Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/by7Mtsr5tS2syKFR5B4fON0COhk.roa
File: by7Mtsr5tS2syKFR5B4fON0COhk.roa (raw, json)
Hash identifier: I+iQLGBRA4D7Kc+oqXphuG8nkUgCZuMFl+95lXQ56bc=
Subject key identifier: 6F:2E:CC:B6:CA:F9:B5:2D:AC:C8:A1:51:E4:1E:1F:38:DD:02:3A:19
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 0191868D24F87FED282299D74C0E31135C9D
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/by7Mtsr5tS2syKFR5B4fON0COhk.roa
Signing time: Sat 24 Aug 2024 22:41:22 +0000
ROA not before: Sat 24 Aug 2024 22:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207333
IP address blocks: 31.14.27.0/24 maxlen: 24
86.107.44.0/24 maxlen: 24
86.107.45.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
89.33.41.0/24 maxlen: 24
89.35.124.0/24 maxlen: 24
89.35.125.0/24 maxlen: 24
89.46.33.0/24 maxlen: 24
89.46.34.0/24 maxlen: 24
92.114.7.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.113.132.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
2a06:940::/48 maxlen: 48
2a06:942::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 21 Sep 2024 14:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:86:8d:24:f8:7f:ed:28:22:99:d7:4c:0e:31:13:5c:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Aug 24 22:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f2eccb6caf9b52dacc8a151e41e1f38dd023a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:07:b5:e1:d6:25:47:3a:b0:98:a0:6a:f4:22:
c7:3c:62:5a:36:0a:26:cf:05:d2:e4:b8:5d:b0:dd:
58:27:a5:a9:8c:b2:8b:f5:fb:a5:bc:8e:44:52:62:
83:86:3c:b7:31:09:33:43:7d:06:a6:c7:79:2a:38:
0e:57:74:12:b1:1f:a7:03:99:7e:cd:95:8c:7a:57:
2f:e8:a7:cf:56:5c:10:c9:54:f7:fc:ed:62:d1:14:
fd:52:d7:44:06:ae:a4:f7:87:11:67:af:44:11:72:
7c:94:4f:61:85:85:09:6c:dd:56:b7:69:42:ef:77:
03:96:ba:19:5b:fe:36:4b:c9:d1:db:bd:8c:44:6f:
bf:79:e4:44:4d:bc:85:3c:d3:7f:43:44:8d:3a:c5:
a7:a9:14:47:f9:b8:1e:2d:a0:02:2f:1e:a1:fd:06:
e2:34:c2:4f:a9:00:7e:2f:ad:ea:84:f9:ca:e4:1d:
62:9c:87:7a:a2:e1:f8:b6:3d:2f:e7:0c:f8:45:84:
92:4d:0a:a1:56:09:0f:73:f3:59:0c:8a:38:27:bb:
fa:bb:e4:a0:21:32:87:e8:69:1c:3d:8b:ac:59:ae:
92:fb:a3:9e:37:0e:05:b6:b0:63:34:64:19:60:1d:
3c:6b:70:20:e7:b2:bc:62:e6:65:fa:bc:a8:f0:6c:
48:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2E:CC:B6:CA:F9:B5:2D:AC:C8:A1:51:E4:1E:1F:38:DD:02:3A:19
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/by7Mtsr5tS2syKFR5B4fON0COhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.27.0/24
86.107.44.0/23
86.107.198.0/23
89.33.41.0/24
89.35.124.0/23
89.46.33.0-89.46.34.255
92.114.7.0/24
185.98.5.0-185.98.7.255
185.100.64.0/23
