Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vgK4OpVFb54793SeXDx4BUHhG4E.roa
File: vgK4OpVFb54793SeXDx4BUHhG4E.roa (raw, json)
Hash identifier: KnntuyBLj5mAf0z8BuAEoAqShxIilmfZTaNpKJyvTv8=
Subject key identifier: BE:02:B8:3A:95:45:6F:9E:3B:F7:74:9E:5C:3C:78:05:41:E1:1B:81
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0186A2261248B88983CFE2AF0843B4CEF01E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vgK4OpVFb54793SeXDx4BUHhG4E.roa
Signing time: Thu 02 Mar 2023 11:47:29 +0000
ROA not before: Thu 02 Mar 2023 11:47:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 86.107.168.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
195.88.89.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Mar 2023 05:20:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:26:12:48:b8:89:83:cf:e2:af:08:43:b4:ce:f0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 2 11:47:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be02b83a95456f9e3bf7749e5c3c780541e11b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c2:fe:cf:2d:e2:27:5c:4c:b1:d3:a7:4b:41:
86:43:80:51:4a:03:93:ac:0f:02:48:f2:1c:34:b0:
91:dc:f5:ed:87:73:9d:25:b8:5b:a8:32:88:ef:58:
61:f3:42:95:d6:98:f6:12:59:ad:f7:3b:d5:96:93:
a3:18:2f:c0:d2:1d:c0:22:56:82:9d:33:41:53:13:
19:f1:e7:9d:32:fe:a1:d8:c2:70:24:52:24:e4:a6:
17:b1:71:0e:dd:f8:4a:db:45:8f:3c:7c:1b:5e:3c:
df:4e:34:cc:92:0a:9f:69:e8:c7:23:8a:89:56:34:
cb:b9:b4:c8:7a:16:a0:73:ca:25:78:1b:3e:3a:94:
70:a3:ef:27:3e:de:44:cc:8f:3d:17:23:30:fd:75:
9b:4d:b4:93:43:03:fb:f2:37:db:e4:ca:47:84:16:
fc:2f:90:60:20:4d:1f:97:40:bc:38:24:32:a9:86:
ee:f6:db:31:fb:97:2c:18:62:e4:10:0c:39:f1:eb:
e1:19:66:2d:c8:c8:18:95:30:50:5f:e5:52:19:f9:
dc:12:ac:c3:b2:4f:1c:04:ec:0a:38:55:fa:5a:72:
99:6a:5c:14:67:77:15:63:6d:1c:34:d1:a8:68:01:
f5:f6:f5:51:34:f8:e4:78:4e:04:43:68:b0:40:f3:
2f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:02:B8:3A:95:45:6F:9E:3B:F7:74:9E:5C:3C:78:05:41:E1:1B:81
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/vgK4OpVFb54793SeXDx4BUHhG4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.168.0/24
93.115.203.0/24
94.177.51.0/24
94.177.145.0/24
176.126.174.0/24
195.88.89.0/24
Signature Algorithm: sha256WithRSAEncryption
32:51:cb:9d:bb:7c:aa:08:90:2b:c9:8a:81:f9:f9:7f:0d:3c:
e1:54:f8:90:1e:a4:16:ec:bf:e2:31:98:fd:a6:f7:e5:20:bf:
3a:4f:cf:ea:10:2f:b8:b7:a9:75:c4:07:b7:8e:c2:10:78:8e:
4d:36:21:fd:81:64:ce:4b:2b:04:27:92:53:6c:82:a8:bb:35:
2f:8e:71:8d:a6:74:d9:15:80:56:d4:99:05:10:d2:cb:51:24:
a3:73:25:41:e5:18:8b:d9:75:c7:79:d2:17:58:46:d3:5a:34:
08:c8:6b:10:a1:b2:a2:4e:b4:97:ed:9a:15:35:fa:34:6b:4b:
9e:d2:be:6c:f0:ff:d3:50:93:d8:f1:05:99:5f:14:e1:d3:a6:
ed:0a:6e:04:41:f6:49:9b:34:73:bf:a1:31:ed:12:4d:63:07:
c7:3c:62:99:d1:8f:4a:c8:63:fe:86:fb:18:7e:af:45:e4:65:
b1:f1:76:1e:6a:48:73:0f:70:78:82:15:9e:3d:ea:e2:c3:c9:
96:af:4b:82:c7:e5:95:b4:89:5d:50:ee:fe:34:c8:0c:3a:91:
4f:24:b9:d8:15:83:dd:a2:a7:66:36:28:28:fc:bc:5b:7c:77:
ce:82:04:bb:3c:cd:3c:66:cd:c0:13:f8:5c:f6:8e:6f:62:3c:
7f:de:cd:27
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYaiJhJIuImDz+KvCEO0zvAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMzAyMTE0NzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTAyYjgzYTk1NDU2ZjllM2JmNzc0OWU1YzNjNzgwNTQxZTExYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ML+zy3iJ1xMsdOnS0GGQ4BRSgOT
rA8CSPIcNLCR3PXth3OdJbhbqDKI71hh80KV1pj2Elmt9zvVlpOjGC/A0h3AIlaC
nTNBUxMZ8eedMv6h2MJwJFIk5KYXsXEO3fhK20WPPHwbXjzfTjTMkgqfaejHI4qJ
VjTLubTIehagc8oleBs+OpRwo+8nPt5EzI89FyMw/XWbTbSTQwP78jfb5MpHhBb8
L5BgIE0fl0C8OCQyqYbu9tsx+5csGGLkEAw58evhGWYtyMgYlTBQX+VSGfncEqzD
sk8cBOwKOFX6WnKZalwUZ3cVY20cNNGoaAH19vVRNPjkeE4EQ2iwQPMvWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFL4CuDqVRW+eO/d0nlw8eAVB4RuBMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdmdLNE9wVkZiNTQ3OTNTZVhEeDRCVUhoRzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVmuoAwQA
XXPLAwQAXrEzAwQAXrGRAwQAsH6uAwQAw1hZMA0GCSqGSIb3DQEBCwUAA4IBAQAy
Ucudu3yqCJAryYqB+fl/DTzhVPiQHqQW7L/iMZj9pvflIL86T8/qEC+4t6l1xAe3
jsIQeI5NNiH9gWTOSysEJ5JTbIKouzUvjnGNpnTZFYBW1JkFENLLUSSjcyVB5RiL
2XXHedIXWEbTWjQIyGsQobKiTrSX7ZoVNfo0a0ue0r5s8P/TUJPY8QWZXxTh06bt
Cm4EQfZJmzRzv6Ex7RJNYwfHPGKZ0Y9KyGP+hvsYfq9F5GWx8XYeakhzD3B4ghWe
Periw8mWr0uCx+WVtIldUO7+NMgMOpFPJLnYFYPdoqdmNigo/LxbfHfOggS7PM08
Zs3AE/hc9o5vYjx/3s0n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:14 2024 by rpki-client on console-ams.rpki-client.org