Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4RFR3c9AGntML0zQ85V8gQswnHw.roa
File: 4RFR3c9AGntML0zQ85V8gQswnHw.roa (raw, json)
Hash identifier: JmIgqVRIDhwNIioXO3duArGThy+0K4cCjsHeD38Ml3g=
Subject key identifier: E1:11:51:DD:CF:40:1A:7B:4C:2F:4C:D0:F3:95:7C:81:0B:30:9C:7C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AEC8FC63BB7958C362C5DBA243FC9722F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4RFR3c9AGntML0zQ85V8gQswnHw.roa
Signing time: Sun 01 Oct 2023 18:45:59 +0000
ROA not before: Sun 01 Oct 2023 18:45:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 08:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ec:8f:c6:3b:b7:95:8c:36:2c:5d:ba:24:3f:c9:72:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 1 18:45:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e11151ddcf401a7b4c2f4cd0f3957c810b309c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0f:8e:85:cc:79:90:49:ca:1e:00:5c:c1:71:
11:b7:0d:98:c2:7c:94:22:07:00:03:3a:1e:b3:da:
62:9c:50:e9:73:e8:f5:bd:28:63:dc:b4:70:9a:ae:
9b:3d:51:8e:41:69:1b:89:db:b4:0f:f1:ba:d9:94:
72:f4:93:cb:8e:91:aa:44:55:66:50:6e:13:df:95:
d7:7e:8f:73:32:00:51:04:81:c1:45:79:ce:74:2a:
53:91:49:bf:65:b5:0c:23:38:c0:61:5e:24:84:a6:
c2:c9:bd:c0:79:e7:87:f0:09:c5:51:bd:6d:01:fd:
b0:17:4b:3b:23:33:3f:3c:49:91:8b:b1:c2:c6:d5:
4c:2b:a4:a5:7d:50:a3:41:16:cd:37:c6:59:5b:02:
8d:2f:90:60:39:c8:e5:93:ee:ac:a6:a4:1e:82:1f:
5f:8c:8f:4d:b9:ae:c5:e8:36:07:4d:fc:11:7d:13:
13:dc:46:70:e5:5c:cd:f9:76:c8:d5:b0:a2:25:f1:
38:6f:ce:9e:bd:6e:16:e5:f9:16:ff:49:52:f9:32:
e2:51:24:ce:bc:19:e9:85:d0:34:5f:bb:de:ea:34:
7f:aa:1f:19:59:4a:01:49:bb:89:fe:22:9f:27:fa:
eb:4e:27:f6:93:5f:eb:33:99:af:16:19:d3:79:61:
04:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:11:51:DD:CF:40:1A:7B:4C:2F:4C:D0:F3:95:7C:81:0B:30:9C:7C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/4RFR3c9AGntML0zQ85V8gQswnHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0/24
86.107.51.0/24
89.35.119.0/24
89.35.130.0/23
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
89:84:d2:d5:70:ac:c1:93:18:a7:a9:5f:63:8b:81:07:7f:cf:
56:d3:ee:ff:91:22:ca:66:0b:0d:43:f1:b4:76:a6:9f:b2:9c:
56:dd:0f:66:a2:f1:6b:68:9d:5d:3e:cb:d2:3e:ed:19:9a:bc:
da:7c:1b:bf:41:8c:aa:6e:90:c4:62:71:3e:16:2b:02:04:cd:
1a:99:f3:77:fc:96:05:fd:d6:08:f3:06:6c:4e:c7:79:12:eb:
36:bf:6f:92:96:43:30:bd:95:5e:7b:3a:53:77:52:89:89:aa:
60:b9:5a:92:12:6d:84:e7:b4:09:9e:b6:c5:c9:6d:6f:7f:61:
b2:b2:b5:94:c0:83:48:60:c6:20:42:91:82:87:7f:0d:34:f1:
48:05:2e:af:37:ab:d8:04:66:55:31:f4:db:56:ca:77:e8:ed:
0c:c8:17:b2:f3:26:64:71:43:41:41:28:31:22:03:43:52:aa:
8a:41:0c:3f:70:4a:b3:5e:5c:ea:09:7a:97:98:73:c9:c8:1e:
e0:48:de:04:e3:24:26:7c:df:42:2e:64:9a:66:01:40:7d:54:
a9:0c:6d:a5:00:7f:95:0c:37:de:5a:67:76:b6:72:97:bb:5d:
54:0c:3a:53:0a:a8:41:fd:3c:94:1c:c3:f2:d8:57:9c:60:fe:
18:22:41:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrsj8Y7t5WMNixduiQ/yXIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMxMDAxMTg0NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTExNTFkZGNmNDAxYTdiNGMyZjRjZDBmMzk1N2M4MTBiMzA5YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA+Ohcx5kEnKHgBcwXERtw2YwnyU
IgcAAzoes9pinFDpc+j1vShj3LRwmq6bPVGOQWkbidu0D/G62ZRy9JPLjpGqRFVm
UG4T35XXfo9zMgBRBIHBRXnOdCpTkUm/ZbUMIzjAYV4khKbCyb3AeeeH8AnFUb1t
Af2wF0s7IzM/PEmRi7HCxtVMK6SlfVCjQRbNN8ZZWwKNL5BgOcjlk+6spqQegh9f
jI9Nua7F6DYHTfwRfRMT3EZw5VzN+XbI1bCiJfE4b86evW4W5fkW/0lS+TLiUSTO
vBnphdA0X7ve6jR/qh8ZWUoBSbuJ/iKfJ/rrTif2k1/rM5mvFhnTeWEEWQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOERUd3PQBp7TC9M0POVfIELMJx8MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNFJGUjNjOUFHbnRNTDB6UTg1VjhnUXN3bkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVgNAwQA
VmszAwQAWSN3AwQBWSOCAwQAvNZrMA0GCSqGSIb3DQEBCwUAA4IBAQCJhNLVcKzB
kxinqV9ji4EHf89W0+7/kSLKZgsNQ/G0dqafspxW3Q9movFraJ1dPsvSPu0Zmrza
fBu/QYyqbpDEYnE+FisCBM0amfN3/JYF/dYI8wZsTsd5Eus2v2+SlkMwvZVeezpT
d1KJiapguVqSEm2E57QJnrbFyW1vf2GysrWUwINIYMYgQpGCh38NNPFIBS6vN6vY
BGZVMfTbVsp36O0MyBey8yZkcUNBQSgxIgNDUqqKQQw/cEqzXlzqCXqXmHPJyB7g
SN4E4yQmfN9CLmSaZgFAfVSpDG2lAH+VDDfeWmd2tnKXu11UDDpTCqhB/TyUHMPy
2FecYP4YIkFk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org