Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/7OKVILvbf4mlOnxyLrUiTfr6IFk.roa
File: 7OKVILvbf4mlOnxyLrUiTfr6IFk.roa (raw, json)
Hash identifier: gY3l5KZuIqPW/70m/6hDrBkV55vGqFDnFnnoW2EX6Vw=
Subject key identifier: EC:E2:95:20:BB:DB:7F:89:A5:3A:7C:72:2E:B5:22:4D:FA:FA:20:59
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01866D605D06F04C9AE195346350E49BFE63
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/7OKVILvbf4mlOnxyLrUiTfr6IFk.roa
Signing time: Mon 20 Feb 2023 05:51:17 +0000
ROA not before: Mon 20 Feb 2023 05:51:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207333
IP address blocks: 86.107.44.0/24 maxlen: 24
86.107.45.0/24 maxlen: 24
89.33.41.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
92.114.7.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.104.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
89.46.34.0/24 maxlen: 24
185.113.132.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
2a06:940::/48 maxlen: 48
2a06:942::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Aug 2023 09:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:60:5d:06:f0:4c:9a:e1:95:34:63:50:e4:9b:fe:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Feb 20 05:51:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece29520bbdb7f89a53a7c722eb5224dfafa2059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:e1:76:2a:5c:dc:b5:97:1d:e6:2e:1f:4e:
20:0b:f9:6c:70:a5:88:50:74:28:bb:68:cd:43:09:
08:cc:a6:53:c1:0a:89:98:c7:ca:27:b6:b6:9c:3a:
01:a3:9e:4d:3f:96:64:87:78:53:e2:6a:cc:f5:43:
bf:67:36:8d:59:83:b8:85:26:cc:e5:32:8b:62:82:
94:91:89:95:1d:5d:4d:52:e6:0d:bf:3b:2b:24:8c:
1d:66:44:77:65:fc:f2:04:ee:e9:de:51:bd:76:73:
d1:1e:49:0e:ea:31:5e:c7:6f:da:e6:bf:0e:e8:3b:
90:43:17:2b:af:9d:21:d3:1e:cf:1a:a5:a5:04:95:
52:3f:2f:ed:27:23:20:28:12:ec:26:75:96:c5:27:
f6:04:91:22:d7:65:38:b1:5e:78:d7:cf:bc:ea:dd:
a2:48:6e:a0:e8:00:37:53:80:4f:ac:b1:f7:a8:9c:
56:cf:82:fc:78:42:7c:66:e8:f4:1f:a1:b8:42:eb:
ba:39:3b:a6:68:fc:50:bd:8e:c3:2f:0c:30:3d:2c:
7d:63:a3:e8:4a:b8:98:0a:43:b0:62:70:5f:fc:e1:
b5:d2:6f:dd:c3:fb:25:e4:d4:27:a6:ea:ed:e5:c9:
01:80:4c:81:40:ce:f2:b9:c4:10:cf:96:0f:08:d6:
87:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E2:95:20:BB:DB:7F:89:A5:3A:7C:72:2E:B5:22:4D:FA:FA:20:59
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/7OKVILvbf4mlOnxyLrUiTfr6IFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.46.34.0/24
92.114.7.0/24
185.98.5.0-185.98.7.255
185.100.64.0/23
185.100.67.0/24
