Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wl8yszqpuxFxScCdOXsCxx307nU.roa
File: wl8yszqpuxFxScCdOXsCxx307nU.roa (raw, json)
Hash identifier: eGLnMFcHe1otPLUbylC3+XqFXhPXlwbL3cAmM3XC5Us=
Subject key identifier: C2:5F:32:B3:3A:A9:BB:11:71:49:C0:9D:39:7B:02:C7:1D:F4:EE:75
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018ACE5F7671660C60F079B4895AC27D66B2
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wl8yszqpuxFxScCdOXsCxx307nU.roa
Signing time: Mon 25 Sep 2023 22:04:37 +0000
ROA not before: Mon 25 Sep 2023 22:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 193.19.192.0/24 maxlen: 24
193.19.192.0/22 maxlen: 24
93.113.177.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
93.113.179.0/24 maxlen: 24
93.113.180.0/24 maxlen: 24
93.113.182.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.43.141.0/24 maxlen: 24
89.43.140.0/22 maxlen: 22
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
89.34.228.0/24 maxlen: 24
89.34.230.0/23 maxlen: 23
89.34.230.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.112.0/20 maxlen: 20
89.47.113.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Sep 2023 11:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:5f:76:71:66:0c:60:f0:79:b4:89:5a:c2:7d:66:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Sep 25 22:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c25f32b33aa9bb117149c09d397b02c71df4ee75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e2:c0:2e:49:af:94:f7:78:78:50:4f:25:10:
03:de:94:7f:0e:0d:bf:c4:83:e8:16:45:a8:19:af:
38:6c:93:76:b2:c7:c0:fb:23:37:8a:4e:fa:56:4c:
2b:59:a5:6c:a9:d0:0a:37:3f:20:b9:a2:03:d8:32:
3d:aa:5f:40:ec:b4:61:63:14:a2:db:10:4b:ad:01:
be:84:cd:6f:7a:49:d9:67:80:ca:61:b9:82:f3:02:
60:ad:a2:30:1c:79:b6:55:79:02:57:35:cb:fe:6f:
57:2a:d0:3c:2b:73:d1:69:d5:a5:0a:89:42:f2:72:
50:42:ea:d7:66:58:38:48:98:c9:8d:b0:c5:d8:c9:
72:0e:91:f6:76:e4:fc:e9:bf:e0:d2:53:a3:b4:e0:
b0:21:b0:ef:46:d8:bc:1a:be:b4:f0:0c:61:78:f8:
ac:cf:59:31:d9:64:b6:78:74:d4:9e:f9:38:6e:96:
44:e2:e5:fa:3d:39:55:cd:78:fb:ce:32:48:7c:4b:
ab:10:bc:9f:49:e7:67:43:6a:68:4b:8e:b2:ef:89:
3e:65:4c:aa:cd:44:08:d7:9c:e0:50:08:e7:6e:a9:
e4:86:99:ec:c3:1b:8d:a2:b7:97:bf:b0:87:5f:4f:
40:cb:8a:59:35:ed:3c:f7:a9:96:b2:dd:ae:15:e5:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5F:32:B3:3A:A9:BB:11:71:49:C0:9D:39:7B:02:C7:1D:F4:EE:75
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wl8yszqpuxFxScCdOXsCxx307nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.34.228.0/24
89.34.230.0/23
89.35.158.0/24
89.39.111.0/24
89.40.67.0/24
89.43.140.0/22
89.45.164.0/24
89.46.3.0/24
89.47.96.0/19
93.113.176.0/23
93.113.179.0-93.113.183.255
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
72:f9:a3:2e:0d:cf:56:9c:a7:55:c5:68:36:d0:98:dc:fa:5a:
c4:e6:ff:53:dd:aa:97:3b:1e:ae:34:3d:58:81:ff:77:c3:c0:
1e:5e:03:9a:a8:19:99:5e:4e:07:cb:69:01:19:70:22:80:58:
83:ea:f4:b0:c6:05:fc:ce:31:6a:42:6e:61:9f:5f:95:a0:ed:
45:56:09:11:71:c8:89:a5:e3:aa:e2:01:61:96:72:7c:27:8e:
28:fd:db:c7:f9:26:b6:9d:ae:1d:7e:c1:fc:52:e3:f9:64:fe:
9e:28:a1:ef:a7:a0:08:9c:24:17:36:5e:25:30:19:77:76:71:
2e:19:c0:ac:2d:8d:1b:8c:2c:65:23:86:d3:ec:33:43:10:a2:
04:c9:9d:f5:20:ee:c6:65:07:e5:a9:f6:7b:64:a2:8e:b1:07:
d2:b3:58:dc:7d:06:60:d2:9a:63:dc:32:fc:af:3a:1e:f4:1a:
a4:46:29:b4:8e:12:b3:46:d1:28:4d:e3:9f:d1:6a:c5:bc:24:
82:6e:ba:ed:05:3d:15:e5:ca:88:54:9a:a6:1a:62:c7:28:f7:
25:ad:a5:84:3b:68:63:22:10:80:28:ab:4b:78:56:76:e6:05:
3a:b8:e1:b0:a3:b3:6f:56:ad:3c:35:b4:5f:51:77:f2:44:fe:
91:71:28:04
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYrOX3ZxZgxg8Hm0iVrCfWayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwOTI1MjIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjVmMzJiMzNhYTliYjExNzE0OWMwOWQzOTdiMDJjNzFkZjRlZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreLALkmvlPd4eFBPJRAD3pR/Dg2/
xIPoFkWoGa84bJN2ssfA+yM3ik76VkwrWaVsqdAKNz8guaID2DI9ql9A7LRhYxSi
2xBLrQG+hM1veknZZ4DKYbmC8wJgraIwHHm2VXkCVzXL/m9XKtA8K3PRadWlColC
8nJQQurXZlg4SJjJjbDF2MlyDpH2duT86b/g0lOjtOCwIbDvRti8Gr608AxhePis
z1kx2WS2eHTUnvk4bpZE4uX6PTlVzXj7zjJIfEurELyfSednQ2poS46y74k+ZUyq
zUQI15zgUAjnbqnkhpnswxuNoreXv7CHX09Ay4pZNe0896mWst2uFeVAOQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFMJfMrM6qbsRcUnAnTl7Ascd9O51MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd2w4eXN6cXB1eEZ4U2NDZE9Yc0N4eDMwN25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQAWSIb
AwQAWSLkAwQBWSLmAwQAWSOeAwQAWSdvAwQAWShDAwQCWSuMAwQAWS2kAwQAWS4D
AwQFWS9gAwQBXXGwMAwDBABdcbMDBANdcbADBABdccwDBABdck8DBABdcsIDBALB
E8ADBAHDHAIwDQQCAAIwBwMFACABTRgwDQYJKoZIhvcNAQELBQADggEBAHL5oy4N
z1acp1XFaDbQmNz6WsTm/1Pdqpc7Hq40PViB/3fDwB5eA5qoGZleTgfLaQEZcCKA
WIPq9LDGBfzOMWpCbmGfX5Wg7UVWCRFxyIml46riAWGWcnwnjij928f5Jradrh1+
wfxS4/lk/p4ooe+noAicJBc2XiUwGXd2cS4ZwKwtjRuMLGUjhtPsM0MQogTJnfUg
7sZlB+Wp9ntkoo6xB9KzWNx9BmDSmmPcMvyvOh70GqRGKbSOErNG0ShN45/RasW8
JIJuuu0FPRXlyohUmqYaYsco9yWtpYQ7aGMiEIAoq0t4VnbmBTq44bCjs29WrTw1
tF9Rd/JE/pFxKAQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org