Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/7aCFYYuHqmzdUNbWqoD4AlgLWcg.roa
File: 7aCFYYuHqmzdUNbWqoD4AlgLWcg.roa (raw, json)
Hash identifier: z1YB6AwmCvEN1r6CcDEBtt0rvcFUgiE3/xfr5yHZZS4=
Subject key identifier: ED:A0:85:61:8B:87:AA:6C:DD:50:D6:D6:AA:80:F8:02:58:0B:59:C8
Certificate issuer: /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial: 0189C07E6D08073EC2AB009DA0D253A7DEF3
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/7aCFYYuHqmzdUNbWqoD4AlgLWcg.roa
Signing time: Fri 04 Aug 2023 12:20:58 +0000
ROA not before: Fri 04 Aug 2023 12:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 86.62.31.0/24 maxlen: 24
86.62.28.0/24 maxlen: 24
86.62.29.0/24 maxlen: 24
86.62.30.0/24 maxlen: 24
194.107.161.0/24 maxlen: 24
194.107.162.0/24 maxlen: 24
194.36.32.0/23 maxlen: 23
45.80.28.0/24 maxlen: 24
45.80.30.0/24 maxlen: 24
45.80.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Aug 2023 07:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c0:7e:6d:08:07:3e:c2:ab:00:9d:a0:d2:53:a7:de:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Validity
Not Before: Aug 4 12:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eda085618b87aa6cdd50d6d6aa80f802580b59c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:89:14:c2:d1:88:a7:d0:24:92:36:35:8b:da:
62:46:60:3f:bd:41:93:ba:17:79:5d:cb:ec:2d:2d:
c2:98:d6:c1:5f:6a:7e:b6:cd:28:ff:02:36:03:a7:
c7:0a:86:41:75:f9:d6:ec:f4:a8:c9:f5:ee:50:c6:
89:b6:24:52:c7:40:9d:03:2b:91:b9:7c:35:35:b3:
a2:b2:28:e1:f5:57:72:87:0f:54:af:cc:97:cb:93:
29:24:b5:21:ed:94:1a:be:88:7d:7d:e5:c1:62:1c:
9a:30:63:4d:26:03:5d:de:59:fd:bc:6b:a5:3a:ec:
2e:d7:3d:36:0b:e2:7a:53:2f:b2:6a:d9:a4:1a:81:
7a:c5:f5:5d:54:77:14:a4:48:0e:12:1c:59:6e:db:
19:30:c7:d2:31:e4:34:3a:ca:76:27:89:9f:a0:2b:
16:c4:36:e6:87:f5:2d:80:55:b5:e9:8f:64:1a:99:
0f:8a:00:11:5c:6f:76:bd:07:db:4b:75:94:f4:1e:
cf:cd:1b:5e:51:1a:93:c6:0d:01:5d:10:64:56:ce:
28:3d:b8:6b:e9:20:bd:f9:45:00:a3:ca:4a:63:0a:
b8:9a:e2:b5:b5:cf:8e:86:12:da:9e:42:18:6c:42:
54:d1:29:7c:f3:b4:32:c1:95:16:87:7c:a0:73:8b:
47:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A0:85:61:8B:87:AA:6C:DD:50:D6:D6:AA:80:F8:02:58:0B:59:C8
X509v3 Authority Key Identifier:
keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/7aCFYYuHqmzdUNbWqoD4AlgLWcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.28.0/24
45.80.30.0/23
86.62.28.0/22
194.36.32.0/23
194.107.161.0-194.107.162.255
Signature Algorithm: sha256WithRSAEncryption
ac:af:13:a3:29:85:51:14:cd:c2:66:16:14:37:98:cb:c7:6e:
55:7d:18:26:74:75:d9:6b:ec:28:80:c0:1a:cc:ca:a0:a3:5f:
40:8c:1f:30:87:40:22:77:ea:a2:a4:81:fc:f9:cf:8f:46:2b:
f0:48:a2:6c:d2:a3:2e:9f:f9:24:aa:20:b7:4b:d5:63:fd:35:
59:e8:fa:8e:43:b1:fd:52:43:c8:d7:f5:a2:3f:bc:c5:01:10:
61:84:42:80:85:d1:1d:3b:9c:5e:57:40:44:7b:56:07:bc:0b:
15:73:bc:39:a4:c7:a6:0c:5a:c8:5a:7e:69:ca:de:20:bb:d1:
06:92:be:85:7c:02:f9:18:3d:ef:a6:d4:a7:f6:f4:49:9f:d7:
4a:20:2b:54:74:7b:59:5f:98:9c:08:7f:87:10:e9:75:9f:c1:
df:0c:4d:c5:7d:82:53:58:bf:10:71:56:be:f8:8b:2d:9b:8d:
19:4e:21:fe:1a:60:c6:93:91:8b:77:3f:19:9b:ad:99:c6:7c:
d5:03:b1:e7:6a:35:a1:5f:19:2c:ce:f7:5d:8c:5f:f2:38:37:
17:b1:02:d6:40:5f:45:a5:ae:bc:3f:af:be:a6:58:d6:d0:d3:
b4:c0:7b:2e:f6:83:95:6b:af:d2:34:2d:97:6a:53:b5:32:14:
5a:65:e3:5a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYnAfm0IBz7CqwCdoNJTp97zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwODA0MTIyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGEwODU2MThiODdhYTZjZGQ1MGQ2ZDZhYTgwZjgwMjU4MGI1OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+IkUwtGIp9AkkjY1i9piRmA/vUGT
uhd5XcvsLS3CmNbBX2p+ts0o/wI2A6fHCoZBdfnW7PSoyfXuUMaJtiRSx0CdAyuR
uXw1NbOisijh9Vdyhw9Ur8yXy5MpJLUh7ZQavoh9feXBYhyaMGNNJgNd3ln9vGul
Ouwu1z02C+J6Uy+yatmkGoF6xfVdVHcUpEgOEhxZbtsZMMfSMeQ0Osp2J4mfoCsW
xDbmh/UtgFW16Y9kGpkPigARXG92vQfbS3WU9B7PzRteURqTxg0BXRBkVs4oPbhr
6SC9+UUAo8pKYwq4muK1tc+OhhLankIYbEJU0Sl887QywZUWh3ygc4tHIQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFO2ghWGLh6ps3VDW1qqA+AJYC1nIMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvN2FDRllZdUhxbXpkVU5iV3FvRDRBbGdMV2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALVAcAwQB
LVAeAwQCVj4cAwQBwiQgMAwDBADCa6EDBADCa6IwDQYJKoZIhvcNAQELBQADggEB
AKyvE6MphVEUzcJmFhQ3mMvHblV9GCZ0ddlr7CiAwBrMyqCjX0CMHzCHQCJ36qKk
gfz5z49GK/BIomzSoy6f+SSqILdL1WP9NVno+o5Dsf1SQ8jX9aI/vMUBEGGEQoCF
0R07nF5XQER7Vge8CxVzvDmkx6YMWshafmnK3iC70QaSvoV8AvkYPe+m1Kf29Emf
10ogK1R0e1lfmJwIf4cQ6XWfwd8MTcV9glNYvxBxVr74iy2bjRlOIf4aYMaTkYt3
PxmbrZnGfNUDsedqNaFfGSzO912MX/I4NxexAtZAX0Wlrrw/r76mWNbQ07TAey72
g5Vrr9I0LZdqU7UyFFpl41o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:12 2024 by rpki-client on console-fra.rpki-client.org