Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JkfzlZkXK6ttm08PxspLxNqty88.roa
File: JkfzlZkXK6ttm08PxspLxNqty88.roa (raw, json)
Hash identifier: rQY6NwrB9lY23BYkQ91KpqeO4frfzqhmPyH2KKW913M=
Subject key identifier: 26:47:F3:95:99:17:2B:AB:6D:9B:4F:0F:C6:CA:4B:C4:DA:AD:CB:CF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188819F79CEE2209BE0D782666A2292576A
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JkfzlZkXK6ttm08PxspLxNqty88.roa
Signing time: Sat 03 Jun 2023 14:18:12 +0000
ROA not before: Sat 03 Jun 2023 14:18:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 18:51:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:9f:79:ce:e2:20:9b:e0:d7:82:66:6a:22:92:57:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 3 14:18:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2647f39599172bab6d9b4f0fc6ca4bc4daadcbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c1:5f:35:82:31:ee:d2:77:a4:5e:30:03:6c:
ec:00:0c:13:bf:cb:da:7b:ed:89:1d:8e:d3:db:72:
38:fe:e5:b1:3e:f2:74:38:4e:8e:ad:4f:d9:3f:fb:
79:2d:23:fe:84:da:88:8f:0c:84:eb:02:f4:e7:ee:
12:90:6b:bb:c2:7e:1b:5b:a3:ba:d3:64:e9:26:cf:
9f:35:1b:16:1e:b5:a2:36:20:ca:f1:ea:e9:7b:47:
da:f8:1a:95:0d:c2:8e:06:bc:f3:cc:c1:07:4a:ba:
db:71:cd:b1:54:ed:97:31:d2:95:ce:8e:a0:b9:c7:
86:96:96:71:af:3a:f0:0a:00:1f:e7:4d:15:ef:4f:
a7:80:60:ce:0d:e4:23:dc:6d:3e:7b:51:22:76:e7:
a8:13:ea:37:dc:0f:95:2f:80:3a:64:f9:8d:ee:07:
d6:06:2c:85:68:d3:51:14:84:1d:23:48:da:46:b7:
dd:c8:c2:26:e9:1f:7b:23:36:a3:43:0a:a6:a4:1b:
31:43:ce:7f:3f:c5:6b:41:84:f3:f4:49:f0:e1:74:
b9:1b:46:e5:51:c8:7c:54:51:f4:9e:81:47:50:3c:
a5:e5:24:8a:8c:42:3b:58:04:85:8a:13:26:ba:73:
f7:c6:3e:aa:0c:6a:3f:fd:e3:8f:23:da:90:d6:dd:
4e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:47:F3:95:99:17:2B:AB:6D:9B:4F:0F:C6:CA:4B:C4:DA:AD:CB:CF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/JkfzlZkXK6ttm08PxspLxNqty88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.51.0/24
89.35.130.0/23
92.114.32.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
25:86:dc:d4:2e:97:ff:4b:7e:5e:7a:d0:57:0d:88:3a:49:db:
90:6b:b7:97:7f:d9:91:9f:60:73:1d:6c:12:74:a3:a8:aa:7d:
e0:b9:67:7d:64:52:a4:ad:1a:22:51:d1:07:a7:9f:8c:45:81:
69:6d:3f:ce:07:d1:8c:ad:38:39:09:e8:73:79:f6:1f:03:ca:
15:c1:ac:87:fd:1e:0f:43:58:cc:bd:67:91:04:ab:da:d6:45:
31:ed:2e:1e:15:92:dc:f0:49:3f:2d:83:e2:c0:37:8e:70:d2:
47:9d:7a:ba:bf:df:eb:a9:b6:e0:5d:4a:3a:0c:30:31:ee:b0:
a3:b9:8c:19:f0:7a:79:6a:9f:35:40:04:e8:f0:63:6a:12:d2:
26:0f:d7:63:a7:df:95:fc:fa:0f:68:3c:b1:44:05:34:03:44:
e5:85:b3:b4:6d:57:d2:5b:c5:e1:43:28:eb:84:7b:6a:6f:f9:
1b:68:ca:a1:88:d6:8b:0c:8d:89:6f:95:c5:b1:39:10:a7:d5:
d4:14:99:87:f0:63:6d:1b:e0:7e:08:a4:cd:65:50:97:fb:d8:
cc:42:69:57:c1:cc:33:a9:c3:f4:64:1c:c1:f1:ec:84:fb:df:
d6:6a:b3:f6:e5:06:dc:5b:c4:ac:e4:a3:06:8c:19:59:ef:9d:
c5:60:1e:99
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYiBn3nO4iCb4NeCZmoikldqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjAzMTQxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ3ZjM5NTk5MTcyYmFiNmQ5YjRmMGZjNmNhNGJjNGRhYWRjYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosFfNYIx7tJ3pF4wA2zsAAwTv8va
e+2JHY7T23I4/uWxPvJ0OE6OrU/ZP/t5LSP+hNqIjwyE6wL05+4SkGu7wn4bW6O6
02TpJs+fNRsWHrWiNiDK8erpe0fa+BqVDcKOBrzzzMEHSrrbcc2xVO2XMdKVzo6g
uceGlpZxrzrwCgAf500V70+ngGDODeQj3G0+e1EidueoE+o33A+VL4A6ZPmN7gfW
BiyFaNNRFIQdI0jaRrfdyMIm6R97IzajQwqmpBsxQ85/P8VrQYTz9Enw4XS5G0bl
Uch8VFH0noFHUDyl5SSKjEI7WASFihMmunP3xj6qDGo//eOPI9qQ1t1OlQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCZH85WZFyurbZtPD8bKS8TarcvPMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSmtmemxaa1hLNnR0bTA4UHhzcEx4TnF0eTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATVFYAwQA
VmszAwQBWSOCAwQAXHIgAwQAXsarAwQAsN+8AwQAvNZrAwQAvPGJMA0GCSqGSIb3
DQEBCwUAA4IBAQAlhtzULpf/S35eetBXDYg6SduQa7eXf9mRn2BzHWwSdKOoqn3g
uWd9ZFKkrRoiUdEHp5+MRYFpbT/OB9GMrTg5CehzefYfA8oVwayH/R4PQ1jMvWeR
BKva1kUx7S4eFZLc8Ek/LYPiwDeOcNJHnXq6v9/rqbbgXUo6DDAx7rCjuYwZ8Hp5
ap81QATo8GNqEtImD9djp9+V/PoPaDyxRAU0A0TlhbO0bVfSW8XhQyjrhHtqb/kb
aMqhiNaLDI2Jb5XFsTkQp9XUFJmH8GNtG+B+CKTNZVCX+9jMQmlXwcwzqcP0ZBzB
8eyE+9/WarP25QbcW8Ss5KMGjBlZ753FYB6Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org