Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/Fo00mIMoIZLdhSHZufH4tSmHaa4.roa
File: Fo00mIMoIZLdhSHZufH4tSmHaa4.roa (raw, json)
Hash identifier: duzhCtEtrt5CmlqtThO1tnuCteOj7EFecty3PQtPR+Q=
Subject key identifier: 16:8D:34:98:83:28:21:92:DD:85:21:D9:B9:F1:F8:B5:29:87:69:AE
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0193009938A1148257FB004BD43BFC618FC6
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/Fo00mIMoIZLdhSHZufH4tSmHaa4.roa
Signing time: Wed 06 Nov 2024 08:31:01 +0000
ROA not before: Wed 06 Nov 2024 08:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 86.105.58.0/24 maxlen: 24
94.176.72.0/23 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.208.125.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 12:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:99:38:a1:14:82:57:fb:00:4b:d4:3b:fc:61:8f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Nov 6 08:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=168d349883282192dd8521d9b9f1f8b5298769ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0b:ec:78:99:52:ff:65:94:fe:8b:19:2a:f4:
42:05:7a:d0:4d:62:35:aa:94:a4:b1:28:85:1b:40:
6d:94:92:99:58:ab:e1:2f:d8:ed:33:a5:05:b2:b9:
65:cf:58:2b:7a:ae:6f:90:20:e1:eb:93:d9:e7:f3:
dc:cd:7d:6a:c4:c8:42:83:ca:2c:33:8c:2e:ba:9a:
c1:cc:36:de:89:a1:d8:8d:fe:5f:55:86:e2:1b:1f:
97:ba:2b:57:57:36:f4:87:8f:c5:34:ed:77:0e:a3:
41:41:91:67:a5:a1:46:4f:60:b2:b0:73:84:2c:a1:
fd:0d:cf:4e:50:f3:0b:09:d6:f7:c9:d2:67:0b:a1:
af:76:75:74:76:12:89:da:07:27:c4:cb:a2:06:66:
05:d4:7d:86:0f:4f:73:de:e3:d6:78:1b:55:a5:bf:
f7:30:61:e9:d8:f0:b9:ed:52:f4:51:eb:c7:3c:dd:
97:6d:44:ae:47:18:5c:30:bc:57:74:00:80:71:93:
25:cf:d5:33:f5:a1:fe:be:e0:f0:0d:c0:60:16:42:
7b:fc:07:c0:2a:ea:e6:f6:65:82:96:8d:67:49:d3:
40:c3:cd:83:45:2a:67:31:25:d9:7e:aa:19:dc:43:
71:3f:67:44:0a:ab:76:d7:43:b8:f8:95:53:cb:0f:
f2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:8D:34:98:83:28:21:92:DD:85:21:D9:B9:F1:F8:B5:29:87:69:AE
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/Fo00mIMoIZLdhSHZufH4tSmHaa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.58.0/24
94.176.72.0-94.176.74.255
94.176.79.0/24
188.208.124.0/23
188.209.223.0/24
188.214.136.0-188.214.138.255
Signature Algorithm: sha256WithRSAEncryption
8c:64:e8:97:ca:49:c5:d0:df:72:17:fa:d2:92:2f:40:d1:74:
4f:3a:14:36:4f:db:ff:07:1a:37:2c:ce:e7:c7:bc:a7:9f:a2:
40:95:b5:58:55:ae:86:d0:4b:5a:df:bc:2d:b2:88:aa:54:bd:
52:69:71:ff:d6:e2:12:7b:a2:88:c2:72:27:cd:bc:8a:2c:57:
3b:8a:bc:cd:5c:34:53:a2:1c:11:c6:e7:29:4b:7e:61:04:30:
cb:42:de:b3:0a:cc:22:a3:7d:82:16:f4:21:eb:27:50:13:2d:
39:48:46:54:ec:a7:de:8b:b8:9a:f9:07:6c:3e:71:a7:2e:d3:
54:f3:65:e4:e7:39:96:14:41:f9:9c:e6:ce:15:f9:87:96:85:
76:95:bc:06:65:c4:da:e9:8c:40:55:e6:78:86:0f:3f:0a:f3:
b5:72:11:0c:d4:5e:5e:84:1c:31:16:84:0e:df:3b:26:0f:0d:
cc:37:9f:0e:88:f4:a0:2e:e8:bd:51:1b:9d:ae:68:8a:a2:14:
c7:5e:41:0a:83:78:60:63:5f:d2:46:62:40:c6:46:f6:e6:eb:
64:59:0e:ad:74:e9:18:57:68:f9:77:c1:df:6e:ac:4d:84:7d:
7f:e8:1a:a8:1e:5f:f8:64:43:8b:f4:ad:5c:5c:eb:79:6c:c0:
9c:b5:5b:85
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZMAmTihFIJX+wBL1Dv8YY/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQxMTA2MDgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjhkMzQ5ODgzMjgyMTkyZGQ4NTIxZDliOWYxZjhiNTI5ODc2OWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwvseJlS/2WU/osZKvRCBXrQTWI1
qpSksSiFG0BtlJKZWKvhL9jtM6UFsrllz1greq5vkCDh65PZ5/PczX1qxMhCg8os
M4wuuprBzDbeiaHYjf5fVYbiGx+XuitXVzb0h4/FNO13DqNBQZFnpaFGT2CysHOE
LKH9Dc9OUPMLCdb3ydJnC6GvdnV0dhKJ2gcnxMuiBmYF1H2GD09z3uPWeBtVpb/3
MGHp2PC57VL0UevHPN2XbUSuRxhcMLxXdACAcZMlz9Uz9aH+vuDwDcBgFkJ7/AfA
Kurm9mWClo1nSdNAw82DRSpnMSXZfqoZ3ENxP2dECqt210O4+JVTyw/yhQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFBaNNJiDKCGS3YUh2bnx+LUph2muMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvRm8wMG1JTW9JWkxkaFNIWnVmSDR0U21IYWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAVmk6MAwD
BANesEgDBABesEoDBABesE8DBAG80HwDBAC80d8wDAMEA7zWiAMEALzWijANBgkq
hkiG9w0BAQsFAAOCAQEAjGTol8pJxdDfchf60pIvQNF0TzoUNk/b/wcaNyzO58e8
p5+iQJW1WFWuhtBLWt+8LbKIqlS9Umlx/9biEnuiiMJyJ828iixXO4q8zVw0U6Ic
EcbnKUt+YQQwy0LeswrMIqN9ghb0IesnUBMtOUhGVOyn3ou4mvkHbD5xpy7TVPNl
5Oc5lhRB+ZzmzhX5h5aFdpW8BmXE2umMQFXmeIYPPwrztXIRDNReXoQcMRaEDt87
Jg8NzDefDoj0oC7ovVEbna5oiqIUx15BCoN4YGNf0kZiQMZG9ubrZFkOrXTpGFdo
+XfB326sTYR9f+gaqB5f+GRDi/StXFzreWzAnLVbhQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:47 2025 by rpki-client