Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Hmyw1WWnxP09vwowuQxRplsNxQk.roa
File: Hmyw1WWnxP09vwowuQxRplsNxQk.roa (raw, json)
Hash identifier: s52et65g9tzsuDrJNmNgc5AWsU8JxpBer6+Rp2qHu84=
Subject key identifier: 1E:6C:B0:D5:65:A7:C4:FD:3D:BF:0A:30:B9:0C:51:A6:5B:0D:C5:09
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AA81F2DFF7E5E03F273FA6AFDBF3A7B63
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Hmyw1WWnxP09vwowuQxRplsNxQk.roa
Signing time: Mon 18 Sep 2023 11:48:50 +0000
ROA not before: Mon 18 Sep 2023 11:48:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
94.177.150.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 17:18:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:1f:2d:ff:7e:5e:03:f2:73:fa:6a:fd:bf:3a:7b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 18 11:48:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e6cb0d565a7c4fd3dbf0a30b90c51a65b0dc509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:92:60:ac:36:12:a2:92:51:1d:de:b8:6c:a0:
e6:57:e5:20:cc:fc:3f:05:d1:06:ae:ca:71:3a:c0:
34:54:a4:81:0f:75:5a:00:4a:62:cd:47:21:c2:d7:
4f:2f:51:95:ab:cd:de:81:9d:e7:24:20:22:e5:10:
ca:9c:b8:6c:50:48:88:34:e8:be:b8:0b:97:a4:cf:
3e:3c:72:49:f4:cc:69:fa:d6:b1:f9:8c:45:80:27:
7e:94:de:18:e0:c6:2c:30:93:27:2f:d2:64:95:90:
c7:69:63:ab:75:36:6a:41:d3:0a:46:ca:0c:c2:64:
a8:b3:26:7b:49:a5:59:cb:1a:f0:fb:41:bd:72:09:
e2:f0:d6:d7:a5:43:15:04:e2:ac:75:89:45:5d:75:
2c:62:69:5e:86:d8:db:53:fd:d4:39:73:50:40:5b:
a2:c7:08:95:68:27:01:ac:46:ef:2b:ab:f7:8c:06:
7c:75:55:69:ab:8e:12:45:4e:80:31:64:e9:b5:18:
18:0e:ce:6e:68:bf:a3:0e:2e:14:99:83:95:ee:be:
e2:aa:40:fe:66:2f:e9:3e:03:c4:93:2a:5e:fd:d2:
b6:00:61:b6:fd:8a:26:04:1c:a3:e9:b4:61:bf:82:
cc:26:d1:d7:7f:32:24:76:e0:f6:68:29:bd:8c:32:
52:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6C:B0:D5:65:A7:C4:FD:3D:BF:0A:30:B9:0C:51:A6:5B:0D:C5:09
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Hmyw1WWnxP09vwowuQxRplsNxQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0/24
86.107.51.0/24
86.107.168.0/24
89.34.106.0/24
89.34.219.0/24
89.35.119.0/24
89.35.130.0/23
94.177.150.0/24
188.214.107.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:c4:92:25:e1:84:3c:58:b0:55:b5:7d:b8:cf:91:a5:27:cd:
49:85:81:62:83:f1:0c:5b:68:fb:90:28:31:58:f7:bd:3e:a3:
2d:1e:17:e0:90:8e:4b:8d:c2:7f:c0:a7:cc:ea:ab:9f:50:3a:
f3:01:37:46:07:8b:fe:76:b8:61:69:f7:9d:27:86:cb:43:36:
01:aa:29:14:5f:c9:22:76:e3:15:aa:0e:68:a1:d5:45:1a:0a:
9c:03:30:05:5a:04:31:22:ff:15:66:4b:68:4c:8b:9a:c7:5c:
5d:a7:07:57:61:25:70:70:ae:70:73:bf:bb:68:90:02:21:f2:
69:1d:a6:f4:5b:5e:29:e1:cd:dd:70:06:39:e5:3b:76:31:d7:
d9:ee:3b:30:c5:eb:e9:ba:8e:ba:a7:61:ce:f9:4f:4d:08:e6:
94:79:77:b8:ea:dc:19:a0:d5:14:70:e3:1f:4b:d0:e5:f0:99:
52:2c:e9:f7:fd:f7:9e:b2:9a:63:f6:dd:05:58:15:d1:07:a9:
d0:2a:6d:c6:9a:a1:8d:2d:5d:cd:ad:51:af:93:47:a8:8d:a5:
41:31:d3:79:a9:66:b7:5a:6c:80:10:fc:af:e9:1b:7e:a6:ad:
5f:3a:26:c1:c8:8e:74:93:0a:13:f5:3f:11:f0:ed:2b:0e:c5:
da:dc:76:61
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYqoHy3/fl4D8nP6av2/OntjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTE4MTE0ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTZjYjBkNTY1YTdjNGZkM2RiZjBhMzBiOTBjNTFhNjViMGRjNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5JgrDYSopJRHd64bKDmV+UgzPw/
BdEGrspxOsA0VKSBD3VaAEpizUchwtdPL1GVq83egZ3nJCAi5RDKnLhsUEiINOi+
uAuXpM8+PHJJ9Mxp+tax+YxFgCd+lN4Y4MYsMJMnL9JklZDHaWOrdTZqQdMKRsoM
wmSosyZ7SaVZyxrw+0G9cgni8NbXpUMVBOKsdYlFXXUsYmlehtjbU/3UOXNQQFui
xwiVaCcBrEbvK6v3jAZ8dVVpq44SRU6AMWTptRgYDs5uaL+jDi4UmYOV7r7iqkD+
Zi/pPgPEkype/dK2AGG2/YomBByj6bRhv4LMJtHXfzIkduD2aCm9jDJS0QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFB5ssNVlp8T9Pb8KMLkMUaZbDcUJMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSG15dzFXV254UDA5dndvd3VReFJwbHNOeFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVgNAwQA
VmszAwQAVmuoAwQAWSJqAwQAWSLbAwQAWSN3AwQBWSOCAwQAXrGWAwQAvNZrAwQA
w1hZMA0GCSqGSIb3DQEBCwUAA4IBAQCLxJIl4YQ8WLBVtX24z5GlJ81JhYFig/EM
W2j7kCgxWPe9PqMtHhfgkI5LjcJ/wKfM6qufUDrzATdGB4v+drhhafedJ4bLQzYB
qikUX8kiduMVqg5oodVFGgqcAzAFWgQxIv8VZktoTIuax1xdpwdXYSVwcK5wc7+7
aJACIfJpHab0W14p4c3dcAY55Tt2MdfZ7jswxevpuo66p2HO+U9NCOaUeXe46twZ
oNUUcOMfS9Dl8JlSLOn3/feesppj9t0FWBXRB6nQKm3GmqGNLV3NrVGvk0eojaVB
MdN5qWa3WmyAEPyv6Rt+pq1fOibByI50kwoT9T8R8O0rDsXa3HZh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org