Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6KlTLEvkE9ibdLSAbS5A9iVAqLo.roa
File: 6KlTLEvkE9ibdLSAbS5A9iVAqLo.roa (raw, json)
Hash identifier: toVkWKmCDOhRFadTP4nyP9oPkY+VL3t1ka7joIBfZYg=
Subject key identifier: E8:A9:53:2C:4B:E4:13:D8:9B:74:B4:80:6D:2E:40:F6:25:40:A8:BA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187479980060DBCE6A01F3D2D542CAA9D2A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6KlTLEvkE9ibdLSAbS5A9iVAqLo.roa
Signing time: Mon 03 Apr 2023 14:50:54 +0000
ROA not before: Mon 03 Apr 2023 14:50:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 86.107.50.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 13:16:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:99:80:06:0d:bc:e6:a0:1f:3d:2d:54:2c:aa:9d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 3 14:50:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8a9532c4be413d89b74b4806d2e40f62540a8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e7:3d:84:54:7f:e1:fd:03:2e:21:f6:f1:4d:
7e:65:3a:a2:7f:55:d3:35:f5:e1:74:d2:26:ab:b4:
47:84:20:ff:89:26:13:7a:e3:b0:03:bd:1d:73:78:
e0:a5:c3:4e:b0:0e:2d:8a:15:ea:ab:4e:d5:f7:9b:
3e:29:2d:30:18:56:f5:64:ce:6a:1f:39:8b:63:9d:
12:d3:cb:34:80:48:b9:41:89:55:43:be:fa:14:6d:
ae:20:07:15:7f:67:9d:b7:18:a7:13:21:f8:1a:55:
b2:38:50:cb:f4:b0:18:0b:92:2c:fb:27:1d:1b:65:
be:36:8b:64:1b:f7:85:3d:74:cb:25:7e:17:87:4c:
29:44:ab:25:b2:6c:49:35:24:6d:ce:0e:3b:aa:c8:
80:44:e7:68:0a:5c:b2:51:35:9f:ef:4c:cc:0d:4c:
23:d5:68:45:8f:1a:a4:89:5f:6b:0f:5e:3c:5d:92:
32:1e:85:1f:60:5e:28:12:e1:40:62:77:a5:00:63:
dc:6a:3b:3b:6c:e7:d9:a4:76:c0:2f:bb:b6:b9:00:
33:a0:81:72:7d:de:d3:56:60:b1:fb:f4:7f:17:f4:
40:df:55:fe:2b:3e:75:16:e0:56:25:f3:12:8d:a0:
d1:8c:b4:f6:50:e8:7a:7a:a6:65:62:f5:37:1e:20:
c9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A9:53:2C:4B:E4:13:D8:9B:74:B4:80:6D:2E:40:F6:25:40:A8:BA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6KlTLEvkE9ibdLSAbS5A9iVAqLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.50.0/24
93.115.203.0/24
188.213.216.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
02:72:06:13:41:ca:cd:ac:c6:8d:46:13:cc:f7:dc:a4:6f:7e:
f3:f9:7f:0c:3d:57:c9:84:2c:e8:17:e4:37:d5:f8:a2:0d:72:
5b:f2:57:51:29:ce:c7:d8:9c:fd:07:18:a8:ee:1a:90:4b:d2:
ce:8f:16:7f:c8:48:fd:3e:18:9d:35:f7:e6:ae:72:c2:19:b5:
6c:fd:39:9a:bb:6a:23:4f:db:21:ef:14:57:dd:8c:c7:02:7a:
5e:31:66:24:62:0a:2c:95:fb:0f:71:18:c8:f6:97:16:59:96:
14:8b:ec:bb:a5:dd:f2:7d:6d:30:51:8a:e9:3d:e4:6b:a0:fa:
e4:9e:f4:1f:60:45:c1:c4:f8:6d:f7:67:cc:9d:a2:13:aa:4e:
b5:8d:3a:e3:39:6a:c2:16:4d:17:e9:a8:20:e1:7e:b3:14:e4:
57:76:33:8f:68:2b:44:74:61:da:d6:de:4e:65:65:18:7b:78:
93:96:f5:7e:85:e3:2f:8e:85:1d:21:0a:8d:cf:44:10:1e:6e:
c7:c0:ed:28:1d:d1:01:63:c8:80:65:5f:93:dc:66:cf:99:a1:
fd:31:99:79:bb:8d:9b:6c:58:83:33:d9:ef:23:8e:fc:b2:f9:
f3:21:05:e2:ab:92:4c:be:c2:5c:d1:f4:f1:22:87:86:c4:a5:
a2:17:60:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdHmYAGDbzmoB89LVQsqp0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNDAzMTQ1MDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE5NTMyYzRiZTQxM2Q4OWI3NGI0ODA2ZDJlNDBmNjI1NDBhOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquc9hFR/4f0DLiH28U1+ZTqif1XT
NfXhdNImq7RHhCD/iSYTeuOwA70dc3jgpcNOsA4tihXqq07V95s+KS0wGFb1ZM5q
HzmLY50S08s0gEi5QYlVQ776FG2uIAcVf2edtxinEyH4GlWyOFDL9LAYC5Is+ycd
G2W+NotkG/eFPXTLJX4Xh0wpRKslsmxJNSRtzg47qsiAROdoClyyUTWf70zMDUwj
1WhFjxqkiV9rD148XZIyHoUfYF4oEuFAYnelAGPcajs7bOfZpHbAL7u2uQAzoIFy
fd7TVmCx+/R/F/RA31X+Kz51FuBWJfMSjaDRjLT2UOh6eqZlYvU3HiDJXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOipUyxL5BPYm3S0gG0uQPYlQKi6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNktsVExFdmtFOWliZExTQWJTNUE5aVZBcUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVmsyAwQA
XXPLAwQAvNXYAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQACcgYTQcrNrMaNRhPM
99ykb37z+X8MPVfJhCzoF+Q31fiiDXJb8ldRKc7H2Jz9Bxio7hqQS9LOjxZ/yEj9
PhidNffmrnLCGbVs/Tmau2ojT9sh7xRX3YzHAnpeMWYkYgoslfsPcRjI9pcWWZYU
i+y7pd3yfW0wUYrpPeRroPrknvQfYEXBxPht92fMnaITqk61jTrjOWrCFk0X6agg
4X6zFORXdjOPaCtEdGHa1t5OZWUYe3iTlvV+heMvjoUdIQqNz0QQHm7HwO0oHdEB
Y8iAZV+T3GbPmaH9MZl5u42bbFiDM9nvI478svnzIQXiq5JMvsJc0fTxIoeGxKWi
F2DL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org