Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hlO1_QsiuWCglYswNRmAAcrZvd8.roa
File: hlO1_QsiuWCglYswNRmAAcrZvd8.roa (raw, json)
Hash identifier: AyHGY6Xoo8wkVULQGD3rbrx7OwIfre6XVAvj2JgUf5o=
Subject key identifier: 86:53:B5:FD:0B:22:B9:60:A0:95:8B:30:35:19:80:01:CA:D9:BD:DF
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DDFBD19D5124DB6C0FE072EAC3470C417
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hlO1_QsiuWCglYswNRmAAcrZvd8.roa
Signing time: Sun 25 Feb 2024 10:08:48 +0000
ROA not before: Sun 25 Feb 2024 10:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 77.81.182.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
91.132.49.0/24 maxlen: 24
91.132.50.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
128.0.41.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.215.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 05:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:df:bd:19:d5:12:4d:b6:c0:fe:07:2e:ac:34:70:c4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 25 10:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8653b5fd0b22b960a0958b3035198001cad9bddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9e:25:1e:0c:66:f9:05:50:f2:ad:49:fe:02:
85:bd:b6:95:b7:c4:c5:32:e7:12:fc:65:5a:3c:17:
6c:7b:c4:98:23:67:4c:5a:11:2d:97:36:b0:4c:6c:
ad:80:72:e8:6a:0f:d5:40:aa:89:a8:f2:11:0a:58:
e9:05:c4:8e:76:7e:bc:c7:b8:ae:91:69:47:bb:c2:
08:0b:98:c9:ae:15:9f:d6:18:cb:0f:bb:83:9e:a8:
7b:63:af:97:cd:2d:4f:75:6f:23:74:28:38:50:60:
76:f8:40:07:04:04:5b:9f:a4:6f:13:fc:0d:f8:b1:
dd:b7:41:0a:6c:ed:88:a3:d7:fd:9d:5f:ca:eb:75:
21:62:ed:b3:64:3c:eb:d3:7b:11:df:6f:56:5b:0e:
d8:d5:bd:bf:60:e7:2a:a1:a9:2f:25:11:69:10:03:
b7:f1:6c:3c:13:c4:57:e6:54:e6:29:b9:6d:9e:81:
76:a7:0c:12:07:65:bc:18:02:58:02:73:fa:98:d7:
4a:5c:42:ce:41:59:fb:72:87:02:b2:8f:0a:da:71:
77:a8:ff:d7:f2:67:38:d3:69:2d:65:b2:70:9d:1a:
7b:ed:f2:16:9e:5e:d8:c4:d9:d6:8c:b7:d1:72:86:
1a:61:bb:f4:38:56:34:1f:da:68:43:60:09:5c:f8:
dc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:53:B5:FD:0B:22:B9:60:A0:95:8B:30:35:19:80:01:CA:D9:BD:DF
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/hlO1_QsiuWCglYswNRmAAcrZvd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.182.0/24
89.34.106.0/24
89.35.129.0/24
91.132.49.0-91.132.50.255
93.114.183.0/24
128.0.41.0/24
185.212.119.0/24
188.215.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:49:e9:35:1c:6d:49:94:51:ff:90:83:38:07:e2:00:ff:da:
a0:0e:f5:2a:55:7f:0e:0f:5b:ac:46:68:1b:b3:df:30:36:a4:
8a:9e:57:12:f1:02:79:d0:fa:19:15:22:7c:24:09:8b:25:3f:
26:54:cd:53:0a:3f:66:ab:ef:49:16:5c:fd:78:95:cf:2e:de:
fa:8d:9c:dc:3b:ee:a8:02:5f:02:7e:8e:3e:bb:57:dc:d7:21:
cf:aa:fd:43:22:a0:47:49:1c:d4:5c:51:27:0a:52:86:c7:e0:
ef:cb:b5:a6:8d:e6:57:a7:41:68:83:39:fd:c2:c3:3c:bd:d4:
b1:f7:9a:0d:1a:b2:6a:b1:eb:d2:5b:20:80:ff:d3:5c:2f:e4:
86:a0:2f:19:f7:98:a1:a0:2f:24:d8:b5:9b:84:f1:06:96:6f:
b3:3b:52:b6:d3:95:db:ed:41:5e:30:c3:26:ca:fd:b0:0d:24:
d3:7c:30:e4:c2:13:27:41:9d:db:ab:4d:62:e5:82:be:c9:62:
f2:e5:21:a4:45:41:5a:3c:7c:45:71:38:5e:a7:b8:e4:b5:1c:
d4:cb:fa:e0:3e:38:7e:d2:1a:5b:14:1b:77:6f:50:ba:c3:11:
b4:a4:ce:c8:31:e6:89:8b:44:0b:89:c6:b3:11:02:38:ec:f2:
f0:7f:d9:da
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY3fvRnVEk22wP4HLqw0cMQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjI1MTAwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUzYjVmZDBiMjJiOTYwYTA5NThiMzAzNTE5ODAwMWNhZDliZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ4lHgxm+QVQ8q1J/gKFvbaVt8TF
MucS/GVaPBdse8SYI2dMWhEtlzawTGytgHLoag/VQKqJqPIRCljpBcSOdn68x7iu
kWlHu8IIC5jJrhWf1hjLD7uDnqh7Y6+XzS1PdW8jdCg4UGB2+EAHBARbn6RvE/wN
+LHdt0EKbO2Io9f9nV/K63UhYu2zZDzr03sR329WWw7Y1b2/YOcqoakvJRFpEAO3
8Ww8E8RX5lTmKbltnoF2pwwSB2W8GAJYAnP6mNdKXELOQVn7cocCso8K2nF3qP/X
8mc402ktZbJwnRp77fIWnl7YxNnWjLfRcoYaYbv0OFY0H9poQ2AJXPjcZwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIZTtf0LIrlgoJWLMDUZgAHK2b3fMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaGxPMV9Rc2l1V0NnbFlzd05SbUFBY3JadmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATVG2AwQA
WSJqAwQAWSOBMAwDBABbhDEDBABbhDIDBABdcrcDBACAACkDBAC51HcDBAC81x8w
DQYJKoZIhvcNAQELBQADggEBAB1J6TUcbUmUUf+QgzgH4gD/2qAO9SpVfw4PW6xG
aBuz3zA2pIqeVxLxAnnQ+hkVInwkCYslPyZUzVMKP2ar70kWXP14lc8u3vqNnNw7
7qgCXwJ+jj67V9zXIc+q/UMioEdJHNRcUScKUobH4O/LtaaN5lenQWiDOf3Cwzy9
1LH3mg0asmqx69JbIID/01wv5IagLxn3mKGgLyTYtZuE8QaWb7M7UrbTldvtQV4w
wybK/bANJNN8MOTCEydBndurTWLlgr7JYvLlIaRFQVo8fEVxOF6nuOS1HNTL+uA+
OH7SGlsUG3dvULrDEbSkzsgx5omLRAuJxrMRAjjs8vB/2do=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org