Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8AI8SRjR_lmwb8l9gP_DzalZJX0.roa
File: 8AI8SRjR_lmwb8l9gP_DzalZJX0.roa (raw, json)
Hash identifier: DRB9zXHCOyMrhnmfxHjP2HxOBzqooyXEtHR2aI0bqsw=
Subject key identifier: F0:02:3C:49:18:D1:FE:59:B0:6F:C9:7D:80:FF:C3:CD:A9:59:25:7D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01861855EC392CE2ECE3EED51A650094CA58
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8AI8SRjR_lmwb8l9gP_DzalZJX0.roa
Signing time: Fri 03 Feb 2023 17:32:09 +0000
ROA not before: Fri 03 Feb 2023 17:32:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.18.0/24 maxlen: 24
89.37.195.0/24 maxlen: 24
89.37.194.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Feb 2023 05:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:18:55:ec:39:2c:e2:ec:e3:ee:d5:1a:65:00:94:ca:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 3 17:32:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0023c4918d1fe59b06fc97d80ffc3cda959257d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f3:98:8a:5a:82:12:8a:8f:c9:8b:ca:a7:f6:
6d:f4:54:5a:a1:af:b7:ff:ec:5e:4d:bf:e5:af:2d:
4c:f0:76:9b:5c:14:dd:91:c3:a4:a9:10:d5:69:8a:
53:89:2b:22:e5:65:0d:b7:45:9c:c3:4b:a0:e9:16:
2a:59:56:49:2a:58:b9:c9:91:40:9d:db:1b:c3:c3:
52:16:2a:eb:99:55:45:cd:c6:3a:d4:48:22:c0:2d:
d3:01:09:46:b5:bb:af:c2:b7:db:f2:7b:d5:24:bd:
59:61:5d:fb:07:ee:1b:e3:c5:5e:e4:42:ad:6f:08:
a3:24:71:5b:5e:7a:9f:e5:50:b6:de:37:6e:7b:a0:
df:8d:77:23:5e:d1:6f:60:57:65:92:71:83:eb:5e:
c9:e4:21:55:1a:78:bf:16:ce:aa:c9:cc:e2:91:55:
29:5e:b1:66:f8:a8:a8:e4:67:11:68:ed:9f:0f:5c:
75:2a:4b:0d:a8:9c:36:e2:8e:ea:97:78:20:ca:35:
76:e4:24:8a:dc:47:53:52:d7:cb:ef:b8:ce:d7:04:
79:9f:40:58:25:b3:3f:f0:3e:89:ef:06:c4:20:d3:
c1:4c:35:c6:b7:a2:db:df:4a:a9:94:b6:de:65:36:
77:c2:44:4d:c8:de:55:c4:f5:ec:15:45:de:78:60:
64:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:02:3C:49:18:D1:FE:59:B0:6F:C9:7D:80:FF:C3:CD:A9:59:25:7D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8AI8SRjR_lmwb8l9gP_DzalZJX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
85.204.18.0/24
86.105.4.0/24
89.36.140.0/24
89.37.194.0/23
89.40.36.0/24
188.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c4:98:f4:1f:79:08:34:e1:95:aa:96:2a:86:a0:ac:d0:31:
86:22:cf:53:74:65:b0:37:96:03:15:dc:8d:53:07:17:98:bd:
e4:3a:b6:18:04:28:d5:9b:62:28:29:34:e7:88:33:c2:ab:06:
4a:f4:67:a0:07:96:e4:35:79:4d:9e:03:42:50:82:eb:d9:03:
33:c5:4b:fb:64:99:99:6b:9d:0b:c6:26:19:94:b2:37:3c:a3:
9e:7f:44:fb:7c:83:e2:06:08:dc:35:7c:e3:1d:dc:70:ab:5b:
11:b7:4a:00:65:90:32:a9:25:01:41:7a:8d:0a:64:bf:c6:97:
35:2a:30:d7:9f:53:8d:c7:3c:c0:de:82:16:a6:d0:40:d5:97:
70:7b:d3:16:d4:b6:9d:42:b5:49:93:4a:fa:01:3f:85:cf:4b:
ef:c1:b7:21:5b:21:bd:dc:75:fe:20:5c:f8:40:cc:3d:dc:58:
27:f0:2d:e8:90:9c:99:b8:e6:75:52:80:c9:da:f5:fc:fb:4b:
1e:42:ac:1a:b0:0a:bc:e3:3c:30:99:aa:ba:b0:18:dd:33:b1:
89:e9:b8:7d:70:cd:0a:2d:fa:97:e0:0a:fb:d4:b5:8a:e5:d5:
95:9b:6a:d7:77:6d:36:27:bf:79:d4:3b:02:43:8d:db:9d:52:
1f:89:17:f4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYYVew5LOLs4+7VGmUAlMpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMjAzMTczMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDAyM2M0OTE4ZDFmZTU5YjA2ZmM5N2Q4MGZmYzNjZGE5NTkyNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvOYilqCEoqPyYvKp/Zt9FRaoa+3
/+xeTb/lry1M8HabXBTdkcOkqRDVaYpTiSsi5WUNt0Wcw0ug6RYqWVZJKli5yZFA
ndsbw8NSFirrmVVFzcY61EgiwC3TAQlGtbuvwrfb8nvVJL1ZYV37B+4b48Ve5EKt
bwijJHFbXnqf5VC23jdue6DfjXcjXtFvYFdlknGD617J5CFVGni/Fs6qyczikVUp
XrFm+Kio5GcRaO2fD1x1KksNqJw24o7ql3ggyjV25CSK3EdTUtfL77jO1wR5n0BY
JbM/8D6J7wbEINPBTDXGt6Lb30qplLbeZTZ3wkRNyN5VxPXsFUXeeGBkhwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPACPEkY0f5ZsG/JfYD/w82pWSV9MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOEFJOFNSalJfbG13YjhsOWdQX0R6YWxaSlgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALmbtAwQA
VcwSAwQAVmkEAwQAWSSMAwQBWSXCAwQAWSgkAwQAvNUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCIxJj0H3kINOGVqpYqhqCs0DGGIs9TdGWwN5YDFdyNUwcXmL3kOrYYBCjV
m2IoKTTniDPCqwZK9GegB5bkNXlNngNCUILr2QMzxUv7ZJmZa50LxiYZlLI3PKOe
f0T7fIPiBgjcNXzjHdxwq1sRt0oAZZAyqSUBQXqNCmS/xpc1KjDXn1ONxzzA3oIW
ptBA1Zdwe9MW1LadQrVJk0r6AT+Fz0vvwbchWyG93HX+IFz4QMw93Fgn8C3okJyZ
uOZ1UoDJ2vX8+0seQqwasAq84zwwmaq6sBjdM7GJ6bh9cM0KLfqX4Ar71LWK5dWV
m2rXd202J7951DsCQ43bnVIfiRf0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org