185.100.67.0/24
185.111.104.0/22
185.113.132.0/24
185.113.134.0/23
185.121.80.0/22
185.125.89.0/24
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/48
2a06:942::/48
Signature Algorithm: sha256WithRSAEncryption
7c:ac:51:31:01:1e:cc:1f:09:3f:5a:38:cd:e5:29:bb:51:80:
5b:a3:ef:07:5a:5c:f6:b1:bf:9b:e8:b7:3e:91:c1:d6:e5:98:
de:8f:88:5d:b4:ca:9a:47:9d:e7:d2:5a:da:88:22:62:b5:1b:
3e:97:47:d2:23:a0:58:aa:4a:ee:03:8a:65:30:37:3e:47:3a:
86:84:73:46:e0:bb:78:43:7e:1e:f7:f9:c4:64:ff:2a:6c:68:
a7:44:09:e6:ca:fd:29:cb:be:df:c3:1c:e9:d4:65:98:74:11:
89:d0:5e:fc:b0:d3:c9:bd:6d:41:72:6f:32:96:9e:78:58:49:
13:a5:96:8c:37:fb:84:f2:1d:8b:3f:f3:76:a0:24:bd:e7:fe:
ee:ad:c2:f4:b9:04:81:68:61:ee:67:7e:60:23:80:c3:b5:7b:
91:69:17:03:0b:e6:f4:c8:78:a4:32:91:6b:72:65:a1:6e:1c:
43:6c:c7:ac:b7:fa:f9:18:17:05:b4:c3:c6:c6:9b:03:88:3f:
91:bd:f5:19:44:6c:6d:48:e0:16:6c:70:35:c9:a1:15:c8:91:
13:63:c9:60:8d:f4:e7:2d:91:36:4d:ec:54:0e:c5:08:2b:44:
a5:be:1c:01:6c:31:59:dd:ea:cf:24:af:7c:d5:13:94:90:6e:
f2:63:7d:47
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZGGjST4f+0oIpnXTA4xE1ydMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjQwODI0MjI0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJlY2NiNmNhZjliNTJkYWNjOGExNTFlNDFlMWYzOGRkMDIzYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ge14dYlRzqwmKBq9CLHPGJaNgom
zwXS5LhdsN1YJ6WpjLKL9fulvI5EUmKDhjy3MQkzQ30Gpsd5KjgOV3QSsR+nA5l+
zZWMelcv6KfPVlwQyVT3/O1i0RT9UtdEBq6k94cRZ69EEXJ8lE9hhYUJbN1Wt2lC
73cDlroZW/42S8nR272MRG+/eeRETbyFPNN/Q0SNOsWnqRRH+bgeLaACLx6h/Qbi
NMJPqQB+L63qhPnK5B1inId6ouH4tj0v5wz4RYSSTQqhVgkPc/NZDIo4J7v6u+Sg
ITKH6GkcPYusWa6S+6OeNw4FtrBjNGQZYB08a3Ag57K8YuZl+ryo8GxIrwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFG8uzLbK+bUtrMihUeQeHzjdAjoZMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvYnk3TXRzcjV0UzJzeUtGUjVCNGZPTjBDT2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDB8BAIAATB2AwQAHw4b
AwQBVmssAwQBVmvGAwQAWSEpAwQBWSN8MAwDBABZLiEDBABZLiIDBABccgcwDAME
ALliBQMEA7liAAMEAblkQAMEALlkQwMEArlvaAMEALlxhAMEAblxhgMEArl5UAME
ALl9WQMEArmBMAMEAbzx2DAYBAIAAjASAwcAKgYJQAAAAwcAKgYJQgAAMA0GCSqG
SIb3DQEBCwUAA4IBAQB8rFExAR7MHwk/WjjN5Sm7UYBbo+8HWlz2sb+b6Lc+kcHW
5Zjej4hdtMqaR53n0lraiCJitRs+l0fSI6BYqkruA4plMDc+RzqGhHNG4Lt4Q34e
9/nEZP8qbGinRAnmyv0py77fwxzp1GWYdBGJ0F78sNPJvW1Bcm8ylp54WEkTpZaM
N/uE8h2LP/N2oCS95/7urcL0uQSBaGHuZ35gI4DDtXuRaRcDC+b0yHikMpFrcmWh
bhxDbMest/r5GBcFtMPGxpsDiD+RvfUZRGxtSOAWbHA1yaEVyJETY8lgjfTnLZE2
TexUDsUIK0SlvhwBbDFZ3erPJK981ROUkG7yY31H
-----END CERTIFICATE-----
Generated at Sat Sep 21 16:45:58 2024 by rpki-client on console-fra.rpki-client.org