Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5g7h22v01misk0umqptnziy67g.roa
File: i5g7h22v01misk0umqptnziy67g.roa (raw, json)
Hash identifier: Qu+tlbgj1v1F1OA4CBlI0pwkHksC2xsI5fLnIi3xmvs=
Subject key identifier: 8B:98:3B:87:6D:AF:D3:59:A2:B2:4D:2E:9A:AA:6D:9F:38:B2:EB:B8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188815BB90B90E632E1D976DB9BCEAE986F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5g7h22v01misk0umqptnziy67g.roa
Signing time: Sat 03 Jun 2023 13:04:11 +0000
ROA not before: Sat 03 Jun 2023 13:04:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Jun 2023 13:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:5b:b9:0b:90:e6:32:e1:d9:76:db:9b:ce:ae:98:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 3 13:04:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b983b876dafd359a2b24d2e9aaa6d9f38b2ebb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:8f:7e:76:7a:f8:89:53:e1:e2:59:4c:45:
ca:ac:56:10:77:b4:53:f7:74:9d:04:a3:ae:63:98:
34:2c:66:ba:af:bd:4e:38:f0:cc:bf:7e:9c:2f:19:
d3:d5:47:81:30:19:15:04:3c:03:9b:bf:5b:ba:53:
85:43:7a:ce:55:b6:af:9d:a7:2f:e0:5c:1e:cc:96:
e1:7f:a4:a9:f1:fe:54:41:7c:45:da:ab:17:f0:3d:
a2:02:5a:ba:14:78:92:ce:a5:fe:0c:ab:8d:7b:58:
a8:55:fd:c9:81:01:59:b8:e6:8d:71:17:ab:74:e7:
e6:dd:2e:b4:e1:8f:fc:b2:72:39:08:0d:e0:75:a1:
c0:c3:cf:9d:e9:46:43:05:8c:14:ae:67:94:59:dd:
95:ab:ad:07:14:d6:85:0b:52:04:75:37:bb:36:44:
18:97:06:23:a3:38:5b:c2:68:ef:10:5b:d2:4c:ec:
9e:e0:79:dd:20:e3:53:04:87:07:f8:0c:27:b3:a9:
90:43:9a:bc:1b:ce:76:c1:07:66:5a:ab:5b:5b:c8:
62:57:80:43:35:86:1f:12:c0:90:4a:0a:1d:e9:a6:
60:73:92:b4:49:7f:ae:d6:63:26:33:9d:53:08:64:
0d:12:46:16:f2:99:cb:b9:66:94:33:0c:26:9b:f3:
5e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:98:3B:87:6D:AF:D3:59:A2:B2:4D:2E:9A:AA:6D:9F:38:B2:EB:B8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/i5g7h22v01misk0umqptnziy67g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.51.0/24
89.35.129.0-89.35.131.255
92.114.32.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
48:ea:43:7d:ee:14:7c:1d:77:0a:93:35:20:df:ef:cc:56:71:
be:ba:2b:8c:51:11:ca:80:cd:be:65:e6:51:96:23:a8:b9:c9:
94:db:31:1a:51:7e:8b:7d:93:27:c5:9a:4e:8e:6b:5a:22:7a:
ed:fc:55:5b:67:5f:1b:e4:94:69:1b:80:7d:18:60:4e:81:86:
49:e3:c8:9a:c5:17:79:1c:97:85:3d:30:f5:0d:fc:b9:b2:16:
7a:21:da:40:36:13:ad:d2:d2:9b:d0:8c:ac:61:47:fa:b9:6f:
4e:2a:a5:18:76:f1:14:20:7e:52:4f:cc:b1:58:d1:e8:d1:f4:
b0:a6:6d:d6:1d:1e:12:77:08:f4:69:ae:2e:a7:b2:3a:66:72:
d8:a9:8d:d9:12:4d:1a:a4:e5:95:b2:2e:cd:3a:95:54:f2:8f:
0f:07:5e:f3:92:d4:f7:ca:7f:b0:f2:55:4b:56:fd:cb:dc:f4:
1f:5d:40:6d:38:e7:2b:4c:3a:4c:95:56:59:63:51:8a:60:eb:
ae:ac:b2:e6:5a:dd:52:0e:06:ab:4e:cf:2d:74:c5:ac:89:39:
d4:b3:ff:62:53:5e:a2:b9:3f:d4:c6:16:59:a5:7e:f3:0a:fd:
9f:cb:3b:7a:a1:47:cd:b2:67:2a:f3:e2:88:fd:3f:41:82:f6:
b6:c7:42:09
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYiBW7kLkOYy4dl225vOrphvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjAzMTMwNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk4M2I4NzZkYWZkMzU5YTJiMjRkMmU5YWFhNmQ5ZjM4YjJlYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5uPfnZ6+IlT4eJZTEXKrFYQd7RT
93SdBKOuY5g0LGa6r71OOPDMv36cLxnT1UeBMBkVBDwDm79bulOFQ3rOVbavnacv
4FwezJbhf6Sp8f5UQXxF2qsX8D2iAlq6FHiSzqX+DKuNe1ioVf3JgQFZuOaNcRer
dOfm3S604Y/8snI5CA3gdaHAw8+d6UZDBYwUrmeUWd2Vq60HFNaFC1IEdTe7NkQY
lwYjozhbwmjvEFvSTOye4HndIONTBIcH+Awns6mQQ5q8G852wQdmWqtbW8hiV4BD
NYYfEsCQSgod6aZgc5K0SX+u1mMmM51TCGQNEkYW8pnLuWaUMwwmm/NeqwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIuYO4dtr9NZorJNLpqqbZ84suu4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaTVnN2gyMnYwMW1pc2swdW1xcHRueml5NjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQATVFYAwQA
VmszMAwDBABZI4EDBAJZI4ADBABcciADBABexqsDBACw37wDBAC81msDBAG88Ygw
DQYJKoZIhvcNAQELBQADggEBAEjqQ33uFHwddwqTNSDf78xWcb66K4xREcqAzb5l
5lGWI6i5yZTbMRpRfot9kyfFmk6Oa1oieu38VVtnXxvklGkbgH0YYE6BhknjyJrF
F3kcl4U9MPUN/LmyFnoh2kA2E63S0pvQjKxhR/q5b04qpRh28RQgflJPzLFY0ejR
9LCmbdYdHhJ3CPRpri6nsjpmctipjdkSTRqk5ZWyLs06lVTyjw8HXvOS1PfKf7Dy
VUtW/cvc9B9dQG045ytMOkyVVlljUYpg666ssuZa3VIOBqtOzy10xayJOdSz/2JT
XqK5P9TGFlmlfvMK/Z/LO3qhR82yZyrz4oj9P0GC9rbHQgk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org