Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NmTG2QZE7YNVxxlP2xdcoVLSZXU.roa
File: NmTG2QZE7YNVxxlP2xdcoVLSZXU.roa (raw, json)
Hash identifier: FjXJ97JQxShUI9MB8/kYbIz4Ian4ws4dqucRpoD5B24=
Subject key identifier: 36:64:C6:D9:06:44:ED:83:55:C7:19:4F:DB:17:5C:A1:52:D2:65:75
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0189D91FAB71C5A871453FC681EA28DE2D72
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NmTG2QZE7YNVxxlP2xdcoVLSZXU.roa
Signing time: Wed 09 Aug 2023 07:07:58 +0000
ROA not before: Wed 09 Aug 2023 07:07:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 89.34.106.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
45.88.14.0/23 maxlen: 23
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Aug 2023 13:19:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d9:1f:ab:71:c5:a8:71:45:3f:c6:81:ea:28:de:2d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 9 07:07:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3664c6d90644ed8355c7194fdb175ca152d26575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7f:c6:6d:7e:93:83:b7:1b:4d:9f:77:c2:00:
a4:a1:34:52:a7:ce:fe:c3:d4:b3:97:a4:62:13:9a:
dd:44:8e:9f:31:c0:ac:81:f7:3d:86:79:fb:e9:59:
30:79:ae:36:ae:cc:78:83:54:48:25:9a:2d:f1:cf:
66:f3:17:23:84:28:88:88:f5:98:e4:5f:68:27:4f:
e1:71:41:a0:88:2a:b4:38:7e:4f:67:73:3d:97:5b:
05:82:1b:f1:f1:0a:19:38:b2:1f:af:12:4f:a1:f4:
eb:b2:29:9b:37:1b:73:de:fb:15:15:01:f8:4a:8a:
ef:78:49:df:ab:92:75:a8:54:1f:16:1c:b3:b6:62:
8f:d8:c3:bd:f1:43:84:98:a2:35:aa:b2:7a:2d:27:
76:0f:89:25:26:eb:25:6a:bf:28:da:65:9d:fc:d3:
b1:2d:c4:f0:d8:aa:2c:6e:65:97:55:98:55:9c:b0:
7a:b3:ce:52:51:a1:75:e4:db:c2:5e:bc:de:df:58:
a3:46:0f:87:0f:00:0e:fb:f8:27:ed:c8:ae:a3:b3:
69:91:4d:ca:bc:bd:91:d1:b8:ba:8f:67:5f:b7:7a:
7a:2f:06:84:da:68:63:99:b3:c6:62:40:c0:bd:09:
96:53:cf:8e:83:c1:a1:ec:9a:d2:29:ba:6a:b2:ad:
59:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:64:C6:D9:06:44:ED:83:55:C7:19:4F:DB:17:5C:A1:52:D2:65:75
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/NmTG2QZE7YNVxxlP2xdcoVLSZXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0-45.88.15.255
86.107.100.0/24
89.34.106.0/24
89.35.130.0/23
89.47.36.0/24
92.114.32.0/24
188.214.107.0/24
Signature Algorithm: sha256WithRSAEncryption
68:83:7f:a8:32:2e:f8:ee:b0:eb:53:54:ba:8e:fc:45:42:4f:
d5:f7:3a:ff:75:6f:1c:8f:5d:b5:6b:87:8f:a8:29:9c:5a:dd:
88:67:b0:24:d9:e7:a6:7c:44:c8:d0:95:70:40:a5:91:13:47:
6f:6a:40:a8:0b:9c:09:d4:48:bf:fe:80:8d:5c:56:61:28:88:
1e:39:da:ac:a3:a6:b3:69:58:a4:bd:5f:aa:ad:55:55:c9:fb:
3d:e3:d4:80:d8:52:af:02:97:fa:c6:ed:43:f9:5b:1d:71:54:
e5:03:8f:0b:f3:0c:9d:0b:42:46:97:e8:8e:04:2b:c9:44:03:
b3:50:84:08:29:7a:97:59:7a:57:7d:ef:25:9a:a5:dc:5c:ce:
ac:ef:94:10:71:6a:d4:9c:5f:91:1a:4c:45:93:a7:07:5b:60:
ee:99:4b:f7:82:d8:da:68:4b:c2:21:0e:73:97:d9:b2:cc:07:
84:bf:3c:b1:fe:21:bf:ce:89:0f:f5:54:de:88:fc:0d:de:48:
61:a5:1a:84:21:d7:60:07:a4:4c:f8:b4:16:df:44:c2:42:ca:
8b:2e:34:c7:c3:39:be:a6:ca:0b:b5:ef:05:72:eb:36:8b:41:
79:9c:a1:48:8d:13:fc:dc:45:7b:5f:8c:da:28:88:24:ee:4a:
d3:21:e3:55
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYnZH6txxahxRT/Ggeoo3i1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwODA5MDcwNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjY0YzZkOTA2NDRlZDgzNTVjNzE5NGZkYjE3NWNhMTUyZDI2NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3/GbX6Tg7cbTZ93wgCkoTRSp87+
w9Szl6RiE5rdRI6fMcCsgfc9hnn76Vkwea42rsx4g1RIJZot8c9m8xcjhCiIiPWY
5F9oJ0/hcUGgiCq0OH5PZ3M9l1sFghvx8QoZOLIfrxJPofTrsimbNxtz3vsVFQH4
SorveEnfq5J1qFQfFhyztmKP2MO98UOEmKI1qrJ6LSd2D4klJuslar8o2mWd/NOx
LcTw2KosbmWXVZhVnLB6s85SUaF15NvCXrze31ijRg+HDwAO+/gn7ciuo7NpkU3K
vL2R0bi6j2dft3p6LwaE2mhjmbPGYkDAvQmWU8+Og8Gh7JrSKbpqsq1Z8wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDZkxtkGRO2DVccZT9sXXKFS0mV1MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTm1URzJRWkU3WU5WeHhsUDJ4ZGNvVkxTWlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAAtWA0D
BAQtWAADBABWa2QDBABZImoDBAFZI4IDBABZLyQDBABcciADBAC81mswDQYJKoZI
hvcNAQELBQADggEBAGiDf6gyLvjusOtTVLqO/EVCT9X3Ov91bxyPXbVrh4+oKZxa
3YhnsCTZ56Z8RMjQlXBApZETR29qQKgLnAnUSL/+gI1cVmEoiB452qyjprNpWKS9
X6qtVVXJ+z3j1IDYUq8Cl/rG7UP5Wx1xVOUDjwvzDJ0LQkaX6I4EK8lEA7NQhAgp
epdZeld97yWapdxczqzvlBBxatScX5EaTEWTpwdbYO6ZS/eC2NpoS8IhDnOX2bLM
B4S/PLH+Ib/OiQ/1VN6I/A3eSGGlGoQh12AHpEz4tBbfRMJCyosuNMfDOb6mygu1
7wVy6zaLQXmcoUiNE/zcRXtfjNooiCTuStMh41U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org