Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/I7k-VmkUXJYr-1r-utcc9lv25HQ.roa
File: I7k-VmkUXJYr-1r-utcc9lv25HQ.roa (raw, json)
Hash identifier: CPzviHZVYE9q1ECVSNs0nJeNMCMKWeqEXWa6PK2itcY=
Subject key identifier: 23:B9:3E:56:69:14:5C:96:2B:FB:5A:FE:BA:D7:1C:F6:5B:F6:E4:74
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 018D46C9B13E7B3A2FD2878C8230E9C0BF69
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/I7k-VmkUXJYr-1r-utcc9lv25HQ.roa
Signing time: Fri 26 Jan 2024 17:20:39 +0000
ROA not before: Fri 26 Jan 2024 17:20:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.204.181.0/24 maxlen: 24
86.104.199.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.35.14.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.117.131.0/24 maxlen: 24
93.119.144.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
94.176.72.0/23 maxlen: 24
94.176.74.0/24 maxlen: 24
94.176.79.0/24 maxlen: 24
188.209.223.0/24 maxlen: 24
188.214.136.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 19:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:46:c9:b1:3e:7b:3a:2f:d2:87:8c:82:30:e9:c0:bf:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Jan 26 17:20:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23b93e5669145c962bfb5afebad71cf65bf6e474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:2c:01:11:78:44:f1:3b:a3:51:38:a8:ca:
c6:e9:7b:14:50:dd:9b:10:b6:a1:74:68:8d:89:b3:
08:94:ed:b7:ae:4e:19:20:b9:8f:4d:6d:6c:1b:a2:
2c:fa:17:10:f5:61:ef:83:ae:3e:51:b5:cf:11:8a:
0a:97:62:e4:9a:d8:34:84:95:5a:4b:2d:94:6d:9f:
69:20:ea:71:ff:fb:47:0c:b7:6d:84:0b:0c:64:26:
4b:11:f8:bb:6b:f2:2b:5f:75:6a:38:e4:53:93:78:
51:79:02:b1:ee:ea:21:d1:88:ef:df:46:e8:33:4f:
b7:f5:a3:99:49:4c:13:f3:8f:de:e0:71:e0:4c:f4:
0a:53:ed:53:1e:87:b0:25:fb:f9:b8:41:a8:f7:fd:
23:ba:b0:ec:2f:86:97:24:3a:74:ec:dc:28:1f:5c:
7d:40:ae:5d:59:bd:31:8c:df:11:8a:bd:14:62:cb:
0d:a3:4d:d8:3f:d4:28:94:6c:a3:b7:2b:aa:c3:b4:
97:0e:59:31:0f:09:a4:d9:aa:a6:7b:c6:6c:9b:ca:
be:43:8f:af:34:2a:84:0c:91:3f:eb:eb:d7:ae:68:
94:2d:9f:ce:51:6c:64:e8:ac:1f:87:0b:08:b5:cc:
8d:71:0b:d8:ce:2e:f1:8c:34:85:5e:04:eb:fe:76:
1c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B9:3E:56:69:14:5C:96:2B:FB:5A:FE:BA:D7:1C:F6:5B:F6:E4:74
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/I7k-VmkUXJYr-1r-utcc9lv25HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.104.199.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.35.14.0/24
89.39.97.0/24
93.113.70.0/24
93.117.131.0/24
93.119.144.0/24
93.119.201.0/24
93.119.232.0/24
94.176.72.0-94.176.74.255
94.176.79.0/24
188.209.223.0/24
188.214.136.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:5f:6f:3d:e8:31:60:12:b2:ec:6d:ba:d8:02:f9:51:7e:8e:
28:fc:4e:76:40:6e:01:d6:71:dc:a2:28:19:f2:a7:e5:da:07:
2e:2f:87:7b:01:12:99:83:5b:20:1a:62:1a:ee:a9:a2:76:b5:
9f:c3:e3:1e:fe:07:61:39:7b:ac:5d:36:85:83:c2:61:82:f8:
37:76:d2:83:73:b1:55:b4:ca:3c:56:bb:8f:44:e1:fb:25:0a:
ff:99:ad:a2:36:80:d3:7f:01:25:6b:8f:04:3f:03:f1:16:50:
0a:79:ac:85:a5:6d:95:d1:22:2d:6b:a9:2d:5d:92:77:71:a6:
28:64:9d:5b:cc:38:f3:65:7c:00:b4:8b:7f:90:22:6e:8e:73:
68:2d:a8:d5:4d:e9:b7:8f:06:f6:50:dd:42:58:0d:f2:3f:1d:
3e:20:a8:09:ca:49:b5:20:98:60:2f:86:d6:cd:2e:12:94:94:
e4:59:52:96:35:cd:fb:42:73:ca:e6:8a:3d:f0:cb:d2:06:c3:
3a:c3:fb:37:fe:9d:1b:14:72:ae:17:12:4b:39:0d:37:50:20:
d0:78:8d:51:c2:07:1d:41:48:5b:3b:98:ea:17:b3:42:30:23:
74:e3:e5:d8:07:a1:6b:0f:90:ea:f9:59:a9:d9:ac:b1:8f:b9:
a2:f7:7c:2a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAY1GybE+ezov0oeMgjDpwL9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjQwMTI2MTcyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I5M2U1NjY5MTQ1Yzk2MmJmYjVhZmViYWQ3MWNmNjViZjZlNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjggsARF4RPE7o1E4qMrG6XsUUN2b
ELahdGiNibMIlO23rk4ZILmPTW1sG6Is+hcQ9WHvg64+UbXPEYoKl2Lkmtg0hJVa
Sy2UbZ9pIOpx//tHDLdthAsMZCZLEfi7a/IrX3VqOORTk3hReQKx7uoh0Yjv30bo
M0+39aOZSUwT84/e4HHgTPQKU+1THoewJfv5uEGo9/0jurDsL4aXJDp07NwoH1x9
QK5dWb0xjN8Rir0UYssNo03YP9QolGyjtyuqw7SXDlkxDwmk2aqme8Zsm8q+Q4+v
NCqEDJE/6+vXrmiULZ/OUWxk6KwfhwsItcyNcQvYzi7xjDSFXgTr/nYc2wIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCO5PlZpFFyWK/ta/rrXHPZb9uR0MB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvSTdrLVZta1VYSllyLTFyLXV0Y2M5bHYyNUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFXMtQME
AFZoxwMEAFZpOgMEAFZp0wMEAFZrpAMEAFkjDgMEAFknYQMEAF1xRgMEAF11gwME
AF13kAMEAF13yQMEAF136DAMAwQDXrBIAwQAXrBKAwQAXrBPAwQAvNHfAwQCvNaI
MA0GCSqGSIb3DQEBCwUAA4IBAQBOX2896DFgErLsbbrYAvlRfo4o/E52QG4B1nHc
oigZ8qfl2gcuL4d7ARKZg1sgGmIa7qmidrWfw+Me/gdhOXusXTaFg8Jhgvg3dtKD
c7FVtMo8VruPROH7JQr/ma2iNoDTfwEla48EPwPxFlAKeayFpW2V0SIta6ktXZJ3
caYoZJ1bzDjzZXwAtIt/kCJujnNoLajVTem3jwb2UN1CWA3yPx0+IKgJykm1IJhg
L4bWzS4SlJTkWVKWNc37QnPK5oo98MvSBsM6w/s3/p0bFHKuFxJLOQ03UCDQeI1R
wgcdQUhbO5jqF7NCMCN04+XYB6FrD5Dq+Vmp2ayxj7mi93wq
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:27 2025 by rpki-client