Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/mOmTfNGJ4dxPT72k_LaKxhvYIkA.roa
File: mOmTfNGJ4dxPT72k_LaKxhvYIkA.roa (raw, json)
Hash identifier: pQ4OrFowxm5vHxbQ8swGLNhuxqa8YJxizVyXBGpodYU=
Subject key identifier: 98:E9:93:7C:D1:89:E1:DC:4F:4F:BD:A4:FC:B6:8A:C6:1B:D8:22:40
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018B7FB9F7F6685C13A66AD13ECFE5EA0F42
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/mOmTfNGJ4dxPT72k_LaKxhvYIkA.roa
Signing time: Mon 30 Oct 2023 08:36:15 +0000
ROA not before: Mon 30 Oct 2023 08:36:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20657
IP address blocks: 195.68.214.0/23 maxlen: 24
193.108.24.0/24 maxlen: 24
194.79.12.0/22 maxlen: 24
88.80.131.0/24 maxlen: 24
88.80.132.0/24 maxlen: 24
88.80.134.0/23 maxlen: 23
88.80.133.0/24 maxlen: 24
88.80.152.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 31 Oct 2023 05:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:b9:f7:f6:68:5c:13:a6:6a:d1:3e:cf:e5:ea:0f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Oct 30 08:36:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98e9937cd189e1dc4f4fbda4fcb68ac61bd82240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:df:f3:16:c6:67:8b:5d:1e:b6:ea:86:6c:
32:85:23:03:97:27:19:9c:ce:16:30:a5:51:c2:06:
08:35:a8:60:28:dc:0f:89:bd:21:f2:5e:0c:1e:9e:
15:69:52:ac:93:44:70:78:74:8a:00:ca:d0:b3:a5:
dd:8a:aa:f7:e4:3f:11:10:88:f7:11:54:e6:d2:f1:
21:d6:c8:4b:8f:56:0b:b8:03:fa:aa:bb:b4:a2:f1:
84:f4:8b:67:c8:aa:21:4f:8c:d4:ba:f7:bc:0e:95:
39:da:8d:95:8e:ed:32:ed:72:0c:76:41:0c:85:16:
9c:c7:11:12:a1:39:e3:ab:73:8e:96:80:5f:8a:55:
ce:86:c9:86:6f:ba:3c:c0:cd:56:c6:61:c2:19:7e:
c2:90:74:67:55:9f:af:22:8e:9f:35:b6:e6:5f:76:
14:55:12:ea:fc:4d:f3:df:42:cb:d8:bb:e7:33:a2:
6a:21:a0:79:05:71:a9:1a:78:df:b0:ed:3f:e2:7e:
8b:88:d5:b4:49:1f:e2:a0:37:b0:0f:06:f6:63:96:
2d:b1:b2:93:66:47:4d:eb:73:69:ab:88:fd:f6:bb:
08:9b:22:a7:0a:42:e6:df:5b:73:9a:d5:bd:6c:7a:
06:1b:8d:20:e9:7f:ee:08:f7:90:27:57:99:2a:ea:
e9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E9:93:7C:D1:89:E1:DC:4F:4F:BD:A4:FC:B6:8A:C6:1B:D8:22:40
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/mOmTfNGJ4dxPT72k_LaKxhvYIkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.131.0-88.80.135.255
88.80.152.0/21
193.108.24.0/24
194.79.12.0/22
195.68.214.0/23
Signature Algorithm: sha256WithRSAEncryption
05:e0:7f:f8:d1:34:a6:7e:dc:19:e5:8a:46:f1:56:2b:52:a5:
de:be:1a:f4:8f:3e:22:8e:14:2a:94:bf:23:23:4b:0f:17:4e:
95:77:be:46:df:c1:a3:bb:5b:13:f9:bc:08:ef:b5:f6:f5:18:
99:90:bf:30:5e:b6:93:f5:b0:d7:1c:88:70:2e:62:0e:81:c4:
87:ad:42:d5:0a:9c:a4:29:51:88:c5:e7:1e:5f:d8:f5:fd:89:
ee:8a:2c:7f:80:ee:e8:51:96:f2:fe:d7:3d:54:4c:5b:a9:07:
8e:ee:ab:2f:97:f0:8a:27:a9:f2:20:a8:6f:51:d0:50:fa:ed:
da:11:17:10:09:af:6f:6b:94:4d:d0:c5:e4:28:a5:dc:b6:aa:
d2:d8:46:f6:ec:db:90:fb:00:f5:e6:fa:ba:78:f2:bb:92:74:
de:7f:33:d9:88:dd:b2:90:2f:a7:41:23:e7:60:87:bf:50:47:
aa:d8:04:bc:a5:bd:7c:a2:26:2e:fc:d3:d7:10:2e:de:ee:2b:
e8:39:eb:81:0b:fc:43:46:3e:1c:29:08:c6:e1:52:96:35:c3:
86:ba:50:cc:3a:4a:a9:36:67:93:5a:e6:0f:0b:5b:f3:0c:17:
2c:6e:31:c2:5e:81:28:2a:7b:f2:c4:9a:a3:d1:fc:92:1c:f4:
39:34:e4:0d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYt/uff2aFwTpmrRPs/l6g9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjMxMDMwMDgzNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU5OTM3Y2QxODllMWRjNGY0ZmJkYTRmY2I2OGFjNjFiZDgyMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu/f8xbGZ4tdHrbqhmwyhSMDlycZ
nM4WMKVRwgYINahgKNwPib0h8l4MHp4VaVKsk0RweHSKAMrQs6Xdiqr35D8REIj3
EVTm0vEh1shLj1YLuAP6qru0ovGE9ItnyKohT4zUuve8DpU52o2Vju0y7XIMdkEM
hRacxxESoTnjq3OOloBfilXOhsmGb7o8wM1WxmHCGX7CkHRnVZ+vIo6fNbbmX3YU
VRLq/E3z30LL2LvnM6JqIaB5BXGpGnjfsO0/4n6LiNW0SR/ioDewDwb2Y5YtsbKT
ZkdN63Npq4j99rsImyKnCkLm31tzmtW9bHoGG40g6X/uCPeQJ1eZKurpJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJjpk3zRieHcT0+9pPy2isYb2CJAMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvbU9tVGZOR0o0ZHhQVDcya19MYUt4aHZZSWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABYUIMD
BANYUIADBANYUJgDBADBbBgDBALCTwwDBAHDRNYwDQYJKoZIhvcNAQELBQADggEB
AAXgf/jRNKZ+3BnlikbxVitSpd6+GvSPPiKOFCqUvyMjSw8XTpV3vkbfwaO7WxP5
vAjvtfb1GJmQvzBetpP1sNcciHAuYg6BxIetQtUKnKQpUYjF5x5f2PX9ie6KLH+A
7uhRlvL+1z1UTFupB47uqy+X8IonqfIgqG9R0FD67doRFxAJr29rlE3QxeQopdy2
qtLYRvbs25D7APXm+rp48ruSdN5/M9mI3bKQL6dBI+dgh79QR6rYBLylvXyiJi78
09cQLt7uK+g564EL/ENGPhwpCMbhUpY1w4a6UMw6Sqk2Z5Na5g8LW/MMFyxuMcJe
gSgqe/LEmqPR/JIc9Dk05A0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:20 2024 by rpki-client on console-ams.rpki-client.org