Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kKg6nU0YhykkE_r_1uk3jXn4ea4.roa
File: kKg6nU0YhykkE_r_1uk3jXn4ea4.roa (raw, json)
Hash identifier: n7DzmV9h4RzpeWKE7tKsUOejJQVUrNSr4qaBkt9/Q7k=
Subject key identifier: 90:A8:3A:9D:4D:18:87:29:24:13:FA:FF:D6:E9:37:8D:79:F8:79:AE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018D0CED6550E8BDF2C006B8A088559A166D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kKg6nU0YhykkE_r_1uk3jXn4ea4.roa
Signing time: Mon 15 Jan 2024 11:41:41 +0000
ROA not before: Mon 15 Jan 2024 11:41:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 86.107.51.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.176.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 16:21:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:ed:65:50:e8:bd:f2:c0:06:b8:a0:88:55:9a:16:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 15 11:41:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a83a9d4d1887292413faffd6e9378d79f879ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:04:fe:5b:b1:cc:c8:0e:47:a5:f0:5c:c9:42:
6c:c0:af:f8:ef:f4:98:a6:5d:60:2b:61:76:ba:1a:
00:8e:2e:29:96:5f:7d:d0:d4:06:ee:75:e9:61:62:
18:33:77:c5:aa:5e:df:85:8c:32:63:43:3e:2e:d4:
75:14:25:a1:23:45:76:4f:a6:8b:97:07:0b:f1:b7:
20:0c:81:5a:59:29:f9:a0:0d:7e:af:27:91:8f:66:
c8:fe:ce:6c:c3:c8:04:c1:0e:9a:0d:c8:98:10:a6:
7b:89:09:a8:50:9d:22:ce:68:a2:79:b3:2b:37:c3:
38:b0:65:b2:2b:a2:67:e5:35:d2:59:6f:29:dc:0a:
58:1e:7c:a1:0a:97:cc:98:12:c2:c1:da:d1:bb:8f:
65:9a:f9:70:6a:a7:cf:10:88:a7:7b:a6:1f:b0:68:
8b:87:62:e2:9a:75:47:e0:07:3b:52:d0:a2:54:5f:
0f:cd:a1:3c:cd:59:6e:72:f1:08:d0:7a:7e:e0:f2:
0e:e4:2b:46:27:e7:ec:7f:ee:c2:08:78:3d:09:1d:
a5:a2:b7:90:d1:a4:fc:65:c9:e5:79:54:38:9e:12:
1b:08:18:12:43:ee:93:bb:e7:24:2b:17:14:1f:e2:
ef:15:7e:35:82:dd:8d:43:87:84:88:a2:c0:b3:c0:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A8:3A:9D:4D:18:87:29:24:13:FA:FF:D6:E9:37:8D:79:F8:79:AE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/kKg6nU0YhykkE_r_1uk3jXn4ea4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.51.0/24
94.176.215.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
15:91:7e:87:d4:64:58:c3:15:e2:73:1a:78:ea:ea:92:96:ad:
d4:b3:3b:7b:71:0c:8e:0b:11:e4:a6:45:7d:94:b3:e4:80:f6:
95:83:fa:0d:78:e6:55:33:f2:e3:af:5a:e3:87:3f:ec:79:7d:
c4:56:ea:a8:59:01:2e:0d:3d:34:05:a4:fa:9b:d7:4d:93:33:
5f:c9:c5:e5:a3:82:29:00:dd:ae:59:9a:23:51:45:36:cd:03:
94:d2:29:f4:f9:ad:89:62:5b:f2:33:5e:ee:00:68:a3:ef:72:
4d:f8:11:fe:3f:fd:c4:12:27:0f:a2:42:71:95:4d:7e:c2:ff:
7d:92:6a:0d:67:e6:ad:73:86:a0:73:4c:1d:82:15:3b:b4:c7:
66:3a:8d:95:ec:0a:93:a0:0a:43:f6:96:e5:ad:65:f5:be:e2:
79:0f:65:3c:a6:19:80:64:21:ed:88:87:02:7d:a8:58:75:14:
13:1e:56:6b:86:81:d9:f9:8d:d1:48:0a:f6:29:0f:e1:99:da:
d0:54:42:25:78:c6:8e:55:03:2c:b3:27:e0:4f:61:23:83:82:
cc:d0:b0:5f:c1:b6:ff:de:7e:52:10:6d:53:5d:a1:e1:41:80:
5a:7c:34:5d:1b:a8:4f:9c:c7:ec:ef:bf:62:8c:1c:5a:55:72:
54:0c:d9:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0M7WVQ6L3ywAa4oIhVmhZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTE1MTE0MTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE4M2E5ZDRkMTg4NzI5MjQxM2ZhZmZkNmU5Mzc4ZDc5Zjg3OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQT+W7HMyA5HpfBcyUJswK/47/SY
pl1gK2F2uhoAji4pll990NQG7nXpYWIYM3fFql7fhYwyY0M+LtR1FCWhI0V2T6aL
lwcL8bcgDIFaWSn5oA1+ryeRj2bI/s5sw8gEwQ6aDciYEKZ7iQmoUJ0izmiiebMr
N8M4sGWyK6Jn5TXSWW8p3ApYHnyhCpfMmBLCwdrRu49lmvlwaqfPEIine6YfsGiL
h2LimnVH4Ac7UtCiVF8PzaE8zVlucvEI0Hp+4PIO5CtGJ+fsf+7CCHg9CR2loreQ
0aT8ZcnleVQ4nhIbCBgSQ+6Tu+ckKxcUH+LvFX41gt2NQ4eEiKLAs8BugQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJCoOp1NGIcpJBP6/9bpN415+HmuMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEva0tnNm5VMFloeWtrRV9yXzF1azNqWG40ZWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVmszAwQA
XrDXAwQAvPGJMA0GCSqGSIb3DQEBCwUAA4IBAQAVkX6H1GRYwxXicxp46uqSlq3U
szt7cQyOCxHkpkV9lLPkgPaVg/oNeOZVM/Ljr1rjhz/seX3EVuqoWQEuDT00BaT6
m9dNkzNfycXlo4IpAN2uWZojUUU2zQOU0in0+a2JYlvyM17uAGij73JN+BH+P/3E
EicPokJxlU1+wv99kmoNZ+atc4agc0wdghU7tMdmOo2V7AqToApD9pblrWX1vuJ5
D2U8phmAZCHtiIcCfahYdRQTHlZrhoHZ+Y3RSAr2KQ/hmdrQVEIleMaOVQMssyfg
T2Ejg4LM0LBfwbb/3n5SEG1TXaHhQYBafDRdG6hPnMfs779ijBxaVXJUDNk5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org