Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nbf5gfhisIweEhgxpQut7GgVzBM.roa
File: nbf5gfhisIweEhgxpQut7GgVzBM.roa (raw, json)
Hash identifier: HsT8iIJwdOpjMxECEY+5/XTpRh/0ELHDxs4rpxQEmeY=
Subject key identifier: 9D:B7:F9:81:F8:62:B0:8C:1E:12:18:31:A5:0B:AD:EC:68:15:CC:13
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187EB1E6F2594E93CBA75AFA35BCCB38877
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nbf5gfhisIweEhgxpQut7GgVzBM.roa
Signing time: Fri 05 May 2023 08:54:12 +0000
ROA not before: Fri 05 May 2023 08:54:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.50.0/24 maxlen: 24
86.107.51.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 May 2023 04:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:1e:6f:25:94:e9:3c:ba:75:af:a3:5b:cc:b3:88:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 5 08:54:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9db7f981f862b08c1e121831a50badec6815cc13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1a:20:fb:5a:f3:fb:08:d5:09:59:83:fd:36:
ae:d2:da:5a:ba:21:cd:25:1d:14:60:6a:d7:34:15:
10:a3:32:88:00:4d:34:9d:7b:5b:37:82:a5:d1:9d:
56:b3:a2:8f:18:a2:e0:17:29:8d:6b:2c:83:46:80:
4b:1d:de:b3:2d:e7:3a:41:09:45:69:86:9f:1c:72:
1c:a4:d5:0e:0d:3c:ed:cb:12:d2:a7:bf:4c:9a:e1:
aa:68:8b:56:ef:f0:7c:36:31:6a:70:40:3a:f6:9c:
c9:ef:0a:b9:2e:5f:b6:c0:4d:14:aa:b1:f2:7a:b9:
eb:58:d3:56:eb:88:34:bd:3e:73:69:7b:92:72:8a:
14:db:db:88:db:6d:8e:9e:b9:67:da:7a:2a:b9:ee:
81:f3:4c:ff:6f:3a:10:bb:73:61:44:d8:11:5b:74:
29:28:8e:53:86:9a:53:36:b2:1f:c0:92:bc:86:c2:
52:f5:8e:09:3b:d4:25:4f:e6:21:81:20:7e:4f:84:
02:98:89:5c:06:67:8e:e6:11:4e:9c:1f:e5:aa:92:
a8:a7:83:d4:73:68:32:16:0b:93:9d:d7:03:a1:17:
9f:c0:02:37:cd:42:30:4d:d8:9a:86:6b:74:a3:b0:
41:51:86:96:1b:2b:c6:b9:36:d8:12:d3:e1:39:fe:
51:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B7:F9:81:F8:62:B0:8C:1E:12:18:31:A5:0B:AD:EC:68:15:CC:13
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/nbf5gfhisIweEhgxpQut7GgVzBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
77.81.88.0/24
86.107.50.0/23
89.35.130.0/23
89.45.35.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
48:8c:70:70:fa:de:b5:1c:0d:49:30:ac:00:50:a6:81:51:37:
8c:c1:24:14:69:1a:0c:24:31:79:a0:da:1d:dc:99:66:79:5a:
5c:89:91:33:e7:0b:a1:93:02:0a:e9:43:63:ac:0d:0d:3f:c7:
5a:21:e3:98:e2:49:e5:43:f7:cb:90:82:11:0e:93:bb:f7:61:
12:5e:08:62:a4:ed:2b:53:75:e8:27:8b:b9:5f:7e:e8:3d:b4:
3e:87:fd:86:a6:17:ab:a7:96:c4:9e:ce:c8:67:ac:87:6d:55:
60:fe:d4:6b:36:b4:e5:20:d8:96:35:9e:99:cc:22:3e:88:44:
f9:ef:f6:82:de:4f:8d:7a:36:b7:28:cc:32:ea:97:0c:d1:e2:
04:02:6d:50:a4:02:41:0d:f3:e2:15:9f:32:c5:77:32:09:92:
16:f7:21:23:ce:24:5c:53:fb:81:41:42:9b:7d:d7:17:3b:f5:
1d:2f:fc:ae:2e:bb:59:4d:28:2a:85:56:a1:63:16:40:5b:b6:
2d:0e:ad:3a:eb:01:e3:ac:67:eb:57:91:b6:e6:b5:e5:68:0d:
53:17:6a:81:d8:fc:c5:97:39:1b:31:d6:7f:6d:1a:80:1f:7a:
e9:f1:15:d4:8c:10:03:11:ee:d9:16:97:08:16:41:fd:aa:84:
fa:6d:f2:d4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYfrHm8llOk8unWvo1vMs4h3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTA1MDg1NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGI3Zjk4MWY4NjJiMDhjMWUxMjE4MzFhNTBiYWRlYzY4MTVjYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBog+1rz+wjVCVmD/Tau0tpauiHN
JR0UYGrXNBUQozKIAE00nXtbN4Kl0Z1Ws6KPGKLgFymNayyDRoBLHd6zLec6QQlF
aYafHHIcpNUODTztyxLSp79MmuGqaItW7/B8NjFqcEA69pzJ7wq5Ll+2wE0UqrHy
ernrWNNW64g0vT5zaXuScooU29uI222Onrln2noque6B80z/bzoQu3NhRNgRW3Qp
KI5ThppTNrIfwJK8hsJS9Y4JO9QlT+YhgSB+T4QCmIlcBmeO5hFOnB/lqpKop4PU
c2gyFguTndcDoRefwAI3zUIwTdiahmt0o7BBUYaWGyvGuTbYEtPhOf5RCwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJ23+YH4YrCMHhIYMaULrexoFcwTMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbmJmNWdmaGlzSXdlRWhneHBRdXQ3R2dWekJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAPsCYAwQA
TVFYAwQBVmsyAwQBWSOCAwQAWS0jAwQAXsarAwQAsN+8AwQAvNZrAwQBvPGIMA0G
CSqGSIb3DQEBCwUAA4IBAQBIjHBw+t61HA1JMKwAUKaBUTeMwSQUaRoMJDF5oNod
3JlmeVpciZEz5wuhkwIK6UNjrA0NP8daIeOY4knlQ/fLkIIRDpO792ESXghipO0r
U3XoJ4u5X37oPbQ+h/2Gpherp5bEns7IZ6yHbVVg/tRrNrTlINiWNZ6ZzCI+iET5
7/aC3k+Neja3KMwy6pcM0eIEAm1QpAJBDfPiFZ8yxXcyCZIW9yEjziRcU/uBQUKb
fdcXO/UdL/yuLrtZTSgqhVahYxZAW7YtDq066wHjrGfrV5G25rXlaA1TF2qB2PzF
lzkbMdZ/bRqAH3rp8RXUjBADEe7ZFpcIFkH9qoT6bfLU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org