Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tje8so3OWigGoWjZyHEuN98HuXU.roa
File: Tje8so3OWigGoWjZyHEuN98HuXU.roa (raw, json)
Hash identifier: PizsI/X77F03x7TSJxPnWAGIt59ATcb+IImItEf0hC0=
Subject key identifier: 4E:37:BC:B2:8D:CE:5A:28:06:A1:68:D9:C8:71:2E:37:DF:07:B9:75
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018CB0D243DC486110A4CC048F817B2B9621
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tje8so3OWigGoWjZyHEuN98HuXU.roa
Signing time: Thu 28 Dec 2023 14:26:58 +0000
ROA not before: Thu 28 Dec 2023 14:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34073
IP address blocks: 94.100.10.0/24 maxlen: 24
87.246.172.0/24 maxlen: 24
81.198.73.0/24 maxlen: 24
81.198.192.0/22 maxlen: 24
81.198.194.0/24 maxlen: 24
87.110.221.0/24 maxlen: 24
87.110.220.0/24 maxlen: 24
2a02:2330:b2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d2:43:dc:48:61:10:a4:cc:04:8f:81:7b:2b:96:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Dec 28 14:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e37bcb28dce5a2806a168d9c8712e37df07b975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8a:26:13:c5:07:a4:8a:7b:d9:49:e4:8a:ea:
45:22:1e:ba:01:1d:16:d6:fb:f7:57:ba:83:5f:51:
1d:fb:e3:03:c0:d1:6b:8f:a9:6b:2f:8b:ca:6e:9a:
1d:65:09:c1:35:2b:16:0c:1a:e5:e8:09:45:c1:3f:
80:03:64:25:15:1c:e0:5c:d8:4c:49:99:4d:df:62:
6f:7c:ed:84:66:cd:31:d7:98:66:e0:f9:48:ae:18:
cc:99:bb:c4:e5:be:37:d0:ab:de:41:c8:af:7d:de:
a6:5d:73:7d:0d:fa:64:75:21:83:20:fd:0c:79:5c:
12:c4:ae:6b:b8:b9:fc:50:c3:3c:b8:0a:fd:ef:65:
3d:4e:dc:2c:33:55:cb:f9:7a:b4:77:ce:17:d4:18:
be:48:13:34:1d:a2:13:5f:be:49:87:c1:17:3d:f0:
d2:35:40:d4:78:95:8c:fe:ae:73:63:0f:c2:49:c0:
c3:ec:0b:5f:4e:23:c9:8e:7c:f4:a2:d3:9e:da:d1:
36:db:50:7f:ef:be:55:b1:f4:2b:c0:4a:da:44:ec:
41:fb:9a:83:39:52:11:1e:c7:15:d2:5a:82:08:73:
ed:2e:ff:05:da:2f:c3:b8:22:25:1d:2b:79:1f:41:
22:5e:94:6a:c4:3f:12:cc:ac:bd:72:11:20:ce:ea:
85:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:37:BC:B2:8D:CE:5A:28:06:A1:68:D9:C8:71:2E:37:DF:07:B9:75
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Tje8so3OWigGoWjZyHEuN98HuXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.198.73.0/24
81.198.192.0/22
87.110.220.0/23
87.246.172.0/24
94.100.10.0/24
IPv6:
2a02:2330:b2::/48
Signature Algorithm: sha256WithRSAEncryption
23:7b:1c:ce:51:5f:93:cb:91:ef:2e:a7:80:e0:4b:65:8b:4a:
9e:e3:a5:91:ab:bc:57:6a:76:b9:59:e8:31:ff:48:e5:c7:ea:
98:b8:59:00:e3:62:f1:f8:95:a2:44:21:1f:9d:36:ed:a2:6b:
d8:2c:60:e4:b9:20:ce:46:fc:92:75:7d:4a:f5:2a:0e:da:b1:
42:aa:76:09:ed:01:5f:37:fa:92:a8:c0:92:8f:29:aa:92:e1:
c3:14:fe:c1:5c:8e:8f:00:4a:7f:02:79:b4:01:a6:b5:12:dd:
fb:88:19:0e:e0:b5:65:ee:4d:0a:55:ce:d7:27:8f:4e:dc:e3:
95:92:70:11:cc:3c:32:0e:43:b2:4c:9b:9d:f6:85:f7:27:85:
78:bc:ab:3b:32:d0:57:ab:f0:7c:d8:a4:12:fb:9f:14:d3:ff:
4a:76:c6:9f:48:bf:30:35:14:2c:db:e4:58:b3:b2:8b:1a:28:
e0:19:88:1c:a8:90:49:22:21:0f:ce:e3:8d:8c:38:78:29:cd:
af:f7:91:b7:a8:4b:84:e9:15:5d:d7:d2:94:d9:39:b4:2a:29:
be:51:2d:3f:5c:a2:3e:63:aa:eb:bc:18:9c:f5:00:68:d1:ac:
da:7d:17:c2:51:26:6f:34:07:7c:ec:8c:26:73:6c:00:1f:85:
e0:de:51:46
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYyw0kPcSGEQpMwEj4F7K5YhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMjI4MTQyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM3YmNiMjhkY2U1YTI4MDZhMTY4ZDljODcxMmUzN2RmMDdiOTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg4omE8UHpIp72UnkiupFIh66AR0W
1vv3V7qDX1Ed++MDwNFrj6lrL4vKbpodZQnBNSsWDBrl6AlFwT+AA2QlFRzgXNhM
SZlN32JvfO2EZs0x15hm4PlIrhjMmbvE5b430KveQcivfd6mXXN9DfpkdSGDIP0M
eVwSxK5ruLn8UMM8uAr972U9TtwsM1XL+Xq0d84X1Bi+SBM0HaITX75Jh8EXPfDS
NUDUeJWM/q5zYw/CScDD7AtfTiPJjnz0otOe2tE221B/775VsfQrwEraROxB+5qD
OVIRHscV0lqCCHPtLv8F2i/DuCIlHSt5H0EiXpRqxD8SzKy9chEgzuqFCwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFE43vLKNzlooBqFo2chxLjffB7l1MB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvVGplOHNvM09XaWdHb1dqWnlIRXVOOThIdVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAUcZJAwQC
UcbAAwQBV27cAwQAV/asAwQAXmQKMA8EAgACMAkDBwAqAiMwALIwDQYJKoZIhvcN
AQELBQADggEBACN7HM5RX5PLke8up4DgS2WLSp7jpZGrvFdqdrlZ6DH/SOXH6pi4
WQDjYvH4laJEIR+dNu2ia9gsYOS5IM5G/JJ1fUr1Kg7asUKqdgntAV83+pKowJKP
KaqS4cMU/sFcjo8ASn8CebQBprUS3fuIGQ7gtWXuTQpVztcnj07c45WScBHMPDIO
Q7JMm532hfcnhXi8qzsy0Fer8HzYpBL7nxTT/0p2xp9IvzA1FCzb5FizsosaKOAZ
iByokEkiIQ/O442MOHgpza/3kbeoS4TpFV3X0pTZObQqKb5RLT9coj5jquu8GJz1
AGjRrNp9F8JRJm80B3zsjCZzbAAfheDeUUY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org