Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGcShT8q6KVTclNXFYk3DNiT6gw.roa
File: AGcShT8q6KVTclNXFYk3DNiT6gw.roa (raw, json)
Hash identifier: hKdlbzcJZhPjVoom+1ClZ6/v3jT9FzcR5eGxKBncUVQ=
Subject key identifier: 00:67:12:85:3F:2A:E8:A5:53:72:53:57:15:89:37:0C:D8:93:EA:0C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018D1313FF35F9353B658447E5A8C5C6E435
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGcShT8q6KVTclNXFYk3DNiT6gw.roa
Signing time: Tue 16 Jan 2024 16:21:34 +0000
ROA not before: Tue 16 Jan 2024 16:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
94.176.215.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 13:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:13:ff:35:f9:35:3b:65:84:47:e5:a8:c5:c6:e4:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 16 16:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=006712853f2ae8a5537253571589370cd893ea0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:14:37:10:b8:54:e6:94:77:0c:ff:76:fe:e5:
98:76:78:80:2b:9b:bb:f0:4b:bb:d4:24:49:c9:b1:
e0:11:05:50:04:09:86:6a:f4:ba:12:d4:25:2d:fd:
dd:9c:63:4d:0a:03:58:ee:ca:bc:e6:14:f7:3e:05:
49:f3:ce:27:71:2c:37:0b:0d:2a:5c:ac:aa:38:c6:
55:56:c8:be:6c:55:34:9b:bd:29:1a:5d:8b:e3:4e:
65:f8:b0:2d:72:96:ad:ec:c9:a6:39:a0:5f:31:08:
b2:be:40:52:10:52:ef:b5:fd:a4:99:24:38:72:a0:
08:c8:bb:81:25:86:1e:81:24:e5:12:20:e3:06:55:
26:79:a9:21:f3:b2:85:0c:9d:c9:1b:b2:3f:0e:d2:
a2:96:4e:c2:c2:22:b5:bb:7f:51:77:76:80:55:ef:
98:7b:00:d1:d2:97:38:ae:8b:ac:f4:62:22:e0:dd:
c6:0a:e3:f6:7a:da:27:bd:a8:f3:94:53:85:1e:ae:
1a:a0:bf:e0:00:32:28:8a:3b:a2:8b:19:08:79:eb:
ce:a1:e3:bb:bf:b0:9e:73:e9:b5:e5:23:67:b3:b8:
eb:0c:0e:c9:a5:12:f8:48:89:23:73:ee:2a:fd:39:
e5:e9:fe:79:7c:96:0b:cb:8b:df:ed:de:ec:06:53:
76:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:12:85:3F:2A:E8:A5:53:72:53:57:15:89:37:0C:D8:93:EA:0C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AGcShT8q6KVTclNXFYk3DNiT6gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.51.0/24
89.34.219.0/24
94.176.215.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:01:18:6d:ea:a4:6d:4a:cb:7c:30:40:2c:47:6b:44:67:ed:
83:3b:09:e1:2b:61:ef:04:d4:66:5b:b4:e8:d3:64:16:0d:d1:
c7:3a:10:17:73:bb:89:77:3b:11:44:28:32:16:d6:3a:5b:26:
28:f3:70:17:8c:d9:02:12:a5:3e:e3:9e:ed:cd:6f:93:8b:08:
a7:fa:aa:f7:57:13:34:7d:6b:b4:7b:3a:5a:a9:e1:5b:f1:c9:
52:4f:ef:37:2d:76:6b:a6:20:90:4d:4f:44:d6:61:65:3a:15:
95:ad:d2:57:7f:81:4a:f2:0b:25:e5:be:e3:d8:12:1e:59:29:
63:d0:52:26:09:0d:c1:07:71:3b:c4:82:3c:b6:99:1a:97:7f:
70:e6:99:d5:7e:a9:df:09:bc:69:22:a1:8e:42:13:84:2a:0f:
a7:0e:59:b7:b1:44:e0:eb:c2:37:59:d3:49:d7:e3:a7:a5:7b:
27:5d:63:42:d0:78:e2:dc:6a:74:bf:6f:5d:dc:24:5f:7a:ef:
ff:be:22:67:8b:1e:ad:f9:5a:ab:8e:7a:18:d3:88:9f:b7:03:
6e:b5:b0:46:2f:d6:be:fc:a4:39:82:74:89:43:26:59:63:d5:
bc:99:49:9e:5b:ed:29:4a:33:19:56:0f:4b:00:0a:89:5a:6f:
51:50:cb:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0TE/81+TU7ZYRH5ajFxuQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTE2MTYyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY3MTI4NTNmMmFlOGE1NTM3MjUzNTcxNTg5MzcwY2Q4OTNlYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBQ3ELhU5pR3DP92/uWYdniAK5u7
8Eu71CRJybHgEQVQBAmGavS6EtQlLf3dnGNNCgNY7sq85hT3PgVJ884ncSw3Cw0q
XKyqOMZVVsi+bFU0m70pGl2L405l+LAtcpat7MmmOaBfMQiyvkBSEFLvtf2kmSQ4
cqAIyLuBJYYegSTlEiDjBlUmeakh87KFDJ3JG7I/DtKilk7CwiK1u39Rd3aAVe+Y
ewDR0pc4rous9GIi4N3GCuP2etonvajzlFOFHq4aoL/gADIoijuiixkIeevOoeO7
v7Cec+m15SNns7jrDA7JpRL4SIkjc+4q/Tnl6f55fJYLy4vf7d7sBlN2bwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFABnEoU/KuilU3JTVxWJNwzYk+oMMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQUdjU2hUOHE2S1ZUY2xOWEZZazNETmlUNmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVmszAwQA
WSLbAwQAXrDXAwQAvPGJMA0GCSqGSIb3DQEBCwUAA4IBAQB6ARht6qRtSst8MEAs
R2tEZ+2DOwnhK2HvBNRmW7To02QWDdHHOhAXc7uJdzsRRCgyFtY6WyYo83AXjNkC
EqU+457tzW+Tiwin+qr3VxM0fWu0ezpaqeFb8clST+83LXZrpiCQTU9E1mFlOhWV
rdJXf4FK8gsl5b7j2BIeWSlj0FImCQ3BB3E7xII8tpkal39w5pnVfqnfCbxpIqGO
QhOEKg+nDlm3sUTg68I3WdNJ1+OnpXsnXWNC0Hji3Gp0v29d3CRfeu//viJnix6t
+VqrjnoY04iftwNutbBGL9a+/KQ5gnSJQyZZY9W8mUmeW+0pSjMZVg9LAAqJWm9R
UMv5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org