Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8pdNs91eS5uo3lJtN25N6gB7O_8.roa
File: 8pdNs91eS5uo3lJtN25N6gB7O_8.roa (raw, json)
Hash identifier: miZLnX1hvcuBNIIJNsXuAOejJlXiUPNHOAEqrhE4hmc=
Subject key identifier: F2:97:4D:B3:DD:5E:4B:9B:A8:DE:52:6D:37:6E:4D:EA:00:7B:3B:FF
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E11664F88B0F546FABEAA585B0BF84AEA
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8pdNs91eS5uo3lJtN25N6gB7O_8.roa
Signing time: Wed 06 Mar 2024 01:35:01 +0000
ROA not before: Wed 06 Mar 2024 01:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12668
IP address blocks: 90.157.68.0/23 maxlen: 23
90.157.115.0/24 maxlen: 24
92.54.90.0/24 maxlen: 24
94.31.195.0/24 maxlen: 24
94.31.202.0/24 maxlen: 24
94.31.250.0/24 maxlen: 24
94.31.255.0/24 maxlen: 24
188.17.116.0/23 maxlen: 23
188.18.112.0/24 maxlen: 24
188.18.113.0/24 maxlen: 24
188.18.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 09:44:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:66:4f:88:b0:f5:46:fa:be:aa:58:5b:0b:f8:4a:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 6 01:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2974db3dd5e4b9ba8de526d376e4dea007b3bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e6:a2:6e:8a:cc:1d:37:60:c9:19:4f:17:23:
4d:5e:ad:0b:77:b2:25:78:c1:74:c4:d0:77:06:d8:
16:70:76:6d:5a:3f:e3:2f:7e:78:da:2b:3e:7e:e1:
c3:c2:e6:05:4a:af:7e:df:90:22:f2:f7:67:06:85:
05:ea:5b:93:00:86:76:cc:32:ff:c0:cd:24:5c:1b:
33:e3:84:f4:b1:30:8d:c7:14:fa:ef:bd:ae:08:7c:
60:d2:61:07:30:fb:b0:44:c7:e3:06:82:00:d2:28:
fb:da:eb:67:7a:86:ae:27:0b:19:43:cb:e1:1e:ee:
17:cb:00:b1:68:66:5e:8b:07:12:8f:b0:e4:59:79:
b1:94:57:b7:73:3e:21:0b:a7:c4:d5:2e:1f:a2:7f:
76:9b:0e:a9:68:a6:a0:f1:18:86:bc:28:03:67:80:
76:cd:68:99:01:02:75:79:a9:7a:1e:f3:ec:bb:bd:
6a:b8:a5:b4:2a:1a:be:9c:0c:12:bd:74:d3:20:68:
b7:d0:d5:85:0b:4a:98:70:88:40:46:1e:6e:32:e6:
c9:52:9b:f5:99:b2:8d:dd:8f:21:34:a0:d6:20:e7:
c1:30:28:7a:31:6a:2f:37:50:17:ac:3b:86:86:a5:
8b:2d:9c:ae:30:ae:df:a0:33:f2:ac:a8:41:0a:a7:
6a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:4D:B3:DD:5E:4B:9B:A8:DE:52:6D:37:6E:4D:EA:00:7B:3B:FF
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8pdNs91eS5uo3lJtN25N6gB7O_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.157.68.0/23
90.157.115.0/24
92.54.90.0/24
94.31.195.0/24
94.31.202.0/24
94.31.250.0/24
94.31.255.0/24
188.17.116.0/23
188.18.112.0/23
188.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:85:a0:e3:01:f5:a0:ed:e0:cc:6b:52:9e:7b:b3:26:3e:4c:
6a:6f:a5:4a:b2:71:0d:a6:7a:2a:1f:74:16:31:8e:8a:c7:50:
77:26:77:28:81:c0:6d:6a:a2:96:d3:4b:11:a8:c6:f7:e6:13:
1b:92:18:4b:c4:99:0d:26:aa:e8:76:7c:70:f8:db:e8:73:b5:
9a:6c:00:f2:39:7d:ff:c2:f4:4f:04:03:6d:97:2d:6a:9f:4c:
84:20:61:bb:1e:26:a4:43:b9:80:15:d5:50:73:bb:8f:63:e5:
ba:cb:ce:f9:e2:af:6a:19:5a:24:a8:ce:1a:ae:db:5b:ce:75:
0c:b3:15:85:2a:a5:78:75:ae:31:a3:26:d2:90:5d:47:5b:67:
db:79:f9:43:25:bd:35:85:74:64:f7:ec:75:7c:3d:c0:9d:18:
ea:37:7e:b8:f5:b5:42:a0:de:64:4d:dd:0e:15:2f:3a:74:34:
ee:13:f9:c7:bb:ff:aa:2e:1d:aa:ed:37:db:ce:e6:2c:16:d6:
b4:5b:5d:44:15:5e:33:74:60:57:b7:30:39:d7:67:bb:7c:c4:
a3:20:3e:53:cd:d5:e4:e8:aa:24:f2:38:57:a7:d8:de:18:82:
3a:77:8a:2f:c7:39:4b:40:0c:8a:6b:36:c2:53:5d:06:52:7e:
83:d7:32:e5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY4RZk+IsPVG+r6qWFsL+ErqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzA2MDEzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjk3NGRiM2RkNWU0YjliYThkZTUyNmQzNzZlNGRlYTAwN2IzYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOaiborMHTdgyRlPFyNNXq0Ld7Il
eMF0xNB3BtgWcHZtWj/jL3542is+fuHDwuYFSq9+35Ai8vdnBoUF6luTAIZ2zDL/
wM0kXBsz44T0sTCNxxT6772uCHxg0mEHMPuwRMfjBoIA0ij72utneoauJwsZQ8vh
Hu4XywCxaGZeiwcSj7DkWXmxlFe3cz4hC6fE1S4fon92mw6paKag8RiGvCgDZ4B2
zWiZAQJ1eal6HvPsu71quKW0Khq+nAwSvXTTIGi30NWFC0qYcIhARh5uMubJUpv1
mbKN3Y8hNKDWIOfBMCh6MWovN1AXrDuGhqWLLZyuMK7foDPyrKhBCqdqOwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPKXTbPdXkubqN5SbTduTeoAezv/MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOHBkTnM5MWVTNXVvM2xKdE4yNU42Z0I3T184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBWp1EAwQA
Wp1zAwQAXDZaAwQAXh/DAwQAXh/KAwQAXh/6AwQAXh//AwQBvBF0AwQBvBJwAwQA
vBJ0MA0GCSqGSIb3DQEBCwUAA4IBAQB6haDjAfWg7eDMa1Kee7MmPkxqb6VKsnEN
pnoqH3QWMY6Kx1B3JncogcBtaqKW00sRqMb35hMbkhhLxJkNJqrodnxw+Nvoc7Wa
bADyOX3/wvRPBANtly1qn0yEIGG7HiakQ7mAFdVQc7uPY+W6y8754q9qGVokqM4a
rttbznUMsxWFKqV4da4xoybSkF1HW2fbeflDJb01hXRk9+x1fD3AnRjqN3649bVC
oN5kTd0OFS86dDTuE/nHu/+qLh2q7TfbzuYsFta0W11EFV4zdGBXtzA512e7fMSj
ID5TzdXk6Kok8jhXp9jeGII6d4ovxzlLQAyKazbCU10GUn6D1zLl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org