Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u-_g7EkxEytJBqUKhRnEQ-qrf9Y.roa
File: u-_g7EkxEytJBqUKhRnEQ-qrf9Y.roa (raw, json)
Hash identifier: Pdow8EkHn/MYsBnDYfMPTP1Ue0j1O4IkF1xgelj7Yds=
Subject key identifier: BB:EF:E0:EC:49:31:13:2B:49:06:A5:0A:85:19:C4:43:EA:AB:7F:D6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D7923A987748EC29B477D8CF8DC2B12D6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u-_g7EkxEytJBqUKhRnEQ-qrf9Y.roa
Signing time: Mon 05 Feb 2024 11:59:56 +0000
ROA not before: Mon 05 Feb 2024 11:59:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Feb 2024 12:57:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:23:a9:87:74:8e:c2:9b:47:7d:8c:f8:dc:2b:12:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 5 11:59:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bbefe0ec4931132b4906a50a8519c443eaab7fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:20:41:76:ea:18:a7:c2:87:74:53:a9:f6:
40:22:29:97:1e:f2:29:37:45:20:89:dd:ee:76:fa:
9c:de:16:48:6f:9b:6d:bf:82:c8:dd:cb:35:9e:86:
b4:69:d9:99:49:33:aa:d5:0f:0f:6c:f1:a1:a4:ed:
ce:5f:84:22:7e:14:bb:a7:a4:f7:6b:d3:b5:de:5c:
6b:1a:9b:fb:41:da:87:f5:42:ae:4f:2a:93:d7:25:
c2:ff:2a:b2:a8:ce:3c:8f:3e:43:2c:cb:a3:0c:52:
7c:05:ce:5c:24:8a:a9:37:cf:8f:25:a2:b3:c3:b6:
16:a4:39:2a:0f:bd:ea:6d:0f:81:d9:a1:99:e8:18:
6b:c0:b0:cd:a3:18:65:da:3a:32:3d:63:46:a1:52:
80:d1:ab:d1:8d:15:95:25:12:47:46:cb:d3:12:91:
1c:61:5f:e7:36:77:36:24:a6:97:90:36:a6:05:37:
d7:f2:93:3d:9c:00:63:c1:0e:5c:8a:96:1d:d4:51:
f6:11:d0:5c:59:f5:02:dc:71:b6:7b:1b:bf:05:1c:
48:c9:b7:fb:9a:ac:26:87:a6:bb:f5:30:22:c3:f8:
d2:1a:ad:5e:51:a0:d3:6f:0d:1e:3e:8e:c9:dc:9a:
19:16:b0:e2:e4:f7:eb:55:d1:96:99:2a:1b:1b:13:
cd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EF:E0:EC:49:31:13:2B:49:06:A5:0A:85:19:C4:43:EA:AB:7F:D6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/u-_g7EkxEytJBqUKhRnEQ-qrf9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
52:48:69:8c:9f:d0:e8:f8:0d:32:38:c1:91:19:e3:35:fa:9b:
19:b4:e0:cc:7a:49:e1:70:2d:03:e7:d7:60:3d:55:93:52:21:
b9:e0:81:a0:de:91:8d:73:bb:a5:f2:c2:a0:d0:00:a4:ba:8b:
5e:28:4c:8f:8c:cf:f6:3c:23:7e:7f:79:26:91:ba:bd:32:59:
94:41:8a:ac:3e:10:9f:7e:55:f0:f8:3e:d7:35:d7:08:70:78:
aa:80:5f:d1:51:69:34:b8:2a:b3:07:f0:9d:71:0b:69:59:75:
37:4e:5a:cf:ae:d5:57:ec:88:07:2e:5a:19:e6:5e:68:91:4b:
5b:2a:76:30:2e:7e:96:0e:56:12:0f:5c:4f:55:37:5b:d8:97:
20:8c:a0:bb:01:f3:b7:11:04:56:71:4b:b4:b8:99:aa:2f:d7:
dd:52:97:7f:38:4e:20:3f:8f:f6:98:b2:98:62:23:f8:83:a7:
55:d0:21:6d:b4:ea:eb:66:4b:83:af:c0:c2:9d:fe:8c:04:9e:
d8:88:09:f7:19:11:d4:81:b5:90:e9:4e:dd:e2:c8:00:17:82:
a2:65:16:92:57:08:5b:c0:0f:e5:b9:f2:cc:52:5b:ff:3a:8e:
b9:76:b2:74:52:90:a2:df:5a:22:e9:ba:a2:c3:11:71:64:53:
57:66:94:b0
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAY15I6mHdI7Cm0d9jPjcKxLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjA1MTE1OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmVmZTBlYzQ5MzExMzJiNDkwNmE1MGE4NTE5YzQ0M2VhYWI3ZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/UgQXbqGKfCh3RTqfZAIimXHvIp
N0Ugid3udvqc3hZIb5ttv4LI3cs1noa0admZSTOq1Q8PbPGhpO3OX4QifhS7p6T3
a9O13lxrGpv7QdqH9UKuTyqT1yXC/yqyqM48jz5DLMujDFJ8Bc5cJIqpN8+PJaKz
w7YWpDkqD73qbQ+B2aGZ6BhrwLDNoxhl2joyPWNGoVKA0avRjRWVJRJHRsvTEpEc
YV/nNnc2JKaXkDamBTfX8pM9nABjwQ5cipYd1FH2EdBcWfUC3HG2exu/BRxIybf7
mqwmh6a79TAiw/jSGq1eUaDTbw0ePo7J3JoZFrDi5PfrVdGWmSobGxPN0QIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFLvv4OxJMRMrSQalCoUZxEPqq3/WMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdS1fZzdFa3hFeXRKQnFVS2hSbkVRLXFyZjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAFZqUQME
AFkiGwMEAFkjngMEAVkm5AMEAFknbwMEAFkoQwMEAFktpAMEBFkvYAMEAFkveAME
AFkvegMEAF1xzAMEAF1yTwMEAF1ywgMEALzxAwMEAsETwAMEAcMcAjANBAIAAjAH
AwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAUkhpjJ/Q6PgNMjjBkRnjNfqbGbTg
zHpJ4XAtA+fXYD1Vk1IhueCBoN6RjXO7pfLCoNAApLqLXihMj4zP9jwjfn95JpG6
vTJZlEGKrD4Qn35V8Pg+1zXXCHB4qoBf0VFpNLgqswfwnXELaVl1N05az67VV+yI
By5aGeZeaJFLWyp2MC5+lg5WEg9cT1U3W9iXIIyguwHztxEEVnFLtLiZqi/X3VKX
fzhOID+P9piymGIj+IOnVdAhbbTq62ZLg6/Awp3+jASe2IgJ9xkR1IG1kOlO3eLI
ABeComUWklcIW8AP5bnyzFJb/zqOuXaydFKQot9aIum6osMRcWRTV2aUsA==
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:50:16 2025 by rpki-client