Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qOVMfoTQ5f7xrfXJoeODB3Xg2pg.roa
File: qOVMfoTQ5f7xrfXJoeODB3Xg2pg.roa (raw, json)
Hash identifier: lrpbScl5zAexbuBvdV4egxE20PWPnBHyM5P1sY6tOcU=
Subject key identifier: A8:E5:4C:7E:84:D0:E5:FE:F1:AD:F5:C9:A1:E3:83:07:75:E0:DA:98
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018AC6840C5272E9A503B29C3C641E8D64EA
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qOVMfoTQ5f7xrfXJoeODB3Xg2pg.roa
Signing time: Sun 24 Sep 2023 09:27:37 +0000
ROA not before: Sun 24 Sep 2023 09:27:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Sep 2023 16:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:84:0c:52:72:e9:a5:03:b2:9c:3c:64:1e:8d:64:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 24 09:27:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e54c7e84d0e5fef1adf5c9a1e3830775e0da98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0c:a6:02:e5:17:bc:eb:20:61:6b:7a:b0:e8:
23:e1:ae:00:31:62:e0:d8:3d:8e:0c:c5:93:62:11:
09:bc:70:d1:00:48:83:0f:96:ae:c8:98:5d:c2:a9:
62:a1:e7:39:47:bb:77:f7:3a:8b:eb:82:1a:59:7e:
ff:ae:21:71:98:f0:f9:09:97:33:ff:88:b2:30:f6:
1a:55:5c:d7:68:ba:dc:b2:94:8c:5a:9e:61:57:23:
f7:43:e5:66:74:9f:ab:71:1a:ea:65:59:b4:0b:2b:
56:23:6b:46:96:cb:87:e3:c3:fe:57:6f:e0:5d:c5:
98:38:03:75:f4:80:8c:74:fc:04:91:41:92:3b:1e:
b7:b2:58:37:86:58:9a:9d:46:0d:d1:9f:39:0c:bf:
5b:e4:5c:c6:7f:a6:e3:16:43:fd:10:0a:8d:33:96:
45:d7:9c:62:7b:80:c7:db:80:8b:d5:a6:52:87:59:
c0:8a:6d:bc:53:f8:a3:10:f8:ec:cf:98:da:b0:8e:
9a:09:a6:76:61:df:32:90:8d:b5:0c:0b:33:7f:81:
6d:fc:6b:a4:b9:17:2f:a9:07:71:ff:1b:ae:2c:38:
26:71:14:19:b4:27:63:e5:65:e5:71:d5:66:18:3f:
a3:4b:0f:cc:a5:96:53:42:69:09:8e:f6:9b:72:53:
60:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E5:4C:7E:84:D0:E5:FE:F1:AD:F5:C9:A1:E3:83:07:75:E0:DA:98
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/qOVMfoTQ5f7xrfXJoeODB3Xg2pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.13.0/24
86.107.51.0/24
89.34.219.0/24
89.35.119.0/24
89.35.130.0/23
188.214.107.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
42:62:6e:32:7e:1b:fb:1b:e1:fe:f0:f1:58:e5:82:3b:17:75:
e5:90:a1:59:4d:96:a3:5c:63:7c:1c:ef:06:91:c0:9e:9b:e5:
e8:45:ee:95:50:d1:7f:0a:1d:bf:fb:b8:e7:40:df:a3:38:c3:
61:95:c2:60:12:00:4d:42:5c:33:46:3e:58:31:50:31:f3:b1:
da:66:a7:1b:f9:a5:6d:f4:b0:4d:a6:fc:b5:3a:c3:e4:f7:90:
f3:22:bd:0d:4a:ae:2b:34:9f:c3:7e:81:d6:14:7c:46:c0:69:
36:e3:0a:fa:95:2a:45:bb:8f:90:0e:04:18:d8:b3:8c:b3:50:
10:51:33:da:98:31:a9:f9:33:b7:62:10:f8:91:0d:3a:fd:fa:
f0:b0:86:9a:89:d8:51:02:c2:6a:4e:38:79:45:cf:bc:bf:68:
96:e9:ef:9c:58:d6:3e:78:fe:3b:92:12:27:35:e4:c8:3d:d3:
80:6a:49:96:5a:05:6f:8b:cd:4f:ee:db:a6:9a:ec:be:25:6e:
1d:c9:7a:bb:20:c2:e5:ee:b8:c0:e7:a2:a0:6d:73:11:04:a5:
85:c7:82:c9:d7:fc:7f:fa:7b:d8:b9:be:3f:85:29:24:8e:dd:
d9:c0:a2:00:1f:2e:a9:bf:b6:19:40:67:a4:45:99:c0:ea:5e:
57:39:0e:11
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrGhAxScumlA7KcPGQejWTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTI0MDkyNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU1NGM3ZTg0ZDBlNWZlZjFhZGY1YzlhMWUzODMwNzc1ZTBkYTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQymAuUXvOsgYWt6sOgj4a4AMWLg
2D2ODMWTYhEJvHDRAEiDD5auyJhdwqlioec5R7t39zqL64IaWX7/riFxmPD5CZcz
/4iyMPYaVVzXaLrcspSMWp5hVyP3Q+VmdJ+rcRrqZVm0CytWI2tGlsuH48P+V2/g
XcWYOAN19ICMdPwEkUGSOx63slg3hlianUYN0Z85DL9b5FzGf6bjFkP9EAqNM5ZF
15xie4DH24CL1aZSh1nAim28U/ijEPjsz5jasI6aCaZ2Yd8ykI21DAszf4Ft/Guk
uRcvqQdx/xuuLDgmcRQZtCdj5WXlcdVmGD+jSw/MpZZTQmkJjvabclNgaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKjlTH6E0OX+8a31yaHjgwd14NqYMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcU9WTWZvVFE1Zjd4cmZYSm9lT0RCM1hnMnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVgNAwQA
VmszAwQAWSLbAwQAWSN3AwQBWSOCAwQAvNZrAwQAw1hZMA0GCSqGSIb3DQEBCwUA
A4IBAQBCYm4yfhv7G+H+8PFY5YI7F3XlkKFZTZajXGN8HO8GkcCem+XoRe6VUNF/
Ch2/+7jnQN+jOMNhlcJgEgBNQlwzRj5YMVAx87HaZqcb+aVt9LBNpvy1OsPk95Dz
Ir0NSq4rNJ/DfoHWFHxGwGk24wr6lSpFu4+QDgQY2LOMs1AQUTPamDGp+TO3YhD4
kQ06/frwsIaaidhRAsJqTjh5Rc+8v2iW6e+cWNY+eP47khInNeTIPdOAakmWWgVv
i81P7tummuy+JW4dyXq7IMLl7rjA56KgbXMRBKWFx4LJ1/x/+nvYub4/hSkkjt3Z
wKIAHy6pv7YZQGekRZnA6l5XOQ4R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org