Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7NI9qnq3PqAs3fwFs3n0rNQG9To.roa
File: 7NI9qnq3PqAs3fwFs3n0rNQG9To.roa (raw, json)
Hash identifier: H1izFbi2peXAaChFzdsgcCy6RogMcSdhHD0m6EL5JJw=
Subject key identifier: EC:D2:3D:AA:7A:B7:3E:A0:2C:DD:FC:05:B3:79:F4:AC:D4:06:F5:3A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0189486A9448F4EB235D6D7CB9D42E1F6B80
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7NI9qnq3PqAs3fwFs3n0rNQG9To.roa
Signing time: Wed 12 Jul 2023 04:44:51 +0000
ROA not before: Wed 12 Jul 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.202.0/24 maxlen: 24
188.212.121.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 10:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:48:6a:94:48:f4:eb:23:5d:6d:7c:b9:d4:2e:1f:6b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 12 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecd23daa7ab73ea02cddfc05b379f4acd406f53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:51:7b:b4:fa:84:f2:9a:35:29:a8:47:3b:
f6:60:a9:39:07:7f:0b:ae:47:f7:c9:99:1f:3a:d5:
53:a1:95:6d:fb:a1:d0:dd:48:be:86:28:d2:f1:e5:
1e:8f:9b:51:ec:70:ff:53:3e:89:41:da:e8:3e:11:
64:23:e7:22:77:39:92:03:b6:0b:d7:1f:e3:49:7b:
ef:33:d4:bb:d9:73:46:75:15:b8:7a:70:68:c0:8d:
2c:7b:9a:5b:b0:88:6e:24:e7:1f:67:4f:31:37:09:
e4:b7:9a:a2:30:02:b6:b9:76:47:6c:8a:82:8f:38:
b6:7e:a8:e1:19:5e:c9:2e:93:f5:49:85:f1:04:fe:
d3:6c:eb:4e:56:8a:4b:57:6a:17:1e:4b:46:30:ae:
0d:e1:32:1d:c2:6c:ea:94:6f:a3:fd:f6:7c:ac:e5:
3b:92:02:1e:06:88:c5:b2:ca:58:4b:76:eb:c1:12:
dc:71:6f:4d:b9:7f:bb:40:82:77:62:87:ea:91:5c:
cd:2f:ab:4e:23:5c:c6:17:bc:ef:19:6f:e8:c4:cd:
44:80:ac:c8:12:0d:e3:fc:3c:74:fb:5c:57:8b:76:
d8:6c:f9:b5:75:84:8c:7d:58:d9:52:65:9b:1b:a6:
3f:f0:a9:ab:6c:9a:10:b3:54:98:59:dc:ca:42:bd:
d5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D2:3D:AA:7A:B7:3E:A0:2C:DD:FC:05:B3:79:F4:AC:D4:06:F5:3A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/7NI9qnq3PqAs3fwFs3n0rNQG9To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
85.204.18.0/24
86.105.4.0/24
86.107.51.0/24
89.34.202.0/24
89.36.140.0/24
89.40.36.0/24
89.45.35.0/24
176.223.188.0/24
188.212.121.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e5:96:32:aa:08:c1:54:79:e5:ce:12:7a:df:77:5f:a7:89:
10:a6:7c:d3:2d:51:5a:9d:f4:e8:38:73:1b:b7:1d:1a:97:e6:
42:00:5e:af:e6:d3:dd:93:13:b6:90:09:71:13:b4:e8:ca:a0:
52:8e:ac:8e:4d:49:c0:d0:e0:25:25:b7:d4:64:a0:c9:2f:41:
86:73:cf:7e:7a:7d:d6:f8:4c:3c:9c:fb:53:20:08:ab:29:17:
b4:5c:60:fa:48:3e:45:81:15:95:ef:12:0c:b5:19:90:e3:f6:
14:d7:9e:73:c8:94:21:2a:14:54:12:02:61:03:1f:a9:5d:91:
fa:49:f1:04:51:f6:69:2f:52:5a:51:4b:c5:5c:6f:b7:db:60:
b6:f8:be:22:34:03:60:50:a5:e6:d6:09:93:42:22:75:60:27:
4c:81:33:a1:e8:f6:32:c0:e2:a8:dc:27:3d:fb:51:ee:69:f3:
6a:63:e1:9a:bf:45:b6:92:9d:95:34:2d:ea:a4:03:3e:53:43:
88:1e:63:f2:a8:2d:c6:99:bd:59:76:f1:5d:6b:54:d3:82:50:
63:ab:d3:76:5f:a4:7a:08:eb:fa:f1:68:fd:18:d9:a4:e0:53:
1a:84:cc:1a:a2:09:c2:44:74:a6:9d:84:08:9e:f2:25:04:0d:
b0:84:32:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYlIapRI9OsjXW18udQuH2uAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNzEyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2QyM2RhYTdhYjczZWEwMmNkZGZjMDViMzc5ZjRhY2Q0MDZmNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFhRe7T6hPKaNSmoRzv2YKk5B38L
rkf3yZkfOtVToZVt+6HQ3Ui+hijS8eUej5tR7HD/Uz6JQdroPhFkI+cidzmSA7YL
1x/jSXvvM9S72XNGdRW4enBowI0se5pbsIhuJOcfZ08xNwnkt5qiMAK2uXZHbIqC
jzi2fqjhGV7JLpP1SYXxBP7TbOtOVopLV2oXHktGMK4N4TIdwmzqlG+j/fZ8rOU7
kgIeBojFsspYS3brwRLccW9NuX+7QIJ3YofqkVzNL6tOI1zGF7zvGW/oxM1EgKzI
Eg3j/Dx0+1xXi3bYbPm1dYSMfVjZUmWbG6Y/8KmrbJoQs1SYWdzKQr3V2wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOzSPap6tz6gLN38BbN59KzUBvU6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvN05JOXFucTNQcUFzM2Z3RnMzbjByTlFHOVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALmbtAwQA
VcwSAwQAVmkEAwQAVmszAwQAWSLKAwQAWSSMAwQAWSgkAwQAWS0jAwQAsN+8AwQA
vNR5MA0GCSqGSIb3DQEBCwUAA4IBAQBa5ZYyqgjBVHnlzhJ633dfp4kQpnzTLVFa
nfToOHMbtx0al+ZCAF6v5tPdkxO2kAlxE7ToyqBSjqyOTUnA0OAlJbfUZKDJL0GG
c89+en3W+Ew8nPtTIAirKRe0XGD6SD5FgRWV7xIMtRmQ4/YU155zyJQhKhRUEgJh
Ax+pXZH6SfEEUfZpL1JaUUvFXG+322C2+L4iNANgUKXm1gmTQiJ1YCdMgTOh6PYy
wOKo3Cc9+1HuafNqY+Gav0W2kp2VNC3qpAM+U0OIHmPyqC3Gmb1ZdvFda1TTglBj
q9N2X6R6COv68Wj9GNmk4FMahMwaognCRHSmnYQInvIlBA2whDLz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org