Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/oqms1tI5CFP-DwpabJ2IRVPRQ7M.roa
File: oqms1tI5CFP-DwpabJ2IRVPRQ7M.roa (raw, json)
Hash identifier: iXfBWUSUDx92gXu0LXNXxCJ1Ic/fWp0zy8TJzURRKYk=
Subject key identifier: A2:A9:AC:D6:D2:39:08:53:FE:0F:0A:5A:6C:9D:88:45:53:D1:43:B3
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0186A6F999109E881909CF8AA6695692E425
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/oqms1tI5CFP-DwpabJ2IRVPRQ7M.roa
Signing time: Fri 03 Mar 2023 10:17:00 +0000
ROA not before: Fri 03 Mar 2023 10:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
93.114.244.0/24 maxlen: 24
185.112.249.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Mar 2023 10:45:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a6:f9:99:10:9e:88:19:09:cf:8a:a6:69:56:92:e4:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 3 10:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a9acd6d2390853fe0f0a5a6c9d884553d143b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:ab:20:27:ab:65:ac:ca:44:2e:86:83:e9:
a0:e1:66:49:74:0f:3e:53:7a:1f:8c:38:64:4c:6c:
82:a1:64:de:14:7f:78:f5:1b:3d:0d:54:ed:9e:c0:
49:f8:7d:cf:da:c1:50:d6:9c:2b:a0:cd:01:bf:f6:
fb:21:1c:29:8d:8b:de:e2:14:33:37:1d:c6:02:2a:
8c:92:a8:f9:65:ea:ba:70:63:f1:86:83:6e:a6:04:
50:61:29:e9:2a:65:39:f4:5c:78:71:4a:9e:47:74:
4a:13:fb:98:97:fe:d3:d1:42:44:4a:00:fa:cb:fd:
67:84:eb:68:83:8e:de:3a:04:42:61:16:ce:6a:93:
cd:13:1a:cf:1f:74:c0:20:11:54:41:7f:d5:3c:90:
e2:f2:5c:7c:d0:17:b2:96:d3:b8:11:ff:39:05:61:
77:b4:9d:88:c6:da:0e:b4:71:c0:f0:51:18:d6:b7:
37:ee:c1:f0:d1:9e:3b:b6:74:50:a6:51:54:74:89:
67:d4:36:b8:68:11:90:c5:a5:32:18:33:33:30:18:
70:de:b3:b4:0d:a5:3c:c6:97:71:07:fe:43:41:87:
a3:a0:7e:1d:f4:72:53:3e:06:9d:36:de:ff:2b:74:
52:83:82:79:ea:0e:b8:67:a4:a5:78:b2:5c:f8:23:
53:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A9:AC:D6:D2:39:08:53:FE:0F:0A:5A:6C:9D:88:45:53:D1:43:B3
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/oqms1tI5CFP-DwpabJ2IRVPRQ7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.152.0/24
89.34.219.0/24
89.35.129.0/24
93.114.244.0/24
185.112.249.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
19:8a:21:ef:ad:d5:2a:8f:67:a3:75:e8:24:8d:27:6e:cc:cd:
7c:48:7c:d6:d1:43:c3:c0:ce:5e:43:e7:04:89:b1:58:97:ce:
4e:a1:1f:d5:b7:15:1c:00:55:64:a4:78:15:c0:ee:77:08:6e:
27:1d:d9:bc:3c:9b:71:e1:77:45:0d:cb:19:1f:7c:f1:31:97:
aa:5f:42:01:f4:b6:cd:ae:47:ed:70:2b:1a:39:4e:a0:da:f5:
85:8b:64:32:8d:0d:ef:8a:86:2d:49:9e:67:cb:47:6b:05:ba:
f4:ff:d8:c5:7c:f9:fc:34:ca:8e:dc:b1:1e:a4:4a:40:74:56:
ed:f3:53:9b:76:37:66:97:78:04:b1:df:ae:49:9d:f7:c1:f7:
6c:f3:2c:dc:fb:31:ae:63:36:26:5d:02:34:c8:dd:c5:37:81:
cf:b5:16:28:1b:54:3e:0b:20:1d:92:e0:46:44:92:9a:85:32:
18:25:84:1e:1f:76:87:2c:80:ab:93:6a:67:f7:06:60:51:c7:
a3:30:f9:0d:56:30:4d:b2:71:4d:56:27:0d:8d:4b:3c:1f:f3:
aa:61:59:43:a4:a0:6d:eb:a9:8e:5f:0c:9b:22:9c:b7:82:c8:
f4:c5:05:95:c1:5d:b4:7c:88:9c:b0:60:05:8f:ae:c7:f8:ec:
e4:41:44:57
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYam+ZkQnogZCc+KpmlWkuQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMzAzMTAxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE5YWNkNmQyMzkwODUzZmUwZjBhNWE2YzlkODg0NTUzZDE0M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPSrICerZazKRC6Gg+mg4WZJdA8+
U3ofjDhkTGyCoWTeFH949Rs9DVTtnsBJ+H3P2sFQ1pwroM0Bv/b7IRwpjYve4hQz
Nx3GAiqMkqj5Zeq6cGPxhoNupgRQYSnpKmU59Fx4cUqeR3RKE/uYl/7T0UJESgD6
y/1nhOtog47eOgRCYRbOapPNExrPH3TAIBFUQX/VPJDi8lx80BeyltO4Ef85BWF3
tJ2IxtoOtHHA8FEY1rc37sHw0Z47tnRQplFUdIln1Da4aBGQxaUyGDMzMBhw3rO0
DaU8xpdxB/5DQYejoH4d9HJTPgadNt7/K3RSg4J56g64Z6SleLJc+CNTMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKKprNbSOQhT/g8KWmydiEVT0UOzMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvb3FtczF0STVDRlAtRHdwYWJKMklSVlBSUTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPsCYAwQA
WSLbAwQAWSOBAwQAXXL0AwQAuXD5AwQBvPGIMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
iiHvrdUqj2ejdegkjSduzM18SHzW0UPDwM5eQ+cEibFYl85OoR/VtxUcAFVkpHgV
wO53CG4nHdm8PJtx4XdFDcsZH3zxMZeqX0IB9LbNrkftcCsaOU6g2vWFi2QyjQ3v
ioYtSZ5ny0drBbr0/9jFfPn8NMqO3LEepEpAdFbt81Obdjdml3gEsd+uSZ33wfds
8yzc+zGuYzYmXQI0yN3FN4HPtRYoG1Q+CyAdkuBGRJKahTIYJYQeH3aHLICrk2pn
9wZgUcejMPkNVjBNsnFNVicNjUs8H/OqYVlDpKBt66mOXwybIpy3gsj0xQWVwV20
fIicsGAFj67H+OzkQURX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org