Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tjAHcDMCg4eR-CJCJW6PZkHvb9U.roa
File: tjAHcDMCg4eR-CJCJW6PZkHvb9U.roa (raw, json)
Hash identifier: 93hR/IyvYLlob2rk44mf9K6mS+VdO/YL7pzswXPfVdE=
Subject key identifier: B6:30:07:70:33:02:83:87:91:F8:22:42:25:6E:8F:66:41:EF:6F:D5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D63E21111F42D24EA4EA97B3D2BC0A065
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tjAHcDMCg4eR-CJCJW6PZkHvb9U.roa
Signing time: Thu 01 Feb 2024 08:56:16 +0000
ROA not before: Thu 01 Feb 2024 08:56:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:e2:11:11:f4:2d:24:ea:4e:a9:7b:3d:2b:c0:a0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 1 08:56:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b63007703302838791f82242256e8f6641ef6fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ba:20:af:b0:4a:91:0e:f5:02:5f:d4:0f:f1:
08:b1:6d:31:14:1d:c2:ef:a2:fc:6a:80:ee:a7:9f:
dc:90:8b:e9:52:6c:3d:8e:f5:5c:8f:cb:6e:01:e2:
22:33:69:c9:68:95:95:88:1c:cd:e2:ee:86:50:bc:
91:9e:fe:d4:4b:13:e9:79:d3:05:46:48:cc:04:c5:
14:7b:9c:ab:c4:a6:13:e0:37:8c:c9:ec:64:48:80:
8e:61:cf:e3:d6:64:8d:67:b3:e0:24:81:f8:f9:03:
35:25:d9:2c:21:45:8b:8f:bc:60:8d:8f:2e:92:83:
93:a5:9b:b0:22:b9:af:4e:d6:f2:83:10:15:95:f4:
c5:dc:ca:ee:67:3c:d3:34:24:f8:a1:48:86:f3:b6:
5c:98:c6:5a:bd:ff:d6:c3:3b:0a:6f:75:f2:b5:e7:
65:d3:31:71:3f:d3:06:4b:f0:2e:9a:61:b7:22:17:
23:bd:45:82:36:c8:ec:bd:6b:d1:fe:fc:1d:aa:e6:
3a:e8:6e:76:f0:71:c9:0d:35:d7:31:da:1c:3f:33:
4c:b0:5a:48:d5:12:5a:28:a0:aa:4a:cb:d9:63:8d:
3b:f7:dd:90:8a:ad:9f:d9:dd:c2:50:55:aa:04:6b:
6e:20:d1:ac:ee:fb:76:f3:ab:50:11:de:b2:ea:6d:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:30:07:70:33:02:83:87:91:F8:22:42:25:6E:8F:66:41:EF:6F:D5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tjAHcDMCg4eR-CJCJW6PZkHvb9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.114.0/23
89.47.119.0-89.47.120.255
89.47.122.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
2e:33:f8:ec:63:a3:b3:e9:94:2b:bf:5f:80:eb:60:d6:9b:51:
b4:fb:e7:0d:02:e0:d2:4b:c8:fc:a9:1f:e1:d3:e6:e9:b1:c4:
4b:ee:cb:d7:92:55:3e:84:75:d7:71:68:b3:ee:2f:dc:a5:75:
eb:e9:54:b7:17:4c:33:c9:22:8d:c1:00:50:a3:95:ce:a1:b7:
e7:08:e2:d4:19:86:8e:ab:f8:40:f4:29:62:07:3d:01:2d:eb:
e2:f1:70:2b:31:9b:53:ef:3a:96:d9:43:82:fc:be:07:92:36:
7b:2b:1d:42:94:08:cb:1a:f9:5b:0c:a8:12:f0:f2:60:42:78:
2f:55:f8:a2:2f:65:63:0b:0f:54:90:ac:e9:fc:26:32:a2:24:
e3:7b:43:d9:a1:d6:10:97:f9:87:61:a4:12:29:e7:63:f1:17:
af:01:7f:1f:28:96:e0:76:21:89:8e:65:b7:25:81:12:26:2b:
d0:e7:54:03:99:c7:86:80:65:cc:1f:de:e8:1b:05:4e:9b:63:
58:bc:7e:06:e6:06:d4:51:af:93:5c:fb:f2:e0:35:8d:36:cd:
c4:33:31:18:11:fb:fa:ec:fb:41:50:f7:22:ce:3c:2b:31:92:
fa:cc:72:64:e8:b4:98:0f:63:77:10:90:0d:b6:25:a3:19:c1:
ed:80:31:6c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY1j4hER9C0k6k6pez0rwKBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAxMDg1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMwMDc3MDMzMDI4Mzg3OTFmODIyNDIyNTZlOGY2NjQxZWY2ZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLogr7BKkQ71Al/UD/EIsW0xFB3C
76L8aoDup5/ckIvpUmw9jvVcj8tuAeIiM2nJaJWViBzN4u6GULyRnv7USxPpedMF
RkjMBMUUe5yrxKYT4DeMyexkSICOYc/j1mSNZ7PgJIH4+QM1JdksIUWLj7xgjY8u
koOTpZuwIrmvTtbygxAVlfTF3MruZzzTNCT4oUiG87ZcmMZavf/WwzsKb3Xytedl
0zFxP9MGS/AummG3IhcjvUWCNsjsvWvR/vwdquY66G528HHJDTXXMdocPzNMsFpI
1RJaKKCqSsvZY407992Qiq2f2d3CUFWqBGtuINGs7vt286tQEd6y6m39NQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFLYwB3AzAoOHkfgiQiVuj2ZB72/VMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdGpBSGNETUNnNGVSLUNKQ0pXNlBaa0h2YjlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQAVmpR
AwQAWSIbAwQAWSOeAwQBWSbkAwQAWSdvAwQAWShDAwQAWS2kAwQEWS9gAwQBWS9y
MAwDBABZL3cDBABZL3gDBABZL3oDBABdccwDBABdck8DBABdcsIDBAC88QMDBALB
E8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcNAQELBQADggEBAC4z+Oxj
o7PplCu/X4DrYNabUbT75w0C4NJLyPypH+HT5umxxEvuy9eSVT6EdddxaLPuL9yl
devpVLcXTDPJIo3BAFCjlc6ht+cI4tQZho6r+ED0KWIHPQEt6+LxcCsxm1PvOpbZ
Q4L8vgeSNnsrHUKUCMsa+VsMqBLw8mBCeC9V+KIvZWMLD1SQrOn8JjKiJON7Q9mh
1hCX+YdhpBIp52PxF68Bfx8oluB2IYmOZbclgRImK9DnVAOZx4aAZcwf3ugbBU6b
Y1i8fgbmBtRRr5Nc+/LgNY02zcQzMRgR+/rs+0FQ9yLOPCsxkvrMcmTotJgPY3cQ
kA22JaMZwe2AMWw=
-----END CERTIFICATE-----
Generated at Thu Feb 1 16:11:04 2024 by rpki-client on console-fra.rpki-client.org