Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/pW_TksrQpANxvXx7oPszFo3GAKk.roa
File: pW_TksrQpANxvXx7oPszFo3GAKk.roa (raw, json)
Hash identifier: 7R9IHAZ1CaKlBmOfAj4f/qmd5C2476PBooUPxyq9poU=
Subject key identifier: A5:6F:D3:92:CA:D0:A4:03:71:BD:7C:7B:A0:FB:33:16:8D:C6:00:A9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188C3A7A629717CE131CCE61A9CF10B4852
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/pW_TksrQpANxvXx7oPszFo3GAKk.roa
Signing time: Fri 16 Jun 2023 10:02:04 +0000
ROA not before: Fri 16 Jun 2023 10:02:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Jun 2023 13:58:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:a7:a6:29:71:7c:e1:31:cc:e6:1a:9c:f1:0b:48:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 16 10:02:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a56fd392cad0a40371bd7c7ba0fb33168dc600a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5c:17:0e:6b:a4:af:9a:f4:8a:72:c9:7d:0f:
94:6e:8b:2b:ee:6b:a7:2d:68:c9:d0:2d:41:27:96:
8b:ac:ef:55:c9:8d:25:85:27:41:c4:c0:eb:45:32:
99:ad:83:b1:65:04:a0:84:67:19:9b:9e:81:dc:20:
8e:5e:cb:d2:a7:c6:c3:fc:16:0a:37:1e:ac:03:7e:
3f:24:32:58:60:2f:a1:3c:65:cd:92:96:7d:d4:50:
25:43:89:e4:ed:ea:d6:d9:ab:d3:1a:6e:30:12:78:
43:66:34:c1:b0:15:93:de:26:0c:21:ca:c6:a0:5f:
7a:96:f8:6e:e1:52:38:18:34:de:21:55:be:ab:0e:
90:0f:84:41:3a:4d:31:a4:59:e0:4f:e8:e2:1c:e9:
1b:91:9b:c1:21:a3:cc:2a:5b:9e:72:0f:9c:02:c1:
44:61:cf:6d:6a:a3:60:fe:88:9f:a5:77:53:a0:84:
a5:51:5f:4a:28:94:89:ab:8f:4a:5a:1f:30:e7:c8:
f8:39:40:23:7d:09:3c:f3:8f:f5:19:f6:2a:fd:16:
a0:d3:e8:97:ae:47:50:b3:5d:81:6d:8b:5f:60:3d:
9d:72:68:e7:e9:81:53:23:22:66:4d:00:b0:50:39:
85:7d:ba:be:08:8b:df:cd:75:91:d3:5b:67:97:eb:
88:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6F:D3:92:CA:D0:A4:03:71:BD:7C:7B:A0:FB:33:16:8D:C6:00:A9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/pW_TksrQpANxvXx7oPszFo3GAKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.51.0/24
89.35.130.0/23
89.40.70.0/24
89.45.35.0/24
92.114.32.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a8:0c:b7:cc:61:39:41:62:06:27:b1:5f:3c:ce:40:d2:9c:
56:75:61:b9:51:fc:a5:d6:16:b8:51:eb:b4:0b:4a:a1:cb:87:
ef:23:ad:f9:1e:26:96:be:08:b1:2c:47:9f:17:56:16:eb:2f:
2e:6d:57:83:45:f5:96:de:c0:13:97:73:f6:28:f5:04:b3:48:
e2:6a:19:91:15:29:92:ed:0e:21:0f:ba:70:5d:c2:18:bd:f6:
d8:48:60:f7:a0:c2:ba:03:53:c5:31:61:fe:8d:e1:ae:86:11:
9f:53:85:39:f2:f2:57:c0:87:d5:22:75:67:48:89:37:09:2b:
3e:c2:4d:69:df:82:b4:d0:4e:97:c6:8c:58:f8:81:83:62:2b:
2f:7b:4f:cd:2c:9b:f0:35:0f:3a:04:fb:d0:f5:bf:f0:17:4e:
5d:a8:5a:6c:b9:0b:52:b1:19:0d:32:f4:eb:7c:4d:52:b7:fc:
9b:ff:cc:15:0d:b1:2d:fd:2f:6b:d3:36:d4:45:e4:47:cd:25:
86:31:7e:14:75:ba:51:eb:7a:66:e7:2d:5e:5a:60:05:bc:10:
c0:2f:b3:54:d7:dc:d2:b4:9d:dc:ca:88:7e:fc:bb:de:1d:83:
3b:71:41:40:bb:33:28:c7:50:16:a0:da:f7:77:b0:73:d6:ff:
89:53:64:c5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYjDp6YpcXzhMczmGpzxC0hSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjE2MTAwMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZmZDM5MmNhZDBhNDAzNzFiZDdjN2JhMGZiMzMxNjhkYzYwMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFwXDmukr5r0inLJfQ+Ubosr7mun
LWjJ0C1BJ5aLrO9VyY0lhSdBxMDrRTKZrYOxZQSghGcZm56B3CCOXsvSp8bD/BYK
Nx6sA34/JDJYYC+hPGXNkpZ91FAlQ4nk7erW2avTGm4wEnhDZjTBsBWT3iYMIcrG
oF96lvhu4VI4GDTeIVW+qw6QD4RBOk0xpFngT+jiHOkbkZvBIaPMKluecg+cAsFE
Yc9taqNg/oifpXdToISlUV9KKJSJq49KWh8w58j4OUAjfQk884/1GfYq/Rag0+iX
rkdQs12BbYtfYD2dcmjn6YFTIyJmTQCwUDmFfbq+CIvfzXWR01tnl+uILQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKVv05LK0KQDcb18e6D7MxaNxgCpMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcFdfVGtzclFwQU54dlh4N29Qc3pGbzNHQUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQATVFYAwQA
VmszAwQBWSOCAwQAWShGAwQAWS0jAwQAXHIgAwQAXsarAwQAsN+8AwQAvNZrAwQA
vPGJMA0GCSqGSIb3DQEBCwUAA4IBAQCHqAy3zGE5QWIGJ7FfPM5A0pxWdWG5Ufyl
1ha4Ueu0C0qhy4fvI635HiaWvgixLEefF1YW6y8ubVeDRfWW3sATl3P2KPUEs0ji
ahmRFSmS7Q4hD7pwXcIYvfbYSGD3oMK6A1PFMWH+jeGuhhGfU4U58vJXwIfVInVn
SIk3CSs+wk1p34K00E6XxoxY+IGDYisve0/NLJvwNQ86BPvQ9b/wF05dqFpsuQtS
sRkNMvTrfE1St/yb/8wVDbEt/S9r0zbUReRHzSWGMX4UdbpR63pm5y1eWmAFvBDA
L7NU19zStJ3cyoh+/LveHYM7cUFAuzMox1AWoNr3d7Bz1v+JU2TF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org