Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_i3HvBQJEc1ks_ye_SV_HP8RPjo.roa
File: _i3HvBQJEc1ks_ye_SV_HP8RPjo.roa (raw, json)
Hash identifier: HRlu/GOvxSTMqq3yPLHK+Er7gC0fer6diAU9ESK5ZQ0=
Subject key identifier: FE:2D:C7:BC:14:09:11:CD:64:B3:FC:9E:FD:25:7F:1C:FF:11:3E:3A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AB7CD919BEAC7584293EDE34AB3162916
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_i3HvBQJEc1ks_ye_SV_HP8RPjo.roa
Signing time: Thu 21 Sep 2023 12:53:37 +0000
ROA not before: Thu 21 Sep 2023 12:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Sep 2023 09:27:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:cd:91:9b:ea:c7:58:42:93:ed:e3:4a:b3:16:29:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 21 12:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe2dc7bc140911cd64b3fc9efd257f1cff113e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:52:9e:15:e6:cd:f7:82:04:33:91:d1:8f:06:
d4:c0:84:83:af:91:3f:ce:db:05:79:83:4a:ec:b9:
2d:26:f5:78:c0:b6:57:f6:41:f8:c8:41:39:8a:de:
f7:c5:4c:0d:db:23:42:30:5d:ab:b5:f3:f2:fc:17:
22:01:74:23:97:92:b7:0b:5d:a0:7c:a9:3d:6b:52:
17:49:17:22:4a:c0:a6:a9:85:d3:7c:38:3f:9e:f6:
fc:4d:07:23:13:f4:c7:19:42:a4:71:8a:85:72:49:
02:3d:99:8c:52:c7:67:45:7a:59:32:6c:75:92:65:
84:b8:e0:72:02:08:44:7e:54:13:03:11:3f:8a:ff:
46:cd:62:df:4e:ea:8c:f7:98:ff:36:0d:1d:46:7e:
e4:3d:20:df:1f:1b:f4:d2:ea:8f:99:e1:4e:97:a8:
45:07:7c:01:9f:c8:51:8b:63:26:cc:69:94:b1:1e:
3f:7b:3e:01:9b:ea:47:af:7d:6e:15:99:64:ec:67:
d7:82:d5:5b:56:f2:32:3a:4d:0c:c2:c6:4f:88:84:
ec:69:d9:9f:c6:ff:fa:c8:47:b5:6d:98:9d:8f:b7:
c1:17:6a:dc:7d:c6:5e:57:20:75:78:d4:67:5b:69:
89:b7:45:5f:82:9b:30:f2:b3:b4:73:7b:41:12:d7:
08:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2D:C7:BC:14:09:11:CD:64:B3:FC:9E:FD:25:7F:1C:FF:11:3E:3A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/_i3HvBQJEc1ks_ye_SV_HP8RPjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0/24
86.107.51.0/24
86.107.168.0/24
89.34.219.0/24
89.35.119.0/24
89.35.130.0/23
188.214.107.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fd:80:94:b6:97:03:14:01:7c:9f:0e:20:61:8d:e4:6e:c9:
cc:3d:56:43:97:04:13:5d:d7:92:ec:19:6c:50:ac:6d:1f:35:
99:fb:ae:df:4f:6a:f3:fc:fa:4b:27:36:99:88:ff:33:bc:cd:
3e:ac:84:e1:dd:77:92:f3:ce:e1:80:1a:de:75:7a:4f:1d:c2:
5c:d2:7c:ba:54:47:a7:f3:80:2e:9f:db:a4:b7:f8:7b:79:4c:
e2:c9:ed:93:65:17:e6:68:df:a0:a1:37:59:2a:34:20:4d:74:
e3:50:01:e2:fb:6e:cc:b1:af:12:a1:ec:e3:76:74:4a:63:59:
8e:d4:60:4c:1f:30:83:37:17:4f:49:b4:e6:cd:36:a0:09:2e:
7e:27:5c:6f:13:bf:6b:3c:78:d3:6c:85:50:5e:03:a4:89:28:
ed:c8:0a:33:9a:94:15:91:d8:e2:5f:15:fc:01:cb:2e:7b:c3:
87:6b:56:2e:03:74:53:02:d8:e5:9e:ff:cc:f5:e9:97:0c:fd:
2a:41:e4:ff:79:49:7b:d5:22:b4:6c:cd:c2:db:e5:33:1c:c7:
ea:0e:71:62:0b:77:ef:8a:2d:aa:6d:8e:c0:df:7f:36:02:34:
59:47:04:90:e8:9c:5b:2e:32:a3:79:8c:52:6b:e8:29:6a:a6:
86:11:04:18
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYq3zZGb6sdYQpPt40qzFikWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTIxMTI1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTJkYzdiYzE0MDkxMWNkNjRiM2ZjOWVmZDI1N2YxY2ZmMTEzZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1KeFebN94IEM5HRjwbUwISDr5E/
ztsFeYNK7LktJvV4wLZX9kH4yEE5it73xUwN2yNCMF2rtfPy/BciAXQjl5K3C12g
fKk9a1IXSRciSsCmqYXTfDg/nvb8TQcjE/THGUKkcYqFckkCPZmMUsdnRXpZMmx1
kmWEuOByAghEflQTAxE/iv9GzWLfTuqM95j/Ng0dRn7kPSDfHxv00uqPmeFOl6hF
B3wBn8hRi2MmzGmUsR4/ez4Bm+pHr31uFZlk7GfXgtVbVvIyOk0MwsZPiITsadmf
xv/6yEe1bZidj7fBF2rcfcZeVyB1eNRnW2mJt0Vfgpsw8rO0c3tBEtcIvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFP4tx7wUCRHNZLP8nv0lfxz/ET46MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvX2kzSHZCUUpFYzFrc195ZV9TVl9IUDhSUGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALVgNAwQA
VmszAwQAVmuoAwQAWSLbAwQAWSN3AwQBWSOCAwQAvNZrAwQAw1hZMA0GCSqGSIb3
DQEBCwUAA4IBAQAK/YCUtpcDFAF8nw4gYY3kbsnMPVZDlwQTXdeS7BlsUKxtHzWZ
+67fT2rz/PpLJzaZiP8zvM0+rITh3XeS887hgBredXpPHcJc0ny6VEen84Aun9uk
t/h7eUziye2TZRfmaN+goTdZKjQgTXTjUAHi+27Msa8SoezjdnRKY1mO1GBMHzCD
NxdPSbTmzTagCS5+J1xvE79rPHjTbIVQXgOkiSjtyAozmpQVkdjiXxX8Acsue8OH
a1YuA3RTAtjlnv/M9emXDP0qQeT/eUl71SK0bM3C2+UzHMfqDnFiC3fvii2qbY7A
3382AjRZRwSQ6JxbLjKjeYxSa+gpaqaGEQQY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org