTm7hmZ3bqdc2v0FGKDEvX2b8qWIMlA0UBrqKHlLmVA
SUp20VPcm2ykyD9vpzK6X2w94QeX2Lc0pET1zrPTwwoYXMl6WFG7Wol4DGsOiMhi
VXnbYNgwv3crlryIscTctw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:03 2023 by rpki-client on console-fra.rpki-client.org