Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dQME7bl8O9bjzOsEt1MLDQMLOI.roa
File: 1dQME7bl8O9bjzOsEt1MLDQMLOI.roa (raw, json)
Hash identifier: lPPokgnBrYaMenAsJUtgBGBJxc0GZNp7f6ismSp5tpY=
Subject key identifier: D5:D4:0C:13:B6:E5:F0:EF:5B:8F:33:AC:12:DD:4C:2C:34:0C:2C:E2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0185C3C0058EE25B74AD95410B591DC8F150
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dQME7bl8O9bjzOsEt1MLDQMLOI.roa
Signing time: Wed 18 Jan 2023 07:20:19 +0000
ROA not before: Wed 18 Jan 2023 07:20:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 86.107.168.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 12:44:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:c0:05:8e:e2:5b:74:ad:95:41:0b:59:1d:c8:f1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 18 07:20:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d40c13b6e5f0ef5b8f33ac12dd4c2c340c2ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d2:7e:ff:9a:fe:cf:2f:e7:ff:62:c7:a1:1e:
cf:75:80:33:80:ac:3b:67:ce:e4:03:5a:5e:09:d2:
00:45:58:2c:dc:a0:06:d6:82:29:44:fe:01:6e:d4:
a4:cc:eb:a8:ed:55:5e:06:2f:09:2a:86:9b:5f:c6:
75:98:2d:73:86:9d:43:39:e7:11:c4:17:67:eb:fb:
31:4f:9e:c1:6d:a6:f6:8a:a8:5c:57:d1:98:76:99:
23:47:83:9e:d4:d1:10:9c:0f:af:f6:90:0a:b2:b3:
9c:58:d3:b8:86:24:fa:a7:fd:5a:d9:d2:ba:7b:a7:
7a:ad:da:74:78:e4:ce:9d:b8:70:47:62:20:a9:05:
03:7b:7d:f2:c3:dc:5d:ba:19:b5:a3:38:f0:55:45:
1a:29:93:ac:a8:2c:87:e5:70:25:7e:e9:75:4e:11:
5c:0f:88:f6:29:e8:e9:b6:13:5f:1f:04:2e:67:eb:
dd:1f:8b:96:e7:4a:22:9f:20:86:10:40:20:39:3b:
0e:5e:4f:3e:45:5b:8f:16:3d:02:83:71:88:72:5a:
83:7e:91:0c:a5:36:f0:07:fc:af:0d:3a:30:7e:39:
7b:3d:1a:4d:8e:af:ce:c9:d0:4c:44:89:7d:22:03:
fe:ab:9d:37:b3:e0:e7:a6:a1:d9:ac:41:c6:c2:7e:
55:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D4:0C:13:B6:E5:F0:EF:5B:8F:33:AC:12:DD:4C:2C:34:0C:2C:E2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/1dQME7bl8O9bjzOsEt1MLDQMLOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
86.107.168.0/24
Signature Algorithm: sha256WithRSAEncryption
59:25:20:c1:98:b4:2c:88:3c:2d:0d:52:91:c5:74:69:38:6e:
11:ff:58:68:3c:9e:c9:ae:7a:5d:26:ec:26:1f:27:76:69:ff:
01:cc:b9:83:69:b3:06:a7:17:2e:98:e6:1d:36:3d:c7:e4:ad:
a3:92:88:fc:c3:bc:32:f6:91:52:38:b6:05:17:f3:55:e3:89:
1d:79:68:6c:c5:74:14:59:88:f3:e7:f1:ca:17:7a:f0:b0:09:
73:22:ab:58:1b:d3:40:6c:6f:fd:00:da:3e:23:b3:96:b4:ca:
16:f2:66:53:b8:f9:90:d6:40:17:2f:51:18:09:9f:46:f2:3f:
03:05:db:e6:a8:6e:2a:82:51:e9:e8:04:f6:a5:ba:b2:99:ea:
8f:d3:29:83:12:66:9b:80:3b:67:f2:5d:5f:30:7d:e1:86:86:
30:08:ea:2a:31:79:a9:9a:f6:88:e6:f4:3f:7b:cc:46:42:7a:
2e:62:d1:96:41:28:a8:17:3a:5b:a8:66:5f:e4:6a:0d:55:39:
27:b0:0f:6b:6b:24:c6:8a:64:07:69:90:62:31:98:3d:68:8b:
65:95:8a:f0:10:be:9a:5d:b0:69:43:0e:a4:aa:d5:68:6a:b0:
f1:d2:ce:66:7d:bf:24:a6:59:27:e5:64:8f:38:a2:69:a4:a2:
0a:1f:88:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXDwAWO4lt0rZVBC1kdyPFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMTE4MDcyMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ0MGMxM2I2ZTVmMGVmNWI4ZjMzYWMxMmRkNGMyYzM0MGMyY2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndJ+/5r+zy/n/2LHoR7PdYAzgKw7
Z87kA1peCdIARVgs3KAG1oIpRP4BbtSkzOuo7VVeBi8JKoabX8Z1mC1zhp1DOecR
xBdn6/sxT57Bbab2iqhcV9GYdpkjR4Oe1NEQnA+v9pAKsrOcWNO4hiT6p/1a2dK6
e6d6rdp0eOTOnbhwR2IgqQUDe33yw9xduhm1ozjwVUUaKZOsqCyH5XAlful1ThFc
D4j2KejpthNfHwQuZ+vdH4uW50oinyCGEEAgOTsOXk8+RVuPFj0Cg3GIclqDfpEM
pTbwB/yvDTowfjl7PRpNjq/OydBMRIl9IgP+q503s+DnpqHZrEHGwn5VAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNXUDBO25fDvW48zrBLdTCw0DCziMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMWRRTUU3Ymw4TzlianpPc0V0MU1MRFFNTE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPsCYAwQA
VmuoMA0GCSqGSIb3DQEBCwUAA4IBAQBZJSDBmLQsiDwtDVKRxXRpOG4R/1hoPJ7J
rnpdJuwmHyd2af8BzLmDabMGpxcumOYdNj3H5K2jkoj8w7wy9pFSOLYFF/NV44kd
eWhsxXQUWYjz5/HKF3rwsAlzIqtYG9NAbG/9ANo+I7OWtMoW8mZTuPmQ1kAXL1EY
CZ9G8j8DBdvmqG4qglHp6AT2pbqymeqP0ymDEmabgDtn8l1fMH3hhoYwCOoqMXmp
mvaI5vQ/e8xGQnouYtGWQSioFzpbqGZf5GoNVTknsA9rayTGimQHaZBiMZg9aItl
lYrwEL6aXbBpQw6kqtVoarDx0s5mfb8kplkn5WSPOKJppKIKH4gm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org