Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2PkrnDdl3thXQmz_b_STiBKhQo4.roa
File: 2PkrnDdl3thXQmz_b_STiBKhQo4.roa (raw, json)
Hash identifier: fzh+JYYzT9M9Xh6xV8coJJIJxEA4e+RZNtw2GokOjxM=
Subject key identifier: D8:F9:2B:9C:37:65:DE:D8:57:42:6C:FF:6F:F4:93:88:12:A1:42:8E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01888536A90FAAE0D5DC52E2116AFFC1A32C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2PkrnDdl3thXQmz_b_STiBKhQo4.roa
Signing time: Sun 04 Jun 2023 07:02:11 +0000
ROA not before: Sun 04 Jun 2023 07:02:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 89.37.194.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 07:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:85:36:a9:0f:aa:e0:d5:dc:52:e2:11:6a:ff:c1:a3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 4 07:02:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8f92b9c3765ded857426cff6ff4938812a1428e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:49:38:ce:a7:27:84:67:3c:8e:52:d9:68:6c:
7a:ce:80:39:a0:ef:f0:ff:35:be:9f:70:8b:27:4e:
a9:43:73:37:09:2f:61:8f:37:15:db:d6:99:73:bc:
14:e1:31:21:78:7e:b5:8e:e5:cf:cb:9a:cc:18:1c:
c0:be:09:e0:39:1d:43:a1:5b:dc:c2:55:80:18:79:
22:2f:d9:bb:2a:3b:56:de:aa:56:04:61:39:50:6c:
17:15:7f:2b:0c:86:88:1b:0f:05:62:9c:87:f3:82:
1b:23:42:8e:f8:5d:cd:a1:83:ac:67:16:4e:0c:6a:
e3:5b:e9:16:8e:ed:e5:a1:98:cd:a1:da:5a:0b:ca:
d0:46:2a:89:9d:51:f0:fc:e8:00:d2:a3:7a:cb:f9:
9e:6a:f2:4a:1c:1b:d4:d7:ba:c3:bf:65:d5:ab:fb:
c2:81:a4:13:a1:2f:12:e3:09:e4:f7:ba:54:5b:35:
e3:57:2a:41:c0:3b:ea:c1:c4:7c:75:85:80:e1:65:
a2:45:d4:57:aa:86:2f:26:4d:68:3f:f4:bc:9a:50:
40:3a:f6:9d:23:d0:86:15:0b:38:78:3d:60:22:a8:
4e:6e:b2:28:17:35:d8:3c:b9:1e:bb:48:69:56:fc:
49:ef:f1:f6:ab:a3:1e:6f:92:be:d4:a8:0f:62:c9:
78:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F9:2B:9C:37:65:DE:D8:57:42:6C:FF:6F:F4:93:88:12:A1:42:8E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/2PkrnDdl3thXQmz_b_STiBKhQo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
86.105.4.0/24
89.36.140.0/24
89.37.194.0/24
89.40.36.0/24
Signature Algorithm: sha256WithRSAEncryption
32:04:f9:59:14:51:c1:ce:e9:5d:23:fc:61:bd:4e:f0:73:b3:
d4:b4:07:be:45:40:2f:9d:8e:48:ae:08:5d:da:f7:7c:9f:01:
df:44:ce:16:c3:41:33:21:12:78:a6:4b:6d:06:95:21:5e:90:
c8:a3:09:70:50:e1:87:4f:6d:87:11:7f:e9:75:12:76:c1:c9:
8c:5b:fc:c4:3e:0d:78:49:3c:b3:7f:91:eb:f3:51:84:f1:32:
76:53:d5:d3:6e:80:26:16:81:6b:f6:51:da:3d:21:61:20:3c:
45:32:2e:c5:3e:1c:1c:14:1a:20:8c:6e:64:b1:92:a7:3d:03:
de:c8:6c:3a:5b:40:4c:c3:97:3e:a4:37:3a:58:3d:a4:d6:b8:
c5:ce:65:2f:58:be:d9:2a:e2:9c:ee:c5:f7:3f:8e:b7:1e:29:
2f:8f:e3:df:1a:83:d9:63:3e:c5:27:11:1e:b7:03:2d:82:a9:
a1:f3:7b:74:1f:dc:2d:8e:1c:50:05:f6:17:80:20:7b:27:7f:
7e:7c:1b:12:f2:6d:24:22:d4:93:d8:6b:de:90:98:34:73:03:
21:c3:0c:14:83:1f:1f:7e:78:a2:7b:a0:e9:15:b1:55:1e:62:
b2:10:51:2f:0e:e0:57:57:c6:03:02:38:10:dc:96:87:3e:ba:
af:ff:0b:41
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiFNqkPquDV3FLiEWr/waMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjA0MDcwMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGY5MmI5YzM3NjVkZWQ4NTc0MjZjZmY2ZmY0OTM4ODEyYTE0MjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkk4zqcnhGc8jlLZaGx6zoA5oO/w
/zW+n3CLJ06pQ3M3CS9hjzcV29aZc7wU4TEheH61juXPy5rMGBzAvgngOR1DoVvc
wlWAGHkiL9m7KjtW3qpWBGE5UGwXFX8rDIaIGw8FYpyH84IbI0KO+F3NoYOsZxZO
DGrjW+kWju3loZjNodpaC8rQRiqJnVHw/OgA0qN6y/meavJKHBvU17rDv2XVq/vC
gaQToS8S4wnk97pUWzXjVypBwDvqwcR8dYWA4WWiRdRXqoYvJk1oP/S8mlBAOvad
I9CGFQs4eD1gIqhObrIoFzXYPLkeu0hpVvxJ7/H2q6Meb5K+1KgPYsl4MwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNj5K5w3Zd7YV0Js/2/0k4gSoUKOMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMlBrcm5EZGwzdGhYUW16X2JfU1RpQktoUW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALmbtAwQA
VmkEAwQAWSSMAwQAWSXCAwQAWSgkMA0GCSqGSIb3DQEBCwUAA4IBAQAyBPlZFFHB
zuldI/xhvU7wc7PUtAe+RUAvnY5Irghd2vd8nwHfRM4Ww0EzIRJ4pkttBpUhXpDI
owlwUOGHT22HEX/pdRJ2wcmMW/zEPg14STyzf5Hr81GE8TJ2U9XTboAmFoFr9lHa
PSFhIDxFMi7FPhwcFBogjG5ksZKnPQPeyGw6W0BMw5c+pDc6WD2k1rjFzmUvWL7Z
KuKc7sX3P463Hikvj+PfGoPZYz7FJxEetwMtgqmh83t0H9wtjhxQBfYXgCB7J39+
fBsS8m0kItST2GvekJg0cwMhwwwUgx8ffniie6DpFbFVHmKyEFEvDuBXV8YDAjgQ
3JaHPrqv/wtB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org