Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/0gw5o5VrTHwsrx5gM2rve-r5JnU.roa
File: 0gw5o5VrTHwsrx5gM2rve-r5JnU.roa (raw, json)
Hash identifier: B3qeYrMSkDew6WCUPwSUZXoxNdRSTWnJX72F90l0+/Q=
Subject key identifier: D2:0C:39:A3:95:6B:4C:7C:2C:AF:1E:60:33:6A:EF:7B:EA:F9:26:75
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 018CC86F1CE0685CD7ABB4464246BADC3464
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/0gw5o5VrTHwsrx5gM2rve-r5JnU.roa
Signing time: Tue 02 Jan 2024 04:29:34 +0000
ROA not before: Tue 02 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 93.117.176.0/20 maxlen: 22
93.119.208.0/20 maxlen: 22
188.213.192.0/22 maxlen: 22
188.212.240.0/21 maxlen: 21
37.98.114.0/24 maxlen: 24
188.211.0.0/20 maxlen: 20
178.131.0.0/16 maxlen: 22
37.98.64.0/18 maxlen: 22
62.102.128.0/20 maxlen: 22
Validation: Failed, certificate revoked on Mon 26 Feb 2024 10:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1c:e0:68:5c:d7:ab:b4:46:42:46:ba:dc:34:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Jan 2 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d20c39a3956b4c7c2caf1e60336aef7beaf92675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:fb:79:c7:22:a2:7b:a1:41:34:0f:fd:51:
d0:ea:b7:ac:65:6f:3a:5a:10:9d:e9:de:1f:cc:bf:
de:ba:8d:bb:a1:ec:ee:c8:a1:2d:a1:b6:10:6e:a6:
f7:9e:53:5a:fd:35:e2:1c:0a:8e:13:ee:ae:9a:f6:
92:c1:de:75:fa:fc:3a:3e:c3:7c:39:78:69:2b:9f:
1f:23:ed:c0:17:e7:46:d1:26:ec:1b:4c:bc:f4:7b:
f2:23:b0:19:ad:18:8f:9c:d8:63:64:df:9d:bb:42:
60:9e:32:83:17:87:11:fc:af:ab:cc:68:f3:83:08:
25:0b:ff:a5:ed:6b:27:17:38:b1:1f:88:9b:65:9d:
c5:4e:6a:46:81:9f:05:6a:49:3b:20:a7:f5:41:8a:
67:4c:9c:d9:a6:aa:f3:e2:62:cd:09:a1:9f:35:06:
a8:3c:77:d3:da:49:47:c5:8b:dd:6f:4b:0c:00:f4:
a2:e9:19:0e:85:f3:67:4a:99:a1:21:9e:37:63:29:
8a:85:56:53:dc:c2:95:f6:5f:cf:76:c0:2c:1b:ef:
e8:3b:3c:24:0d:83:be:d1:f0:83:86:04:78:7a:ac:
4d:24:2b:82:56:9a:56:95:1f:f0:4d:79:ad:e9:b5:
a5:c3:39:eb:85:e2:20:9a:e3:61:3f:b2:7c:e3:d3:
44:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:0C:39:A3:95:6B:4C:7C:2C:AF:1E:60:33:6A:EF:7B:EA:F9:26:75
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/0gw5o5VrTHwsrx5gM2rve-r5JnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.64.0/18
62.102.128.0/20
93.117.176.0/20
93.119.208.0/20
178.131.0.0/16
188.211.0.0/20
188.212.240.0/21
188.213.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:e8:08:ee:0d:e8:41:40:1d:82:f8:b4:8f:69:c9:b4:b7:0f:
30:b1:b9:a9:0f:69:ab:5d:e1:f6:31:1d:fe:3f:7c:5b:20:c1:
bd:88:8b:b0:db:08:75:03:27:f0:12:52:af:5b:fc:76:f9:47:
c6:d1:b3:7e:b4:e7:73:cb:98:54:e2:03:a4:d2:74:5d:ff:c9:
34:3f:da:aa:9f:e5:70:21:2c:85:33:39:eb:a0:79:55:9d:84:
24:4e:40:a3:2d:06:15:e0:63:ce:4e:55:ae:49:b2:f3:24:11:
38:5e:b1:47:30:d0:27:0c:d0:e0:6f:e7:50:e9:7f:9e:8b:4e:
3e:19:9b:a5:02:da:6d:d2:95:b7:bf:5c:2d:18:42:d4:e3:fd:
18:a5:bf:bf:4d:b8:67:bb:12:1c:2e:b7:90:a1:12:60:07:84:
71:82:bb:13:cd:97:ae:5d:ac:e9:ea:59:b5:1f:f1:02:af:61:
53:7f:e1:e3:e7:65:38:79:75:53:43:d2:75:b9:22:9f:a0:17:
94:8e:50:7d:99:1b:1b:bd:10:e4:ec:6b:3a:94:88:7c:ec:12:
23:ee:6d:a2:40:cc:95:f4:70:de:6a:35:67:3b:a7:b5:de:71:
4a:9d:09:f7:0e:be:04:fc:89:34:4d:ac:63:39:2a:5a:2c:91:
d2:69:db:e7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIbxzgaFzXq7RGQka63DRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMTAyMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjBjMzlhMzk1NmI0YzdjMmNhZjFlNjAzMzZhZWY3YmVhZjkyNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwT7eccionuhQTQP/VHQ6resZW86
WhCd6d4fzL/euo27oezuyKEtobYQbqb3nlNa/TXiHAqOE+6umvaSwd51+vw6PsN8
OXhpK58fI+3AF+dG0SbsG0y89HvyI7AZrRiPnNhjZN+du0JgnjKDF4cR/K+rzGjz
gwglC/+l7WsnFzixH4ibZZ3FTmpGgZ8Fakk7IKf1QYpnTJzZpqrz4mLNCaGfNQao
PHfT2klHxYvdb0sMAPSi6RkOhfNnSpmhIZ43YymKhVZT3MKV9l/PdsAsG+/oOzwk
DYO+0fCDhgR4eqxNJCuCVppWlR/wTXmt6bWlwznrheIgmuNhP7J849NEXQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFNIMOaOVa0x8LK8eYDNq73vq+SZ1MB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvMGd3NW81VnJUSHdzcng1Z00ycnZlLXI1Sm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwQGJWJAAwQE
PmaAAwQEXXWwAwQEXXfQAwMAsoMDBAS80wADBAO81PADBAK81cAwDQYJKoZIhvcN
AQELBQADggEBAH/oCO4N6EFAHYL4tI9pybS3DzCxuakPaatd4fYxHf4/fFsgwb2I
i7DbCHUDJ/ASUq9b/Hb5R8bRs36053PLmFTiA6TSdF3/yTQ/2qqf5XAhLIUzOeug
eVWdhCROQKMtBhXgY85OVa5JsvMkEThesUcw0CcM0OBv51Dpf56LTj4Zm6UC2m3S
lbe/XC0YQtTj/Rilv79NuGe7Ehwut5ChEmAHhHGCuxPNl65drOnqWbUf8QKvYVN/
4ePnZTh5dVND0nW5Ip+gF5SOUH2ZGxu9EOTsazqUiHzsEiPubaJAzJX0cN5qNWc7
p7XecUqdCfcOvgT8iTRNrGM5KloskdJp2+c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:27 2024 by rpki-client on console-ams.rpki-client.org