Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQ2cLZzt3nwovM7K6FjcyO7OEJU.roa
File: rQ2cLZzt3nwovM7K6FjcyO7OEJU.roa (raw, json)
Hash identifier: eXfHgMW0tVKkViQg4fc9/QthcknFZW70hb7H855ob00=
Subject key identifier: AD:0D:9C:2D:9C:ED:DE:7C:28:BC:CE:CA:E8:58:DC:C8:EE:CE:10:95
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01864930EAED070AC2BE5EC1460FA5206EF4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQ2cLZzt3nwovM7K6FjcyO7OEJU.roa
Signing time: Mon 13 Feb 2023 05:13:08 +0000
ROA not before: Mon 13 Feb 2023 05:13:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.18.0/24 maxlen: 24
91.216.185.0/24 maxlen: 24
89.37.195.0/24 maxlen: 24
89.37.194.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Feb 2023 04:56:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:30:ea:ed:07:0a:c2:be:5e:c1:46:0f:a5:20:6e:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 13 05:13:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad0d9c2d9cedde7c28bccecae858dcc8eece1095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:09:b3:56:67:95:ce:d5:c8:62:0e:06:12:
2c:94:63:4c:c6:79:f7:e6:10:28:df:e7:89:6c:1b:
bd:a3:4a:36:e0:ca:c8:1b:7a:79:00:15:3b:d0:c8:
48:2f:66:81:9d:5b:e0:e8:f8:64:d1:4e:98:a4:99:
91:75:f7:8a:dc:3b:ee:8f:60:41:ba:a3:88:70:82:
00:8c:75:ab:cb:d6:46:55:58:e3:9c:94:04:24:e5:
89:af:e6:47:41:6f:8e:c0:e7:75:e6:f1:6d:b7:66:
5b:5d:1e:61:41:ff:34:02:2a:1c:10:9f:39:95:fa:
8b:69:ce:2e:ba:fe:ce:35:5c:70:06:85:15:57:13:
8b:93:48:a5:02:e8:7d:5c:1c:25:09:69:8d:43:f4:
73:cd:9f:58:cd:5c:94:d7:55:19:d1:d5:69:99:b1:
cd:58:a6:10:15:37:58:f1:84:a1:8c:83:f5:e0:90:
63:21:5a:8b:97:02:3c:a3:c3:14:ae:d3:dd:69:e7:
af:63:a5:72:16:83:93:36:28:ab:2d:1d:34:8d:05:
0d:ad:23:e0:67:42:bf:05:fb:43:e8:e0:25:a4:bd:
ab:e3:58:af:df:d6:7c:3a:45:49:8f:fa:83:6c:38:
01:67:07:82:92:0b:ae:47:d4:9f:03:61:13:12:41:
79:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0D:9C:2D:9C:ED:DE:7C:28:BC:CE:CA:E8:58:DC:C8:EE:CE:10:95
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/rQ2cLZzt3nwovM7K6FjcyO7OEJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.237.0/24
85.204.18.0/24
86.105.4.0/24
89.36.140.0/24
89.37.194.0/23
89.40.36.0/24
91.216.185.0/24
188.213.0.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a8:41:00:63:04:7f:2a:74:c7:5f:9d:6a:6d:92:99:18:30:
53:64:d5:8c:94:7b:e6:78:3d:d1:23:0f:3d:f3:05:09:a8:08:
3c:85:da:8d:4a:9a:99:dc:12:e0:4a:c1:be:7c:1a:34:72:be:
5e:d3:32:64:9f:7c:ed:02:4c:a9:96:33:0f:62:ec:c0:e9:d1:
ae:90:82:b6:31:8c:12:88:89:7b:23:40:9f:f0:04:27:c1:8b:
ae:87:be:9b:06:ea:76:e4:fb:54:cd:2e:23:9c:63:41:ed:1a:
a3:fc:8e:e4:41:9a:ed:b0:e1:ad:b6:7c:8c:b0:e1:39:50:94:
89:74:2e:a7:81:47:8e:5a:2a:80:d7:c1:dd:d7:8a:2e:5f:0a:
98:79:f7:50:ae:92:e8:e3:8b:4e:99:6c:b3:df:b0:51:73:e0:
7b:1d:39:eb:f1:99:52:86:ae:78:7f:e8:47:15:cd:94:c9:d4:
f4:d6:4c:88:3e:0a:3f:9f:6f:24:ef:9b:30:4f:31:24:77:97:
1f:80:5f:6d:7c:22:54:ed:5a:52:03:1b:77:7f:ce:a0:17:8d:
3e:a4:55:0d:3a:4b:95:ae:f9:50:97:3f:f4:4b:96:78:d5:94:
39:51:e8:ab:c8:62:05:78:98:a0:cd:6a:43:82:8c:59:fd:b5:
e5:cc:ae:2f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYZJMOrtBwrCvl7BRg+lIG70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMjEzMDUxMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBkOWMyZDljZWRkZTdjMjhiY2NlY2FlODU4ZGNjOGVlY2UxMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBMJs1Znlc7VyGIOBhIslGNMxnn3
5hAo3+eJbBu9o0o24MrIG3p5ABU70MhIL2aBnVvg6Phk0U6YpJmRdfeK3Dvuj2BB
uqOIcIIAjHWry9ZGVVjjnJQEJOWJr+ZHQW+OwOd15vFtt2ZbXR5hQf80AiocEJ85
lfqLac4uuv7ONVxwBoUVVxOLk0ilAuh9XBwlCWmNQ/RzzZ9YzVyU11UZ0dVpmbHN
WKYQFTdY8YShjIP14JBjIVqLlwI8o8MUrtPdaeevY6VyFoOTNiirLR00jQUNrSPg
Z0K/BftD6OAlpL2r41iv39Z8OkVJj/qDbDgBZweCkguuR9SfA2ETEkF5AQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK0NnC2c7d58KLzOyuhY3MjuzhCVMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvclEyY0xaenQzbndvdk03SzZGamN5TzdPRUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALmbtAwQA
VcwSAwQAVmkEAwQAWSSMAwQBWSXCAwQAWSgkAwQAW9i5AwQAvNUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBHqEEAYwR/KnTHX51qbZKZGDBTZNWMlHvmeD3RIw898wUJqAg8
hdqNSpqZ3BLgSsG+fBo0cr5e0zJkn3ztAkypljMPYuzA6dGukIK2MYwSiIl7I0Cf
8AQnwYuuh76bBup25PtUzS4jnGNB7Rqj/I7kQZrtsOGttnyMsOE5UJSJdC6ngUeO
WiqA18Hd14ouXwqYefdQrpLo44tOmWyz37BRc+B7HTnr8ZlShq54f+hHFc2UydT0
1kyIPgo/n28k75swTzEkd5cfgF9tfCJU7VpSAxt3f86gF40+pFUNOkuVrvlQlz/0
S5Z41ZQ5UeiryGIFeJigzWpDgoxZ/bXlzK4v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org