Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8T4wiXZrdSy-_9Tkn3jDgQE5i_E.roa
File: 8T4wiXZrdSy-_9Tkn3jDgQE5i_E.roa (raw, json)
Hash identifier: tdYyPymf7vk7BIOJ4AcScdN3H1/vrvOq5QdIc5LCZFI=
Subject key identifier: F1:3E:30:89:76:6B:75:2C:BE:FF:D4:E4:9F:78:C3:81:01:39:8B:F1
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01882D6A312C51A2D5C452C2E27543F63C0A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8T4wiXZrdSy-_9Tkn3jDgQE5i_E.roa
Signing time: Thu 18 May 2023 05:51:54 +0000
ROA not before: Thu 18 May 2023 05:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.50.0/24 maxlen: 24
86.107.51.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 May 2023 09:58:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2d:6a:31:2c:51:a2:d5:c4:52:c2:e2:75:43:f6:3c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 18 05:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f13e3089766b752cbeffd4e49f78c38101398bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:02:4c:0b:d0:ab:3d:8f:71:48:ae:89:95:d5:
20:be:45:df:ef:aa:77:e4:d3:1a:cc:ed:62:ce:33:
07:28:22:7e:0e:ff:4e:cc:bf:66:eb:fe:94:e7:43:
f8:71:a2:c9:c5:75:8a:52:bf:89:62:22:24:e7:58:
b7:db:7f:7b:e1:ea:63:63:f0:37:de:6b:b0:8a:79:
61:1d:3a:b5:f7:80:34:94:ef:5b:a6:25:bf:d9:5a:
eb:de:0e:6f:74:70:ca:a1:ac:96:88:c9:1d:47:57:
b0:1a:82:90:5c:f7:fb:f3:a4:24:11:ca:70:00:4e:
1b:9f:f4:48:5e:b9:ff:83:a8:9f:56:34:67:63:4e:
fe:ac:53:c4:7d:dd:7a:07:24:ba:ca:72:6d:75:b2:
53:3a:5a:b7:3f:f3:be:b9:9f:9f:0c:44:d9:2d:82:
24:2c:ee:af:f3:8c:c4:1d:73:0e:a9:c2:0f:ae:02:
00:85:83:a8:09:09:9b:ed:82:7b:91:fe:59:ec:78:
de:7f:e9:ad:17:37:d7:85:31:8a:fb:a9:97:9d:0e:
5f:64:98:2f:08:83:7e:d7:33:db:a4:6f:43:14:29:
c9:eb:65:02:e7:bd:42:db:12:12:00:f5:e9:4f:45:
91:ee:17:06:8b:bd:3e:f9:c1:cc:3a:e3:7d:dd:99:
ae:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3E:30:89:76:6B:75:2C:BE:FF:D4:E4:9F:78:C3:81:01:39:8B:F1
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/8T4wiXZrdSy-_9Tkn3jDgQE5i_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.50.0/23
89.35.130.0/23
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
43:de:64:a4:29:90:e2:6b:82:40:37:8b:87:22:7c:ea:f6:0b:
22:8b:94:dc:ec:2c:8a:e0:c0:71:c0:d3:db:f0:d8:9b:b1:0b:
25:ee:7d:d0:33:8c:9b:6b:fe:e4:9e:de:0a:3e:60:14:64:de:
91:e1:d6:19:a6:cd:08:cd:0e:92:36:3b:bd:8e:ff:13:2c:ea:
c9:a2:f8:20:8f:25:57:4c:58:2b:25:f3:95:9d:96:4f:0d:69:
6e:4c:81:ba:93:a7:87:2b:f7:a0:d5:1e:f6:f9:94:ea:03:77:
bb:6d:f6:ce:51:0a:b0:92:75:fb:9f:94:ac:51:8d:6d:8d:78:
3e:d3:59:c3:f8:c0:2e:0d:f0:93:90:3e:db:a1:66:e6:e2:97:
53:84:68:47:4a:c8:77:a4:3a:9b:62:bb:bd:ec:7f:b3:41:49:
e9:2b:3c:fa:9d:46:ba:a8:29:17:4e:7f:dd:c0:96:ed:36:e3:
9a:e5:1d:72:64:97:52:95:c7:56:4c:ad:e6:6d:eb:4d:ed:da:
c5:eb:f2:88:63:36:28:6f:d9:17:65:64:99:41:63:53:a5:f7:
76:d1:4c:f1:12:c9:b4:92:4f:10:ff:8a:6e:38:56:0b:ae:3a:
2e:a1:9f:26:3e:55:0b:0a:ff:9a:6b:66:36:60:eb:10:8a:02:
46:00:27:49
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYgtajEsUaLVxFLC4nVD9jwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTE4MDU1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNlMzA4OTc2NmI3NTJjYmVmZmQ0ZTQ5Zjc4YzM4MTAxMzk4YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQJMC9CrPY9xSK6JldUgvkXf76p3
5NMazO1izjMHKCJ+Dv9OzL9m6/6U50P4caLJxXWKUr+JYiIk51i323974epjY/A3
3muwinlhHTq194A0lO9bpiW/2Vrr3g5vdHDKoayWiMkdR1ewGoKQXPf786QkEcpw
AE4bn/RIXrn/g6ifVjRnY07+rFPEfd16ByS6ynJtdbJTOlq3P/O+uZ+fDETZLYIk
LO6v84zEHXMOqcIPrgIAhYOoCQmb7YJ7kf5Z7Hjef+mtFzfXhTGK+6mXnQ5fZJgv
CIN+1zPbpG9DFCnJ62UC571C2xISAPXpT0WR7hcGi70++cHMOuN93Zmu+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPE+MIl2a3Usvv/U5J94w4EBOYvxMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvOFQ0d2lYWnJkU3ktXzlUa24zakRnUUU1aV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATVFYAwQB
VmsyAwQBWSOCAwQAXsarAwQAsN+8AwQAvNZrAwQBvPGIMA0GCSqGSIb3DQEBCwUA
A4IBAQBD3mSkKZDia4JAN4uHInzq9gsii5Tc7CyK4MBxwNPb8NibsQsl7n3QM4yb
a/7knt4KPmAUZN6R4dYZps0IzQ6SNju9jv8TLOrJovggjyVXTFgrJfOVnZZPDWlu
TIG6k6eHK/eg1R72+ZTqA3e7bfbOUQqwknX7n5SsUY1tjXg+01nD+MAuDfCTkD7b
oWbm4pdThGhHSsh3pDqbYru97H+zQUnpKzz6nUa6qCkXTn/dwJbtNuOa5R1yZJdS
lcdWTK3mbetN7drF6/KIYzYob9kXZWSZQWNTpfd20UzxEsm0kk8Q/4puOFYLrjou
oZ8mPlULCv+aa2Y2YOsQigJGACdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org