Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1--hIqNge0tH6CzTqnEwbLvhanqw.roa
File: 1--hIqNge0tH6CzTqnEwbLvhanqw.roa (raw, json)
Hash identifier: TfGOPd0gwdWYTjCf1oTZIo13RuOUlnJE6rhdyxI+eQU=
Subject key identifier: FB:E8:48:A8:D8:1E:D2:D1:FA:0B:34:EA:9C:4C:1B:2E:F8:5A:9E:AC
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AEFAC4861A7E4F873C50C6ED8A84F33B1
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1--hIqNge0tH6CzTqnEwbLvhanqw.roa
Signing time: Mon 02 Oct 2023 09:15:59 +0000
ROA not before: Mon 02 Oct 2023 09:15:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399471
IP address blocks: 2.57.243.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
93.90.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Oct 2023 05:22:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:ac:48:61:a7:e4:f8:73:c5:0c:6e:d8:a8:4f:33:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 2 09:15:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbe848a8d81ed2d1fa0b34ea9c4c1b2ef85a9eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:98:90:0c:31:90:6c:ec:00:0b:f2:82:6a:2f:
9f:36:85:1c:09:d6:30:b1:41:79:f9:43:12:49:2c:
cf:9d:44:50:23:ef:02:cd:a3:bc:8d:23:d9:f2:ec:
68:56:10:96:6e:42:92:f1:3e:f5:4c:8b:05:fd:07:
df:bb:9b:cf:92:57:48:80:da:13:82:11:0b:a0:31:
05:f3:c1:97:9f:65:e8:02:54:43:c7:87:a9:49:03:
59:b3:64:8e:01:d8:71:30:d2:75:eb:d7:37:d1:b4:
5c:69:70:71:35:f9:6a:97:d0:7f:31:6c:a3:d9:5b:
bb:58:7b:0c:66:c9:58:5c:d8:07:b2:e1:c3:95:49:
80:c2:ee:38:51:99:f2:cc:b6:bb:fe:2d:b3:bf:72:
e0:1c:02:f3:4d:00:da:ef:80:b6:6d:b1:19:b6:12:
9d:26:ba:53:9a:08:ad:63:76:ed:8c:2a:16:9e:ce:
2c:c6:78:6e:92:de:c2:50:fd:83:01:18:06:21:09:
2a:6c:9e:28:5c:a1:08:6c:8f:e7:1f:c6:7b:94:59:
8c:36:cd:36:4c:50:e1:64:6a:18:87:5a:70:af:c0:
98:9a:ec:21:89:6f:44:e5:af:24:29:a2:85:05:07:
2d:e4:fa:a5:b2:44:e2:cc:59:3c:99:c4:37:36:06:
39:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E8:48:A8:D8:1E:D2:D1:FA:0B:34:EA:9C:4C:1B:2E:F8:5A:9E:AC
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1--hIqNge0tH6CzTqnEwbLvhanqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.243.0/24
93.90.74.0/24
94.177.106.0/24
94.198.171.0/24
Signature Algorithm: sha256WithRSAEncryption
17:08:3c:cf:77:c2:d3:1b:ec:0d:fb:4e:77:73:b6:94:25:e1:
2c:1b:f9:f1:0e:85:68:79:bc:3b:50:b6:71:fc:63:73:1e:60:
7b:a4:31:3b:f6:1a:d7:05:95:b9:94:aa:cd:27:86:e5:56:bb:
4d:9e:13:55:f4:ee:df:8d:73:f1:48:1c:98:5b:b7:5f:bd:ac:
de:23:a5:79:e7:65:de:7c:78:3d:33:86:4a:1c:53:5e:f2:17:
22:e4:6b:9d:03:fb:ef:ad:bf:7f:ec:fe:7c:0e:2a:ff:8b:f9:
5a:01:84:77:47:5f:76:20:30:8b:3f:62:61:b8:ee:0b:74:e9:
8f:d9:d4:0e:aa:73:e9:48:f8:18:d9:f9:1f:83:ba:01:6e:ef:
69:4d:34:78:1d:a3:f3:9a:cb:3f:0e:55:1f:3f:7e:71:70:ad:
b1:dd:73:7c:57:69:0d:a0:a3:1f:6e:40:fc:ef:1b:0c:f3:53:
a7:48:f9:11:bc:d9:02:29:04:98:46:e2:52:ee:73:e4:f1:43:
64:87:c0:63:1f:3d:e0:96:21:de:b1:60:ea:ce:ed:80:d0:09:
60:dd:4c:51:53:f6:4a:49:08:3b:73:80:4b:84:c5:48:2e:19:
f4:e8:67:ed:b4:7b:31:61:95:29:bb:89:cb:3a:c7:75:3e:9f:
7c:86:98:62
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYrvrEhhp+T4c8UMbtioTzOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDAyMDkxNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU4NDhhOGQ4MWVkMmQxZmEwYjM0ZWE5YzRjMWIyZWY4NWE5ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5iQDDGQbOwAC/KCai+fNoUcCdYw
sUF5+UMSSSzPnURQI+8CzaO8jSPZ8uxoVhCWbkKS8T71TIsF/Qffu5vPkldIgNoT
ghELoDEF88GXn2XoAlRDx4epSQNZs2SOAdhxMNJ169c30bRcaXBxNflql9B/MWyj
2Vu7WHsMZslYXNgHsuHDlUmAwu44UZnyzLa7/i2zv3LgHALzTQDa74C2bbEZthKd
JrpTmgitY3btjCoWns4sxnhukt7CUP2DARgGIQkqbJ4oXKEIbI/nH8Z7lFmMNs02
TFDhZGoYh1pwr8CYmuwhiW9E5a8kKaKFBQct5PqlskTizFk8mcQ3NgY5iwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPvoSKjYHtLR+gs06pxMGy74Wp6sMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMS0taElxTmdlMHRINkN6VHFuRXdiTHZoYW5xdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvNGIxOGZiLWQzZWQtNGIyNy05YmQwLWU1ODM5ZjQzZTU4
My8xL2ZhWFRMVnNKeVR3YlhqX0ZvcW9nMTBiOF90RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAAI58wME
AF1aSgMEAF6xagMEAF7GqzANBgkqhkiG9w0BAQsFAAOCAQEAFwg8z3fC0xvsDftO
d3O2lCXhLBv58Q6FaHm8O1C2cfxjcx5ge6QxO/Ya1wWVuZSqzSeG5Va7TZ4TVfTu
341z8UgcmFu3X72s3iOleedl3nx4PTOGShxTXvIXIuRrnQP7762/f+z+fA4q/4v5
WgGEd0dfdiAwiz9iYbjuC3Tpj9nUDqpz6Uj4GNn5H4O6AW7vaU00eB2j85rLPw5V
Hz9+cXCtsd1zfFdpDaCjH25A/O8bDPNTp0j5EbzZAikEmEbiUu5z5PFDZIfAYx89
4JYh3rFg6s7tgNAJYN1MUVP2SkkIO3OAS4TFSC4Z9Ohn7bR7MWGVKbuJyzrHdT6f
fIaYYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:05 2024 by rpki-client on console-fra.rpki-client.org