Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iApb3fScxx0wvSQAKihfwqn-Z1Y.roa
File: iApb3fScxx0wvSQAKihfwqn-Z1Y.roa (raw, json)
Hash identifier: cuorwq7Had7oz6m3JJA4iYgqL5nUxMqdYYYaQdAD5Yw=
Subject key identifier: 88:0A:5B:DD:F4:9C:C7:1D:30:BD:24:00:2A:28:5F:C2:A9:FE:67:56
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DE99B0A3F3E9E23407EEFA2A6D753DF99
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iApb3fScxx0wvSQAKihfwqn-Z1Y.roa
Signing time: Tue 27 Feb 2024 08:07:48 +0000
ROA not before: Tue 27 Feb 2024 08:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 85.204.18.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.46.42.0/24 maxlen: 24
89.47.36.0/24 maxlen: 24
185.198.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 05:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:9b:0a:3f:3e:9e:23:40:7e:ef:a2:a6:d7:53:df:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 27 08:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=880a5bddf49cc71d30bd24002a285fc2a9fe6756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:88:97:4d:30:7e:9f:36:f5:a0:8f:9c:fc:18:
3a:07:46:0d:d3:01:55:cf:14:d0:40:f8:25:f9:3e:
90:4f:31:3d:10:c9:84:91:ea:b9:33:8d:be:4d:c3:
9e:1d:db:b8:97:49:eb:b2:57:33:b6:a4:4f:a8:3a:
17:e0:d1:7c:cd:d4:7b:57:f5:3c:32:d0:64:e3:15:
f8:c2:61:b2:f2:03:c7:53:eb:9a:ac:9c:4f:94:f5:
d5:df:4c:f3:ee:f7:b4:11:2e:ba:05:ff:81:5e:56:
37:55:d5:c6:4c:55:64:53:e7:ae:87:e2:f6:a9:dc:
d9:af:b4:5a:e6:35:d2:4f:64:b9:b2:b3:29:93:80:
f1:57:5b:12:4b:fd:7e:98:8d:ae:eb:26:e0:29:7f:
da:91:f5:c3:e1:fe:6a:37:89:58:a9:ef:aa:56:84:
42:38:bb:40:f7:24:26:65:6a:2c:3d:45:7b:01:37:
06:13:3e:8d:70:53:c7:a2:ad:0b:76:22:98:16:be:
a5:4f:c9:b9:6b:de:a3:3e:77:83:e1:9a:d2:e9:ce:
53:6d:7a:14:75:13:39:18:6b:b4:42:8f:00:55:b6:
f5:6f:1f:23:79:a1:9a:25:87:58:39:6a:5e:f1:2f:
fe:55:5f:53:b0:ca:fa:79:2c:e0:39:73:be:64:ca:
09:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0A:5B:DD:F4:9C:C7:1D:30:BD:24:00:2A:28:5F:C2:A9:FE:67:56
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/iApb3fScxx0wvSQAKihfwqn-Z1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.18.0/24
89.34.106.0/24
89.37.192.0/24
89.40.215.0/24
89.46.42.0/24
89.47.36.0/24
185.198.233.0/24
Signature Algorithm: sha256WithRSAEncryption
83:cd:09:7f:0f:e6:69:1f:aa:b0:bb:d2:1f:ae:93:66:9b:3c:
49:48:4c:1e:80:65:b9:ba:08:db:e0:79:f1:a4:43:d8:3c:e1:
89:0f:c6:10:b5:8a:99:43:21:02:fb:dd:82:cd:c6:c0:c0:0e:
4a:da:37:8d:4f:a5:bd:69:4a:3b:95:21:2b:4f:86:34:dd:f1:
75:0d:c5:78:f5:e9:a8:34:dc:e7:ef:87:72:e6:d6:c9:fd:bf:
9b:0d:30:09:78:57:3e:d8:e0:7c:c8:7b:81:c3:44:70:0f:57:
4e:92:00:71:ec:84:84:0e:13:cc:26:26:76:58:8a:c1:6d:de:
0b:0a:96:52:42:46:bd:95:80:d3:c9:0c:7c:a3:04:5d:99:14:
9a:09:15:84:53:57:9b:8c:3d:71:b7:db:70:ff:15:36:a5:b5:
3e:5d:57:dc:06:92:84:3a:a2:a1:c7:d3:ed:77:15:9a:4d:e3:
5d:28:14:2f:5e:76:ca:25:1c:df:1b:82:2f:32:2c:d9:f7:7a:
0f:86:d7:a6:4f:b1:0a:64:67:df:54:06:59:0f:fc:d6:7f:c1:
6b:06:49:d2:5a:84:81:ca:82:80:62:60:75:9d:ad:b2:5a:e9:
9e:0e:c4:21:74:c4:14:4b:60:2d:d6:c4:30:5d:bb:eb:49:9b:
b3:24:78:18
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3pmwo/Pp4jQH7voqbXU9+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjI3MDgwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBhNWJkZGY0OWNjNzFkMzBiZDI0MDAyYTI4NWZjMmE5ZmU2NzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYiXTTB+nzb1oI+c/Bg6B0YN0wFV
zxTQQPgl+T6QTzE9EMmEkeq5M42+TcOeHdu4l0nrslcztqRPqDoX4NF8zdR7V/U8
MtBk4xX4wmGy8gPHU+uarJxPlPXV30zz7ve0ES66Bf+BXlY3VdXGTFVkU+euh+L2
qdzZr7Ra5jXST2S5srMpk4DxV1sSS/1+mI2u6ybgKX/akfXD4f5qN4lYqe+qVoRC
OLtA9yQmZWosPUV7ATcGEz6NcFPHoq0LdiKYFr6lT8m5a96jPneD4ZrS6c5TbXoU
dRM5GGu0Qo8AVbb1bx8jeaGaJYdYOWpe8S/+VV9TsMr6eSzgOXO+ZMoJhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIgKW930nMcdML0kACooX8Kp/mdWMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvaUFwYjNmU2N4eDB3dlNRQUtpaGZ3cW4tWjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVcwSAwQA
WSJqAwQAWSXAAwQAWSjXAwQAWS4qAwQAWS8kAwQAucbpMA0GCSqGSIb3DQEBCwUA
A4IBAQCDzQl/D+ZpH6qwu9IfrpNmmzxJSEwegGW5ugjb4HnxpEPYPOGJD8YQtYqZ
QyEC+92CzcbAwA5K2jeNT6W9aUo7lSErT4Y03fF1DcV49emoNNzn74dy5tbJ/b+b
DTAJeFc+2OB8yHuBw0RwD1dOkgBx7ISEDhPMJiZ2WIrBbd4LCpZSQka9lYDTyQx8
owRdmRSaCRWEU1ebjD1xt9tw/xU2pbU+XVfcBpKEOqKhx9PtdxWaTeNdKBQvXnbK
JRzfG4IvMizZ93oPhtemT7EKZGffVAZZD/zWf8FrBknSWoSByoKAYmB1na2yWume
DsQhdMQUS2At1sQwXbvrSZuzJHgY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org