Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/uZ-zWKcCic9eSyGOXs-xnSw-cTk.roa
File: uZ-zWKcCic9eSyGOXs-xnSw-cTk.roa (raw, json)
Hash identifier: fL7jwbSti1RIWnRI7mfEnkOfvSxTfWD285t64ruxA+g=
Subject key identifier: B9:9F:B3:58:A7:02:89:CF:5E:4B:21:8E:5E:CF:B1:9D:2C:3E:71:39
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56EFB04E5CA5DCE2E291B4EEFBB18FF
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/uZ-zWKcCic9eSyGOXs-xnSw-cTk.roa
Signing time: Mon 01 Jan 2024 14:30:33 +0000
ROA not before: Mon 01 Jan 2024 14:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.36.231.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
46.102.174.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
89.40.43.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:fb:04:e5:ca:5d:ce:2e:29:1b:4e:ef:bb:18:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99fb358a70289cf5e4b218e5ecfb19d2c3e7139
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6c:aa:c1:4d:c6:0f:60:93:3c:1e:22:d5:4f:
05:be:9f:1d:56:43:e7:33:a6:27:c4:b9:0d:38:c6:
9f:0b:d0:fe:4c:0f:ba:a4:c7:48:af:f6:7f:be:d6:
b3:a2:66:22:9e:50:47:fc:fb:b2:6d:c3:c8:dc:4d:
a1:8b:52:d1:32:bd:9c:03:cf:18:88:42:3d:19:6d:
46:48:a2:cc:92:a7:3c:0e:3a:5e:80:d3:d6:fb:4b:
71:a1:40:43:e7:f7:c5:ea:78:6b:d1:d9:1c:88:55:
14:82:eb:c0:7d:9f:1c:15:2c:76:70:3d:b2:11:96:
eb:19:a5:f3:0e:bb:37:e5:47:d0:88:46:a0:b7:4f:
7d:be:e8:a2:0b:cc:b6:52:2f:2e:a8:38:2b:30:9a:
34:40:25:d4:ac:f5:c8:d4:6b:98:d1:0a:38:b9:cf:
64:b6:4d:17:1f:36:72:76:11:b3:2e:40:53:c3:10:
74:cb:13:d0:f0:ed:72:c6:c1:e2:1b:eb:db:ac:a0:
a8:d0:9e:a3:58:cc:5c:f5:f6:4b:0c:dd:ec:2b:db:
94:f7:dd:cf:f3:79:54:c0:2e:7f:e4:0f:6d:6b:62:
26:38:af:a1:09:7f:1d:56:bd:4e:60:9b:bf:b7:d2:
2e:58:7e:8a:f3:4d:1a:84:d9:cf:09:22:05:f2:fb:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9F:B3:58:A7:02:89:CF:5E:4B:21:8E:5E:CF:B1:9D:2C:3E:71:39
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/uZ-zWKcCic9eSyGOXs-xnSw-cTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
84.247.20.0/24
89.34.171.0/24
89.36.231.0/24
89.37.106.0/24
89.40.43.0/24
89.42.40.0/24
89.42.213.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
60:32:32:86:5b:11:bb:88:2a:1b:8c:fc:15:18:c6:95:1a:2e:
20:92:26:33:61:db:5b:5a:a0:c7:9d:63:14:e0:f0:29:be:e4:
7f:61:27:ea:9f:7c:7b:76:04:db:1f:98:97:4c:77:6f:f7:db:
11:97:eb:50:40:9a:33:58:6d:c9:38:5b:cb:b6:84:ef:26:3d:
97:ec:a8:ac:2b:d0:cc:59:82:b6:84:83:98:91:f3:36:21:5d:
a6:e9:5d:90:70:a8:59:c8:a4:ff:83:7d:8a:97:22:8d:c1:6d:
8c:00:28:d8:09:c1:b8:c9:73:99:45:02:8a:45:82:c6:58:e1:
50:7f:cc:4b:05:a5:50:93:73:b4:98:5f:00:44:f8:41:8e:89:
09:4e:da:04:81:4c:4d:c9:8e:e0:8b:24:4c:67:01:0d:63:55:
b3:e1:29:d6:e3:d8:50:53:38:91:61:c1:b0:a4:0f:49:2f:8c:
22:e2:88:15:bd:c9:05:22:ac:93:9d:e0:d4:ea:4a:a5:14:bb:
bd:72:49:c4:87:6b:19:90:50:94:4a:a7:40:51:58:2f:d4:16:
87:ab:35:d0:6e:43:9d:b4:cd:4b:c3:86:4b:f3:cb:7d:a4:e8:
f1:01:4e:55:0b:1f:c7:79:bb:c3:39:e4:7a:0e:5b:47:a5:11:
71:1a:b2:81
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbvsE5cpdzi4pG07vuxj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlmYjM1OGE3MDI4OWNmNWU0YjIxOGU1ZWNmYjE5ZDJjM2U3MTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGyqwU3GD2CTPB4i1U8Fvp8dVkPn
M6YnxLkNOMafC9D+TA+6pMdIr/Z/vtazomYinlBH/PuybcPI3E2hi1LRMr2cA88Y
iEI9GW1GSKLMkqc8DjpegNPW+0txoUBD5/fF6nhr0dkciFUUguvAfZ8cFSx2cD2y
EZbrGaXzDrs35UfQiEagt099vuiiC8y2Ui8uqDgrMJo0QCXUrPXI1GuY0Qo4uc9k
tk0XHzZydhGzLkBTwxB0yxPQ8O1yxsHiG+vbrKCo0J6jWMxc9fZLDN3sK9uU993P
83lUwC5/5A9ta2ImOK+hCX8dVr1OYJu/t9IuWH6K800ahNnPCSIF8vtKTQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLmfs1inAonPXkshjl7PsZ0sPnE5MB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvdVoteldLY0NpYzllU3lHT1hzLXhuU3ctY1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALmauAwQA
VPcUAwQAWSKrAwQAWSTnAwQAWSVqAwQAWSgrAwQAWSooAwQAWSrVAwQAXXJFAwQA
XrFxAwQAXrF2AwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQBgMjKGWxG7iCobjPwV
GMaVGi4gkiYzYdtbWqDHnWMU4PApvuR/YSfqn3x7dgTbH5iXTHdv99sRl+tQQJoz
WG3JOFvLtoTvJj2X7KisK9DMWYK2hIOYkfM2IV2m6V2QcKhZyKT/g32KlyKNwW2M
ACjYCcG4yXOZRQKKRYLGWOFQf8xLBaVQk3O0mF8ARPhBjokJTtoEgUxNyY7giyRM
ZwENY1Wz4SnW49hQUziRYcGwpA9JL4wi4ogVvckFIqyTneDU6kqlFLu9cknEh2sZ
kFCUSqdAUVgv1BaHqzXQbkOdtM1Lw4ZL88t9pOjxAU5VCx/HebvDOeR6DltHpRFx
GrKB
-----END CERTIFICATE-----
Generated at Fri Jan 5 03:10:52 2024 by rpki-client on console-ams.rpki-client.org