Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CGsE3I5nuUy1tFH1ZHL-9jmHe0E.roa
File: CGsE3I5nuUy1tFH1ZHL-9jmHe0E.roa (raw, json)
Hash identifier: QtLtOtEdu2m0vYZnee6P2GZzS/rcFvM7U1u2o70612s=
Subject key identifier: 08:6B:04:DC:8E:67:B9:4C:B5:B4:51:F5:64:72:FE:F6:39:87:7B:41
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018577FDD3D263C6C9BF7FE8F76EEFF61AF6
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CGsE3I5nuUy1tFH1ZHL-9jmHe0E.roa
Signing time: Tue 03 Jan 2023 14:16:41 +0000
ROA not before: Tue 03 Jan 2023 14:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2118
IP address blocks: 91.216.185.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
93.114.244.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jan 2023 17:38:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:fd:d3:d2:63:c6:c9:bf:7f:e8:f7:6e:ef:f6:1a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 3 14:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=086b04dc8e67b94cb5b451f56472fef639877b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:35:49:d6:2e:9d:c6:c8:ab:c8:ab:95:5c:38:
eb:f4:28:81:de:25:dd:28:0e:4e:4f:36:c4:55:10:
87:eb:e3:83:9d:c0:03:20:c3:23:b1:6f:4b:ab:4b:
b9:ea:36:f2:8a:7a:db:e6:03:91:d2:f0:40:91:75:
c8:90:07:f2:e0:a0:79:ea:68:44:55:12:41:c9:3c:
60:3c:14:a6:c7:d0:11:4b:e4:c3:9e:37:8b:a2:27:
7e:ba:9e:29:2e:bb:3b:53:4c:56:08:c0:0b:ae:40:
40:14:9b:a0:76:dc:42:4f:95:ff:f9:28:61:4f:f1:
f4:d3:51:c3:a2:72:2b:08:45:d9:1f:02:ba:49:ff:
26:5a:cc:6e:36:a7:b4:0a:d3:20:b7:02:ed:fb:16:
4c:84:3b:8b:c3:fc:46:c7:4b:98:b3:bc:3f:58:03:
9d:76:18:3e:29:93:0c:09:ef:8f:78:2b:75:64:47:
4c:ea:d7:d9:a4:83:5a:c4:fa:19:25:4a:13:80:a7:
1f:90:09:22:1a:f5:68:ed:da:56:ab:89:01:92:34:
e2:55:25:6d:d9:18:80:c5:2d:e7:6f:ac:4a:8c:b5:
7a:a9:90:b1:51:d3:90:96:8d:5a:e2:ad:ee:d2:2d:
ff:4a:a4:b5:f6:19:39:b9:b5:ad:84:dc:b9:0e:b1:
c3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6B:04:DC:8E:67:B9:4C:B5:B4:51:F5:64:72:FE:F6:39:87:7B:41
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/CGsE3I5nuUy1tFH1ZHL-9jmHe0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
86.107.168.0/24
91.216.185.0/24
93.114.244.0/24
Signature Algorithm: sha256WithRSAEncryption
74:b9:9e:96:98:c1:12:99:ce:78:1a:d3:ca:f2:8c:53:de:79:
ab:81:62:c0:6d:17:f9:d7:da:73:cf:a9:ec:6e:4a:b6:38:bf:
68:68:df:c7:ec:c8:b5:55:3d:2a:ff:7f:72:29:08:da:89:d4:
ea:ba:70:28:9e:35:84:45:a1:65:bc:34:14:00:fd:4c:1b:52:
f5:0f:54:fc:59:d9:52:db:25:5a:c8:15:e9:07:34:3c:c1:a9:
79:48:85:4c:9a:5e:7c:54:99:6e:87:d0:2e:3d:14:6b:78:87:
20:35:db:f7:ec:4a:13:a7:38:9e:5b:7b:b8:66:6f:5f:b7:93:
c9:45:f8:7d:4f:80:7b:3b:97:e1:f2:8f:6e:ca:e4:8a:6e:70:
d4:2c:31:be:5a:aa:3a:dc:88:f8:a3:de:81:9d:31:cb:3b:4c:
88:d0:1c:79:f6:9b:3c:65:e2:93:76:7c:03:a8:e0:4f:e2:44:
93:cf:e9:a1:1d:c1:38:6d:ad:7f:6b:07:fb:c6:65:f3:ed:b6:
41:6b:68:e3:05:92:02:89:31:85:0c:bf:e8:3a:94:dc:8a:94:
9a:00:f5:73:c4:7d:73:9b:3b:fc:15:ea:98:d9:5e:36:c0:58:
30:59:9f:54:37:bd:c1:78:47:0e:d8:1d:59:8a:2a:58:a7:75:
ce:81:0d:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYV3/dPSY8bJv3/o927v9hr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMTAzMTQxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZiMDRkYzhlNjdiOTRjYjViNDUxZjU2NDcyZmVmNjM5ODc3YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTVJ1i6dxsiryKuVXDjr9CiB3iXd
KA5OTzbEVRCH6+ODncADIMMjsW9Lq0u56jbyinrb5gOR0vBAkXXIkAfy4KB56mhE
VRJByTxgPBSmx9ARS+TDnjeLoid+up4pLrs7U0xWCMALrkBAFJugdtxCT5X/+Shh
T/H001HDonIrCEXZHwK6Sf8mWsxuNqe0CtMgtwLt+xZMhDuLw/xGx0uYs7w/WAOd
dhg+KZMMCe+PeCt1ZEdM6tfZpINaxPoZJUoTgKcfkAkiGvVo7dpWq4kBkjTiVSVt
2RiAxS3nb6xKjLV6qZCxUdOQlo1a4q3u0i3/SqS19hk5ubWthNy5DrHDIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAhrBNyOZ7lMtbRR9WRy/vY5h3tBMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQ0dzRTNJNW51VXkxdEZIMVpITC05am1IZTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPsCYAwQA
VmuoAwQAW9i5AwQAXXL0MA0GCSqGSIb3DQEBCwUAA4IBAQB0uZ6WmMESmc54GtPK
8oxT3nmrgWLAbRf519pzz6nsbkq2OL9oaN/H7Mi1VT0q/39yKQjaidTqunAonjWE
RaFlvDQUAP1MG1L1D1T8WdlS2yVayBXpBzQ8wal5SIVMml58VJluh9AuPRRreIcg
Ndv37EoTpzieW3u4Zm9ft5PJRfh9T4B7O5fh8o9uyuSKbnDULDG+Wqo63Ij4o96B
nTHLO0yI0Bx59ps8ZeKTdnwDqOBP4kSTz+mhHcE4ba1/awf7xmXz7bZBa2jjBZIC
iTGFDL/oOpTcipSaAPVzxH1zmzv8FeqY2V42wFgwWZ9UN73BeEcO2B1ZiipYp3XO
gQ2F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org