Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/fHQiTdhKrEfqaiCuBti-Y7qbNJU.roa
File: fHQiTdhKrEfqaiCuBti-Y7qbNJU.roa (raw, json)
Hash identifier: 7f3E2pm5yMNLhsTWsfQS8j9mK1phvbaM+FGTmS8T+hc=
Subject key identifier: 7C:74:22:4D:D8:4A:AC:47:EA:6A:20:AE:06:D8:BE:63:BA:9B:34:95
Certificate issuer: /CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Certificate serial: 0185708CA8BC8A127C4D8D09139870614099
Authority key identifier: 96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/fHQiTdhKrEfqaiCuBti-Y7qbNJU.roa
Signing time: Mon 02 Jan 2023 03:35:44 +0000
ROA not before: Mon 02 Jan 2023 03:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 86.107.192.0/24 maxlen: 24
185.84.64.0/23 maxlen: 23
185.84.66.0/24 maxlen: 24
89.35.6.0/23 maxlen: 23
217.19.14.0/23 maxlen: 23
86.104.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 28 Jan 2023 21:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a8:bc:8a:12:7c:4d:8d:09:13:98:70:61:40:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Validity
Not Before: Jan 2 03:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c74224dd84aac47ea6a20ae06d8be63ba9b3495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f6:71:d2:4f:0f:19:97:e3:7d:ca:cc:30:75:
0f:34:84:42:90:03:fa:55:99:8a:df:8f:cb:da:2a:
83:fa:98:1e:23:16:ec:1f:bb:94:7b:7b:b0:21:02:
aa:99:65:c5:8f:71:3a:92:60:18:7c:06:a6:f7:99:
c8:7c:66:bb:e4:93:b7:f6:a3:30:e2:32:2a:98:dd:
a9:0d:30:d9:60:34:5d:88:4b:0e:f9:8a:16:8e:df:
9d:8d:a6:fc:f4:7a:90:ad:5b:d5:17:a9:96:ad:74:
69:3a:20:5e:2f:05:75:8a:42:a3:f3:39:e9:3d:a1:
23:3d:ac:26:31:1d:80:a3:40:a3:b3:35:22:36:69:
60:9b:d7:ff:68:ef:fe:99:72:3c:c3:2a:c4:1c:b4:
45:fb:7e:4a:83:b7:4b:71:98:44:31:9c:30:36:b8:
54:e0:35:99:44:eb:4a:df:d3:49:30:42:0a:94:2e:
b2:1d:29:bc:73:1a:47:5d:e5:74:5d:6f:02:2a:2f:
0e:6c:81:77:dc:89:f8:6f:40:37:35:ed:0d:b9:23:
e8:32:39:60:82:ce:21:89:94:21:90:74:7a:0c:2b:
5c:fc:5f:d1:71:8b:ff:98:32:48:bd:d5:5d:80:28:
4b:21:58:ea:3f:e4:9d:ea:47:a1:18:a2:fd:fa:0f:
b2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:74:22:4D:D8:4A:AC:47:EA:6A:20:AE:06:D8:BE:63:BA:9B:34:95
X509v3 Authority Key Identifier:
keyid:96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/fHQiTdhKrEfqaiCuBti-Y7qbNJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.254.0/23
86.107.192.0/24
89.35.6.0/23
185.84.64.0-185.84.66.255
217.19.14.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:a7:c4:8a:4c:17:52:a2:3c:01:cd:a6:07:56:7c:99:d3:3b:
17:74:d9:fe:3b:06:7e:b9:cb:d6:41:ee:0f:22:f4:9a:e9:8c:
50:a2:67:dd:68:eb:2e:2d:33:f6:5c:d6:a7:60:28:81:04:91:
8a:79:69:1c:4d:e4:df:cb:97:09:31:36:2c:87:e9:15:b9:ba:
93:1f:90:82:17:71:25:93:41:03:5e:ae:18:16:18:8f:03:0d:
42:09:bb:be:48:01:89:59:d0:20:c9:0f:37:4f:5d:80:4d:e4:
fe:fc:b3:d6:99:84:14:d1:6e:80:3a:18:b5:74:2d:e6:7f:e8:
77:c4:f0:0f:26:14:81:63:d4:5e:bf:8f:9d:27:1b:ba:4d:87:
fd:f3:7e:28:30:e3:44:0f:14:1c:88:57:3e:85:7f:4e:9a:e3:
bb:64:ad:3f:93:df:b4:7f:82:b7:59:30:a3:f5:3e:88:c8:12:
c9:26:e1:b7:c6:01:5a:3e:09:20:69:24:10:dd:c9:2e:45:4b:
38:40:d3:ed:f3:10:71:a1:c6:d7:f9:21:9a:87:50:db:80:b6:
4e:2e:57:de:ac:52:62:90:8b:75:02:f4:27:69:f8:26:58:47:
14:96:bb:b5:b9:68:99:35:9d:e7:54:89:14:4d:a5:db:ca:10:
3c:07:b9:71
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVwjKi8ihJ8TY0JE5hwYUCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFlMzQ2MzkzOGIyNmY4M2I3NmYwYzRkZjgxZGZhYmIx
NWE0ZWIwHhcNMjMwMTAyMDMzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc0MjI0ZGQ4NGFhYzQ3ZWE2YTIwYWUwNmQ4YmU2M2JhOWIzNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPZx0k8PGZfjfcrMMHUPNIRCkAP6
VZmK34/L2iqD+pgeIxbsH7uUe3uwIQKqmWXFj3E6kmAYfAam95nIfGa75JO39qMw
4jIqmN2pDTDZYDRdiEsO+YoWjt+djab89HqQrVvVF6mWrXRpOiBeLwV1ikKj8znp
PaEjPawmMR2Ao0CjszUiNmlgm9f/aO/+mXI8wyrEHLRF+35Kg7dLcZhEMZwwNrhU
4DWZROtK39NJMEIKlC6yHSm8cxpHXeV0XW8CKi8ObIF33In4b0A3Ne0NuSPoMjlg
gs4hiZQhkHR6DCtc/F/RcYv/mDJIvdVdgChLIVjqP+Sd6kehGKL9+g+ywQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHx0Ik3YSqxH6mogrgbYvmO6mzSVMB8GA1UdIwQY
MBaAFJYq40Y5OLJvg7dvDE34Hfq7FaTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMt
OWVkZjBkMTdmYjkxLzEvZkhRaVRkaEtyRWZxYWlDdUJ0aS1ZN3FiTkpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMtOWVkZjBkMTdmYjkx
LzEvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVmj+AwQA
VmvAAwQBWSMGMAwDBAa5VEADBAC5VEIDBAHZEw4wDQYJKoZIhvcNAQELBQADggEB
AAqnxIpMF1KiPAHNpgdWfJnTOxd02f47Bn65y9ZB7g8i9JrpjFCiZ91o6y4tM/Zc
1qdgKIEEkYp5aRxN5N/LlwkxNiyH6RW5upMfkIIXcSWTQQNerhgWGI8DDUIJu75I
AYlZ0CDJDzdPXYBN5P78s9aZhBTRboA6GLV0LeZ/6HfE8A8mFIFj1F6/j50nG7pN
h/3zfigw40QPFByIVz6Ff06a47tkrT+T37R/grdZMKP1PojIEskm4bfGAVo+CSBp
JBDdyS5FSzhA0+3zEHGhxtf5IZqHUNuAtk4uV96sUmKQi3UC9Cdp+CZYRxSWu7W5
aJk1nedUiRRNpdvKEDwHuXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:41 2024 by rpki-client on console-fra.rpki-client.org