Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w5lVk_P6qrJs3JQsNp-FCKG0hNg.roa
File: w5lVk_P6qrJs3JQsNp-FCKG0hNg.roa (raw, json)
Hash identifier: 4jIU135RqjcG6aA9802d3cds7NAVtB6sfdM9OQmOhQs=
Subject key identifier: C3:99:55:93:F3:FA:AA:B2:6C:DC:94:2C:36:9F:85:08:A1:B4:84:D8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018D417B89AFA093971B53031E9EA2B97AD2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w5lVk_P6qrJs3JQsNp-FCKG0hNg.roa
Signing time: Thu 25 Jan 2024 16:37:11 +0000
ROA not before: Thu 25 Jan 2024 16:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.34.202.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.43.62.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 07:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:7b:89:af:a0:93:97:1b:53:03:1e:9e:a2:b9:7a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 25 16:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3995593f3faaab26cdc942c369f8508a1b484d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6d:5f:35:0c:3f:6c:7a:c7:16:5a:62:f3:f8:
e7:d1:21:51:0e:fa:a5:1c:8d:0c:ed:e8:19:e6:77:
9a:4a:31:d0:bf:77:49:12:bf:18:14:f6:4b:f7:ac:
cc:80:c0:b3:1c:62:f5:b1:34:20:7e:a2:8a:c6:c3:
bf:70:81:f5:c8:4b:7d:40:de:ad:6f:46:ae:9c:33:
44:af:2f:cd:ab:1d:ea:59:64:2a:30:ed:ff:e3:df:
38:8b:a5:f3:29:f5:31:e8:4d:c7:4a:b9:92:4c:b9:
6c:2e:91:c4:47:4d:6e:dc:62:6e:9c:40:b1:ca:e3:
72:c9:c8:4e:ad:a3:10:c5:0e:83:5d:42:60:7a:d5:
b9:53:5f:2c:32:91:b5:c9:a6:99:69:3e:f3:d9:c2:
7c:5b:c3:1d:58:18:6b:02:46:11:dd:23:3b:78:0b:
dd:25:d6:24:89:81:d3:7c:a4:70:80:76:c9:6a:c5:
1b:47:a5:6a:5b:7d:e5:2b:4a:04:4b:95:90:4a:ee:
20:a8:93:41:d9:b1:42:38:28:24:22:1c:06:bf:3c:
83:79:19:6c:25:93:3d:59:88:50:11:6b:1a:a2:28:
50:de:dd:88:1e:54:2f:22:13:77:51:f3:38:0b:78:
2a:27:43:4d:dd:0f:76:0d:44:24:20:8c:e5:09:73:
07:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:99:55:93:F3:FA:AA:B2:6C:DC:94:2C:36:9F:85:08:A1:B4:84:D8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/w5lVk_P6qrJs3JQsNp-FCKG0hNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.51.0/24
89.34.106.0/24
89.34.202.0/24
89.34.219.0/24
89.35.129.0/24
89.35.131.0/24
89.37.192.0/24
89.40.215.0/24
89.43.62.0/24
91.132.51.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:fd:f0:8b:ff:7d:d3:02:7b:44:08:45:90:7f:54:24:bb:14:
19:7e:44:b1:08:68:c3:83:57:2c:67:fc:af:98:fb:09:f4:59:
7e:de:1c:2b:72:93:b0:03:5a:aa:e2:da:16:b3:30:9a:51:ca:
c8:43:50:12:fc:ad:e7:8a:0d:c8:d7:5a:db:d9:5e:35:ca:a6:
a7:1e:78:9c:20:86:bb:77:13:fe:e3:88:df:ab:a2:5e:42:99:
21:be:ef:b7:a3:30:65:69:b7:dc:45:03:fb:68:47:e2:8e:0f:
d5:8a:9a:a1:5a:54:0b:10:48:81:59:60:1e:8c:87:81:96:d5:
41:4d:55:c1:42:d3:69:e6:c3:a9:c6:53:5f:c2:51:e1:63:28:
c3:d0:3c:32:51:94:d3:0a:f7:2d:4d:d8:b9:42:fc:97:89:77:
b8:b4:9c:06:99:bf:51:b5:77:72:03:3c:83:1f:9a:d5:e4:04:
cc:ae:71:06:17:5e:ed:43:cd:fa:2d:b8:66:70:88:d0:57:24:
ad:70:00:aa:f6:18:3e:14:3a:e0:cc:2a:64:2c:82:40:b8:17:
1d:d6:d6:9e:d1:46:1b:54:5c:8a:7f:16:af:05:62:32:3f:12:
ee:92:d5:b7:d9:19:cd:72:f0:b3:25:f7:38:e9:98:6a:64:67:
4e:3a:03:17
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY1Be4mvoJOXG1MDHp6iuXrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTI1MTYzNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk5NTU5M2YzZmFhYWIyNmNkYzk0MmMzNjlmODUwOGExYjQ4NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgG1fNQw/bHrHFlpi8/jn0SFRDvql
HI0M7egZ5neaSjHQv3dJEr8YFPZL96zMgMCzHGL1sTQgfqKKxsO/cIH1yEt9QN6t
b0aunDNEry/Nqx3qWWQqMO3/4984i6XzKfUx6E3HSrmSTLlsLpHER01u3GJunECx
yuNyychOraMQxQ6DXUJgetW5U18sMpG1yaaZaT7z2cJ8W8MdWBhrAkYR3SM7eAvd
JdYkiYHTfKRwgHbJasUbR6VqW33lK0oES5WQSu4gqJNB2bFCOCgkIhwGvzyDeRls
JZM9WYhQEWsaoihQ3t2IHlQvIhN3UfM4C3gqJ0NN3Q92DUQkIIzlCXMHUwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMOZVZPz+qqybNyULDafhQihtITYMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvdzVsVmtfUDZxckpzM0pRc05wLUZDS0cwaE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVmszAwQA
WSJqAwQAWSLKAwQAWSLbAwQAWSOBAwQAWSODAwQAWSXAAwQAWSjXAwQAWSs+AwQA
W4QzAwQAvPGJMA0GCSqGSIb3DQEBCwUAA4IBAQAv/fCL/33TAntECEWQf1QkuxQZ
fkSxCGjDg1csZ/yvmPsJ9Fl+3hwrcpOwA1qq4toWszCaUcrIQ1AS/K3nig3I11rb
2V41yqanHnicIIa7dxP+44jfq6JeQpkhvu+3ozBlabfcRQP7aEfijg/VipqhWlQL
EEiBWWAejIeBltVBTVXBQtNp5sOpxlNfwlHhYyjD0DwyUZTTCvctTdi5QvyXiXe4
tJwGmb9RtXdyAzyDH5rV5ATMrnEGF17tQ836LbhmcIjQVyStcACq9hg+FDrgzCpk
LIJAuBcd1tae0UYbVFyKfxavBWIyPxLuktW32RnNcvCzJfc46ZhqZGdOOgMX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:11 2024 by rpki-client on console-fra.rpki-client.org