185.111.104.0/22
185.113.132.0/24
185.113.134.0/23
185.121.80.0/22
185.125.89.0/24
185.129.48.0/24
185.129.50.0/23
188.241.216.0/23
IPv6:
2a06:940::/48
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
56:7c:d9:5f:76:6f:57:fd:60:cb:4b:ae:69:d9:cc:14:23:dd:
74:cd:aa:95:6d:ed:15:02:03:4d:c9:6e:d5:ef:29:93:c7:9d:
51:61:25:46:51:99:91:1e:41:ee:28:89:91:81:2a:d6:63:1a:
23:6a:0b:f0:72:db:dd:f1:7a:34:3d:52:b9:44:17:f0:47:e3:
31:cc:e8:ee:37:1d:51:b0:ee:07:90:52:52:73:bf:e4:9b:6c:
7d:30:af:ab:07:82:68:b4:6a:7f:ab:d9:a1:59:0d:05:35:05:
b7:6e:84:c5:b3:01:de:ed:9b:22:4a:db:a4:58:71:96:7a:3c:
3e:2d:f7:09:66:a6:c9:9d:67:f2:6c:4b:67:e1:95:07:29:b1:
f7:45:76:19:a1:54:29:af:17:80:2a:dc:00:c5:03:49:40:46:
5c:a4:76:91:a3:4c:8f:a3:ec:02:dc:95:34:a5:d6:9c:c1:27:
df:cc:77:f2:0a:42:5c:05:e8:25:42:5f:10:b2:7a:08:ca:76:
d9:f1:87:28:56:fb:3e:c0:57:b0:7a:0c:08:f8:31:50:bd:95:
d8:1c:af:96:7c:7c:b4:51:50:47:18:56:de:9f:33:ff:36:0b:
41:f6:28:18:89:1a:2a:3a:1b:49:73:0b:fc:17:cf:32:f5:e5:
98:34:1a:61
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYZtYF0G8Eya4ZU0Y1Dkm/5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMjIwMDU1MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UyOTUyMGJiZGI3Zjg5YTUzYTdjNzIyZWI1MjI0ZGZhZmEyMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJzhdipc3LWXHeYuH04gC/lscKWI
UHQou2jNQwkIzKZTwQqJmMfKJ7a2nDoBo55NP5Zkh3hT4mrM9UO/ZzaNWYO4hSbM
5TKLYoKUkYmVHV1NUuYNvzsrJIwdZkR3ZfzyBO7p3lG9dnPRHkkO6jFex2/a5r8O
6DuQQxcrr50h0x7PGqWlBJVSPy/tJyMgKBLsJnWWxSf2BJEi12U4sV5418+86t2i
SG6g6AA3U4BPrLH3qJxWz4L8eEJ8Zuj0H6G4Quu6OTumaPxQvY7DLwwwPSx9Y6Po
SriYCkOwYnBf/OG10m/dw/sl5NQnpurt5ckBgEyBQM7yucQQz5YPCNaHbQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFOzilSC723+JpTp8ci61Ik36+iBZMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvN09LVklMdmJmNG1sT254eUxyVWlUZnI2SUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijBuBAIAATBoAwQBVmss
AwQBVmvGAwQAWSEpAwQAWS4iAwQAXHIHMAwDBAC5YgUDBAO5YgADBAG5ZEADBAC5
ZEMDBAK5b2gDBAC5cYQDBAG5cYYDBAK5eVADBAC5fVkDBAC5gTADBAG5gTIDBAG8
8dgwGAQCAAIwEgMHACoGCUAAAAMHACoGCUIAADANBgkqhkiG9w0BAQsFAAOCAQEA
VnzZX3ZvV/1gy0uuadnMFCPddM2qlW3tFQIDTclu1e8pk8edUWElRlGZkR5B7iiJ
kYEq1mMaI2oL8HLb3fF6ND1SuUQX8EfjMczo7jcdUbDuB5BSUnO/5JtsfTCvqweC
aLRqf6vZoVkNBTUFt26ExbMB3u2bIkrbpFhxlno8Pi33CWamyZ1n8mxLZ+GVBymx
90V2GaFUKa8XgCrcAMUDSUBGXKR2kaNMj6PsAtyVNKXWnMEn38x38gpCXAXoJUJf
ELJ6CMp22fGHKFb7PsBXsHoMCPgxUL2V2Byvlnx8tFFQRxhW3p8z/zYLQfYoGIka
KjobSXML/BfPMvXlmDQaYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org