Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/iMaY6aqJ9OE28Kd7XlKytVFsyYo.roa
File: iMaY6aqJ9OE28Kd7XlKytVFsyYo.roa (raw, json)
Hash identifier: xF7PLgkOyGpS/9OkeNqlgo0aLYXTEhSdjBPiQyWoBE0=
Subject key identifier: 88:C6:98:E9:AA:89:F4:E1:36:F0:A7:7B:5E:52:B2:B5:51:6C:C9:8A
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 01859D6BB1B97A90C1554182814E491DF5C1
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/iMaY6aqJ9OE28Kd7XlKytVFsyYo.roa
Signing time: Tue 10 Jan 2023 20:42:38 +0000
ROA not before: Tue 10 Jan 2023 20:42:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58329
IP address blocks: 185.158.249.0/24 maxlen: 24
194.76.225.0/24 maxlen: 24
79.132.132.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
79.132.129.0/24 maxlen: 24
79.132.128.0/24 maxlen: 24
79.132.133.0/24 maxlen: 24
2001:67c:2ae8::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 Mar 2023 23:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9d:6b:b1:b9:7a:90:c1:55:41:82:81:4e:49:1d:f5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 10 20:42:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88c698e9aa89f4e136f0a77b5e52b2b5516cc98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f2:85:3b:8c:e5:47:33:f5:67:6a:26:f9:b6:
f0:ae:27:c7:56:47:47:06:10:76:44:cd:19:7a:d0:
6d:8b:ee:02:a9:ff:1d:c6:a0:4f:88:76:11:92:14:
43:2f:b0:37:ef:14:ae:2a:12:34:58:75:39:5f:1c:
ca:1e:b0:6e:12:b3:e4:19:b0:5d:c2:ef:02:87:8b:
35:f4:1a:46:c7:72:75:f7:67:86:54:7e:42:e4:74:
33:fa:17:53:8b:1e:b8:21:21:ac:51:01:43:be:c4:
e9:cc:58:ee:ce:08:2b:b0:49:ff:63:32:bf:28:1a:
ca:dd:d6:99:e6:ef:bb:35:ad:be:9e:e2:6d:49:d5:
97:f7:97:3f:d0:63:30:5a:d1:ea:f2:8d:4b:e2:df:
2c:d2:4d:ed:5b:c6:c5:73:7b:05:9f:b0:bb:61:34:
02:dd:5c:35:39:ab:c1:02:cc:1a:05:33:7a:19:0a:
08:67:35:3d:fb:29:55:52:8d:2a:90:c1:b7:cc:47:
4a:35:f8:87:18:95:44:a7:20:75:2b:bf:ef:a6:54:
e1:32:01:a4:4c:a0:ac:02:fd:f5:00:b5:c0:b0:d8:
b2:b4:9a:17:45:58:f8:9c:b2:d1:33:ee:7e:e9:04:
31:0b:46:fb:cb:2b:84:12:b0:c7:97:ae:a6:4a:bd:
d4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:98:E9:AA:89:F4:E1:36:F0:A7:7B:5E:52:B2:B5:51:6C:C9:8A
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/iMaY6aqJ9OE28Kd7XlKytVFsyYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
79.132.128.0/23
79.132.132.0/23
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
Signature Algorithm: sha256WithRSAEncryption
8a:02:9c:c6:4d:e6:e5:b6:3d:7d:5b:d1:f9:2d:a0:45:d3:70:
53:c9:45:e1:07:fc:04:01:39:eb:e8:65:5a:a4:dd:17:56:ef:
e3:7e:39:4d:2b:03:00:f4:d7:7c:e7:06:c2:b0:be:d6:eb:29:
58:83:05:06:6f:49:d7:f6:f5:bc:25:17:3a:a2:70:eb:d5:18:
a7:4b:50:8a:12:2c:bc:0e:b7:c3:1a:9f:00:2a:39:a6:31:b1:
e6:5c:5c:3c:a8:33:d6:8c:c9:53:59:a1:8f:62:57:30:3a:6f:
37:d3:72:28:23:44:40:6f:ae:50:5a:c1:6f:b2:09:3c:23:c4:
bd:bb:57:d7:c3:a8:74:01:ea:27:9a:e5:8c:ae:ec:6d:ca:c1:
69:aa:72:fc:d8:f6:cc:7c:1b:6e:95:54:60:df:2c:76:ce:fb:
8b:4b:57:38:ca:41:98:57:81:48:17:7e:9f:c9:fd:56:6b:80:
03:ef:ba:90:4d:cc:11:a7:31:dc:a0:5c:c3:48:e7:34:d4:91:
d7:b4:3d:c6:95:36:12:92:fb:42:2d:e7:22:7a:77:48:c9:3d:
ec:e9:82:d2:b5:0a:21:e7:b5:32:fc:c2:b3:d3:9d:8c:47:14:
75:48:1f:a2:1d:1a:7f:e9:92:26:32:09:19:d5:de:40:e3:cc:
f6:4f:77:5d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYWda7G5epDBVUGCgU5JHfXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwMTEwMjA0MjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2OThlOWFhODlmNGUxMzZmMGE3N2I1ZTUyYjJiNTUxNmNjOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPKFO4zlRzP1Z2om+bbwrifHVkdH
BhB2RM0ZetBti+4Cqf8dxqBPiHYRkhRDL7A37xSuKhI0WHU5XxzKHrBuErPkGbBd
wu8Ch4s19BpGx3J192eGVH5C5HQz+hdTix64ISGsUQFDvsTpzFjuzggrsEn/YzK/
KBrK3daZ5u+7Na2+nuJtSdWX95c/0GMwWtHq8o1L4t8s0k3tW8bFc3sFn7C7YTQC
3Vw1OavBAswaBTN6GQoIZzU9+ylVUo0qkMG3zEdKNfiHGJVEpyB1K7/vplThMgGk
TKCsAv31ALXAsNiytJoXRVj4nLLRM+5+6QQxC0b7yyuEErDHl66mSr3U6wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIjGmOmqifThNvCne15SsrVRbMmKMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvaU1hWTZhcUo5T0UyOEtkN1hsS3l0VkZzeVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAH9adAwQB
T4SAAwQBT4SEAwQAuZ75AwQBwfLSAwQAwkzhMA8EAgACMAkDBwAgAQZ8KugwDQYJ
KoZIhvcNAQELBQADggEBAIoCnMZN5uW2PX1b0fktoEXTcFPJReEH/AQBOevoZVqk
3RdW7+N+OU0rAwD013znBsKwvtbrKViDBQZvSdf29bwlFzqicOvVGKdLUIoSLLwO
t8ManwAqOaYxseZcXDyoM9aMyVNZoY9iVzA6bzfTcigjREBvrlBawW+yCTwjxL27
V9fDqHQB6iea5Yyu7G3KwWmqcvzY9sx8G26VVGDfLHbO+4tLVzjKQZhXgUgXfp/J
/VZrgAPvupBNzBGnMdygXMNI5zTUkde0PcaVNhKS+0It5yJ6d0jJPezpgtK1CiHn
tTL8wrPTnYxHFHVIH6IdGn/pkiYyCRnV3kDjzPZPd10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org