Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/uwOT45It9u7VHiHasiaSa0PFr7A.roa
File: uwOT45It9u7VHiHasiaSa0PFr7A.roa (raw, json)
Hash identifier: 9vPCdjm7qEt5KI87zjyPUOTPL1DlRGVKbF9sR/efHz0=
Subject key identifier: BB:03:93:E3:92:2D:F6:EE:D5:1E:21:DA:B2:26:92:6B:43:C5:AF:B0
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0186A71B78686CED1043CC8DEE4CC6C83B3C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/uwOT45It9u7VHiHasiaSa0PFr7A.roa
Signing time: Fri 03 Mar 2023 10:54:00 +0000
ROA not before: Fri 03 Mar 2023 10:54:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 89.37.192.0/24 maxlen: 24
86.107.168.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a7:1b:78:68:6c:ed:10:43:cc:8d:ee:4c:c6:c8:3b:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 3 10:54:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb0393e3922df6eed51e21dab226926b43c5afb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:03:a5:23:2e:2a:53:73:c6:bb:67:9f:16:14:
9f:de:bc:d6:bc:15:bf:29:43:b3:98:a3:93:d2:6e:
49:38:35:ff:27:f0:11:68:eb:58:f5:d7:af:05:04:
bc:22:57:39:b6:65:4d:57:7e:18:8c:81:05:99:ad:
c7:69:8a:91:1b:ec:9a:27:6b:32:f6:b8:32:84:c4:
43:43:2d:59:d4:a3:0d:c2:e8:f5:f6:ae:57:d2:5c:
0c:b5:0f:f1:51:b0:b8:5d:28:f7:bf:03:f2:14:b9:
8a:9a:f6:3d:56:de:9b:24:fc:06:9d:d6:79:ed:b9:
fd:a0:73:fd:9f:bf:d4:e6:0e:36:ab:a5:81:4e:33:
af:1a:ee:35:41:99:0c:24:2e:21:d6:85:53:84:c6:
39:c2:d0:f0:ea:b0:6e:02:d1:47:14:da:0f:9a:5d:
29:85:4a:7b:79:11:b6:ce:a3:23:c4:e5:b8:a5:eb:
9c:02:bb:79:ba:17:e1:d8:34:bc:c4:df:bd:03:a0:
46:6b:d2:6f:49:ef:f2:36:64:c2:15:7f:33:3a:2f:
ad:1e:65:e8:98:e4:05:4e:cc:b5:be:58:84:06:d4:
38:a0:bd:3d:9b:01:7e:5f:55:1c:5f:d2:6d:7e:24:
7b:11:c9:95:33:a8:d6:66:8f:74:ab:09:a5:ab:5c:
72:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:03:93:E3:92:2D:F6:EE:D5:1E:21:DA:B2:26:92:6B:43:C5:AF:B0
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/uwOT45It9u7VHiHasiaSa0PFr7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.168.0/24
89.37.192.0/24
93.115.203.0/24
176.126.174.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
78:9c:d5:b2:19:e2:87:62:70:97:da:3e:49:b4:5c:72:e5:47:
0a:93:31:53:58:2e:10:ec:69:50:ae:e5:5b:39:8c:7c:14:fc:
ff:c7:3d:34:a0:f2:29:d1:48:b5:12:0d:d3:c9:14:94:af:c2:
31:87:3c:1a:f0:b4:5a:93:1e:ce:1d:e8:0d:1d:b3:b4:75:a7:
d3:53:b9:bf:b6:5e:99:11:7f:89:52:7d:22:da:30:70:83:f5:
da:fe:6b:d4:31:8d:9b:d3:f8:26:6f:d6:62:46:9b:fe:16:ed:
f2:7f:27:ec:39:62:24:4c:05:e8:36:9c:82:bb:1c:60:fb:af:
a0:95:45:63:78:de:a1:8c:38:8c:61:c0:08:69:cf:58:fc:41:
56:a9:6d:ad:20:ed:47:85:6d:b5:55:4f:3b:44:dc:4c:15:8b:
91:69:67:0a:20:b3:3c:dd:a4:f3:c1:66:3e:fd:b0:ab:d0:7d:
10:ae:9d:06:05:13:68:4f:5c:3a:57:9b:85:86:70:66:66:7e:
41:e5:71:1c:1c:f0:3e:58:18:06:10:bc:20:fc:47:1e:bb:56:
20:94:c9:69:8f:a6:06:f4:27:cf:35:35:e6:87:fa:b6:79:bd:
8b:a0:a0:5a:10:e4:8b:d0:18:fd:50:1a:a2:4c:f9:18:a6:99:
98:cc:be:5d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYanG3hobO0QQ8yN7kzGyDs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMzAzMTA1NDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjAzOTNlMzkyMmRmNmVlZDUxZTIxZGFiMjI2OTI2YjQzYzVhZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQOlIy4qU3PGu2efFhSf3rzWvBW/
KUOzmKOT0m5JODX/J/ARaOtY9devBQS8Ilc5tmVNV34YjIEFma3HaYqRG+yaJ2sy
9rgyhMRDQy1Z1KMNwuj19q5X0lwMtQ/xUbC4XSj3vwPyFLmKmvY9Vt6bJPwGndZ5
7bn9oHP9n7/U5g42q6WBTjOvGu41QZkMJC4h1oVThMY5wtDw6rBuAtFHFNoPml0p
hUp7eRG2zqMjxOW4peucArt5uhfh2DS8xN+9A6BGa9JvSe/yNmTCFX8zOi+tHmXo
mOQFTsy1vliEBtQ4oL09mwF+X1UcX9JtfiR7EcmVM6jWZo90qwmlq1xyNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLsDk+OSLfbu1R4h2rImkmtDxa+wMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdXdPVDQ1SXQ5dTdWSGlIYXNpYVNhMFBGcjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmuoAwQA
WSXAAwQAXXPLAwQAsH6uAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQB4nNWyGeKH
YnCX2j5JtFxy5UcKkzFTWC4Q7GlQruVbOYx8FPz/xz00oPIp0Ui1Eg3TyRSUr8Ix
hzwa8LRakx7OHegNHbO0dafTU7m/tl6ZEX+JUn0i2jBwg/Xa/mvUMY2b0/gmb9Zi
Rpv+Fu3yfyfsOWIkTAXoNpyCuxxg+6+glUVjeN6hjDiMYcAIac9Y/EFWqW2tIO1H
hW21VU87RNxMFYuRaWcKILM83aTzwWY+/bCr0H0Qrp0GBRNoT1w6V5uFhnBmZn5B
5XEcHPA+WBgGELwg/Eceu1YglMlpj6YG9CfPNTXmh/q2eb2LoKBaEOSL0Bj9UBqi
TPkYppmYzL5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org