Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Aj8FhXYRaTOIH9faDsNz1mrVytk.roa
File: Aj8FhXYRaTOIH9faDsNz1mrVytk.roa (raw, json)
Hash identifier: gFQqIXPBu9Z5e88N2Xb+bggD6IRWTAOXt9XapreaPMs=
Subject key identifier: 02:3F:05:85:76:11:69:33:88:1F:D7:DA:0E:C3:73:D6:6A:D5:CA:D9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187C0ED7E36333D40B545E17BB249FB05AA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Aj8FhXYRaTOIH9faDsNz1mrVytk.roa
Signing time: Thu 27 Apr 2023 04:16:42 +0000
ROA not before: Thu 27 Apr 2023 04:16:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
77.81.100.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Apr 2023 09:36:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c0:ed:7e:36:33:3d:40:b5:45:e1:7b:b2:49:fb:05:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 27 04:16:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=023f058576116933881fd7da0ec373d66ad5cad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6a:66:77:44:27:b7:ae:4e:b1:8d:cb:ff:33:
63:0a:7f:20:ed:bb:3a:a6:94:0a:d1:20:b6:c9:74:
90:bf:a9:a4:16:41:f3:e0:94:c3:91:f0:0f:a8:df:
83:f6:e1:98:1b:6b:54:df:7f:08:cc:a0:4b:32:ca:
02:19:ae:2d:0c:5c:09:17:03:5d:eb:cc:7f:95:86:
84:a7:36:9b:86:c7:d6:5d:a7:af:77:d4:fa:0c:01:
4a:86:1f:f0:25:5a:63:0a:0b:f9:a3:80:f5:b6:31:
76:ef:80:5a:cd:a2:6e:52:d3:0f:4d:96:90:68:ba:
78:6a:02:c4:d2:15:10:a8:cf:56:47:0c:d0:2e:6f:
a8:c0:87:58:bc:fe:42:1e:2c:15:d4:1c:ec:e0:13:
6a:6b:5f:89:d6:8e:a1:4a:3e:cd:6f:19:3c:7f:61:
e7:77:01:93:03:2c:d8:36:fc:35:0c:fc:f4:27:c5:
83:e2:cb:9d:5c:09:cd:2e:d2:74:41:c0:64:e3:92:
7d:73:c8:90:49:bf:6d:6c:b1:ea:c3:37:8c:cf:02:
0e:40:51:1b:6e:fa:23:22:38:87:4e:96:77:e0:fc:
a7:54:2a:c2:04:d6:c0:4b:60:b4:6e:ba:2e:88:2d:
53:68:3b:f7:fb:5b:8e:25:6e:e5:64:fd:d8:36:96:
a3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3F:05:85:76:11:69:33:88:1F:D7:DA:0E:C3:73:D6:6A:D5:CA:D9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Aj8FhXYRaTOIH9faDsNz1mrVytk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
77.81.88.0/24
77.81.100.0/24
86.107.51.0/24
86.107.100.0/24
89.34.219.0/24
89.35.119.0/24
89.35.129.0-89.35.131.255
89.40.70.0/24
89.45.35.0/24
89.47.55.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:d0:fe:5e:66:24:7a:86:44:5b:d5:cc:a9:03:98:7a:5e:ec:
f7:b6:58:b3:d8:f0:56:80:9b:72:47:87:60:fb:13:3a:bd:4f:
51:0d:72:ec:9b:a7:5f:d1:a0:9a:a0:23:75:55:24:0e:bc:8c:
4e:9e:44:9d:10:58:34:6a:b3:09:74:94:15:ef:03:d3:0b:c9:
03:1a:ef:8f:0b:0c:20:2f:b6:43:47:4d:d6:ba:c7:f6:e7:6c:
b4:fb:a1:91:be:90:04:00:78:68:c4:65:d1:8f:f0:7f:40:34:
21:ae:f2:6a:15:09:19:1a:04:ab:41:21:d2:0c:71:74:ec:89:
36:68:12:b0:74:f3:99:2d:c7:1e:40:6b:2a:cc:26:99:5c:81:
ee:3e:2b:2c:7a:11:ef:26:22:70:83:a5:7e:f1:e4:90:f7:eb:
27:64:44:32:da:0d:45:fb:98:e7:88:ec:d9:67:8f:e6:16:36:
9b:eb:f9:03:73:87:ad:2e:93:d5:66:8d:51:1a:25:a9:eb:08:
68:4c:2b:e0:59:21:19:17:07:a3:4e:ab:ba:30:29:03:b3:41:
fa:03:7b:40:05:96:8d:16:82:4d:ad:25:a2:33:9e:4f:b2:5a:
f9:12:4b:db:26:1f:bf:0a:53:fe:60:a0:2c:d2:c4:34:c3:d6:
b0:49:01:7b
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAYfA7X42Mz1AtUXhe7JJ+wWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNDI3MDQxNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNmMDU4NTc2MTE2OTMzODgxZmQ3ZGEwZWMzNzNkNjZhZDVjYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGpmd0Qnt65OsY3L/zNjCn8g7bs6
ppQK0SC2yXSQv6mkFkHz4JTDkfAPqN+D9uGYG2tU338IzKBLMsoCGa4tDFwJFwNd
68x/lYaEpzabhsfWXaevd9T6DAFKhh/wJVpjCgv5o4D1tjF274BazaJuUtMPTZaQ
aLp4agLE0hUQqM9WRwzQLm+owIdYvP5CHiwV1Bzs4BNqa1+J1o6hSj7Nbxk8f2Hn
dwGTAyzYNvw1DPz0J8WD4sudXAnNLtJ0QcBk45J9c8iQSb9tbLHqwzeMzwIOQFEb
bvojIjiHTpZ34PynVCrCBNbAS2C0brouiC1TaDv3+1uOJW7lZP3YNpajOQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFAI/BYV2EWkziB/X2g7Dc9Zq1crZMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQWo4RmhYWVJhVE9JSDlmYURzTnoxbXJWeXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAPsCYAwQA
TVFYAwQATVFkAwQAVmszAwQAVmtkAwQAWSLbAwQAWSN3MAwDBABZI4EDBAJZI4AD
BABZKEYDBABZLSMDBABZLzcDBABexqsDBACw37wDBAC81msDBAG88YgwDQYJKoZI
hvcNAQELBQADggEBAGrQ/l5mJHqGRFvVzKkDmHpe7Pe2WLPY8FaAm3JHh2D7Ezq9
T1ENcuybp1/RoJqgI3VVJA68jE6eRJ0QWDRqswl0lBXvA9MLyQMa748LDCAvtkNH
Tda6x/bnbLT7oZG+kAQAeGjEZdGP8H9ANCGu8moVCRkaBKtBIdIMcXTsiTZoErB0
85ktxx5AayrMJplcge4+Kyx6Ee8mInCDpX7x5JD36ydkRDLaDUX7mOeI7Nlnj+YW
Npvr+QNzh60uk9VmjVEaJanrCGhMK+BZIRkXB6NOq7owKQOzQfoDe0AFlo0Wgk2t
JaIznk+yWvkSS9smH78KU/5goCzSxDTD1rBJAXs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org