Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/3N5tfUjYAEfj5sMIfRiLDfli14k.roa
File: 3N5tfUjYAEfj5sMIfRiLDfli14k.roa (raw, json)
Hash identifier: pC+zqaCXFg2CTDn8AzuQivVpQOpr9w/WFVe/SZ+KiBE=
Subject key identifier: DC:DE:6D:7D:48:D8:00:47:E3:E6:C3:08:7D:18:8B:0D:F9:62:D7:89
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018641625358479B15FFADE795A265E8A196
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/3N5tfUjYAEfj5sMIfRiLDfli14k.roa
Signing time: Sat 11 Feb 2023 16:50:08 +0000
ROA not before: Sat 11 Feb 2023 16:50:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31102
IP address blocks: 86.107.52.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.42.9.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
89.47.255.0/24 maxlen: 24
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
86.107.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Feb 2023 17:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:62:53:58:47:9b:15:ff:ad:e7:95:a2:65:e8:a1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Feb 11 16:50:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcde6d7d48d80047e3e6c3087d188b0df962d789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ba:a4:15:e0:dd:71:00:2d:ff:61:4b:59:55:
e6:af:15:58:e7:27:05:5e:87:c1:3a:71:49:2b:ad:
be:05:32:70:a3:13:fd:29:c2:f5:fa:04:86:c1:c8:
16:56:05:1a:94:cd:d9:51:f9:50:00:c9:39:10:dd:
68:7b:fc:01:61:ff:52:3a:4b:cd:0d:d3:36:ce:35:
44:e0:b6:a8:76:85:c6:43:4c:42:ce:6a:d2:8c:b0:
0f:31:0d:e2:77:aa:a7:c3:ff:08:14:e3:30:19:6d:
bd:e0:7f:be:36:e8:7f:ad:d3:e7:43:31:64:6c:68:
42:82:de:fa:be:ab:9a:07:14:7f:b1:6a:11:75:f9:
e0:10:eb:73:ff:88:67:04:37:05:9e:6f:07:9d:16:
01:46:de:1a:e5:91:18:19:4a:57:be:c1:4f:4c:09:
6e:d7:33:dc:b1:fe:58:ca:c7:b3:c8:12:5f:4b:56:
f5:42:ed:c4:06:70:dd:37:6c:97:88:78:68:67:cc:
2f:c1:76:a1:8c:df:9a:cf:e4:d1:5c:ae:a4:81:d0:
c1:4c:97:56:4d:66:3d:63:20:99:2c:57:7b:a2:59:
0f:26:5c:f3:a7:a3:5c:d7:9a:41:a9:c0:93:43:80:
e3:6a:94:b3:10:1b:54:16:3d:c3:b2:28:d6:e6:6d:
53:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DE:6D:7D:48:D8:00:47:E3:E6:C3:08:7D:18:8B:0D:F9:62:D7:89
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/3N5tfUjYAEfj5sMIfRiLDfli14k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.52.0/24
89.42.9.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
51:af:29:cf:2a:fd:83:ca:e2:2d:6e:8c:b5:ba:c0:bf:43:e0:
72:2d:0f:44:65:7b:04:1d:aa:38:bd:46:46:8b:ac:50:36:bb:
75:4c:01:f5:1c:95:9d:88:2e:02:66:39:48:02:a1:1d:6c:15:
ea:96:74:6a:f1:a8:69:0b:44:4f:0e:75:4e:43:e2:45:e7:de:
e1:01:08:78:88:3b:31:d1:f2:54:05:c3:b6:b6:b4:63:61:62:
d3:d9:e4:e0:4a:6a:08:51:74:bd:f8:de:ae:09:a7:bb:b3:0d:
fd:ec:ef:8b:c9:c6:31:44:9f:09:b9:6b:aa:e1:a3:be:c0:a1:
1c:17:b6:27:13:3d:8b:14:b7:68:37:1f:56:a1:3c:e3:f9:b9:
b9:6b:75:77:26:95:e4:4e:fe:3b:65:ef:bf:3d:a0:ac:4a:37:
2d:7e:a0:e6:aa:8d:2a:59:8b:39:1a:ea:00:5d:a3:9e:10:6a:
f3:49:16:40:8e:b1:21:71:18:b7:e6:e8:ab:70:71:57:4e:54:
97:b4:2e:e2:fc:c9:d8:9b:16:ad:27:7a:0e:25:32:69:9f:f1:
f7:fe:68:c6:27:59:75:67:79:a3:ce:b4:ce:25:6f:64:17:0c:
26:d6:56:b1:57:84:aa:1d:c6:07:ae:03:da:26:73:58:fb:8c:
83:01:15:27
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYZBYlNYR5sV/63nlaJl6KGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMjExMTY1MDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RlNmQ3ZDQ4ZDgwMDQ3ZTNlNmMzMDg3ZDE4OGIwZGY5NjJkNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrqkFeDdcQAt/2FLWVXmrxVY5ycF
XofBOnFJK62+BTJwoxP9KcL1+gSGwcgWVgUalM3ZUflQAMk5EN1oe/wBYf9SOkvN
DdM2zjVE4LaodoXGQ0xCzmrSjLAPMQ3id6qnw/8IFOMwGW294H++Nuh/rdPnQzFk
bGhCgt76vquaBxR/sWoRdfngEOtz/4hnBDcFnm8HnRYBRt4a5ZEYGUpXvsFPTAlu
1zPcsf5YysezyBJfS1b1Qu3EBnDdN2yXiHhoZ8wvwXahjN+az+TRXK6kgdDBTJdW
TWY9YyCZLFd7olkPJlzzp6Nc15pBqcCTQ4DjapSzEBtUFj3DsijW5m1TawIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNzebX1I2ABH4+bDCH0Yiw35YteJMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvM041dGZVallBRWZqNXNNSWZSaUxEZmxpMTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVmsUAwQA
Vms0AwQAWSoJAwQAWS//AwQAXHInAwQAXHI0AwQBvNdGAwQBvPDKAwQBvPGGMA0G
CSqGSIb3DQEBCwUAA4IBAQBRrynPKv2DyuItboy1usC/Q+ByLQ9EZXsEHao4vUZG
i6xQNrt1TAH1HJWdiC4CZjlIAqEdbBXqlnRq8ahpC0RPDnVOQ+JF597hAQh4iDsx
0fJUBcO2trRjYWLT2eTgSmoIUXS9+N6uCae7sw397O+LycYxRJ8JuWuq4aO+wKEc
F7YnEz2LFLdoNx9WoTzj+bm5a3V3JpXkTv47Ze+/PaCsSjctfqDmqo0qWYs5GuoA
XaOeEGrzSRZAjrEhcRi35uircHFXTlSXtC7i/MnYmxatJ3oOJTJpn/H3/mjGJ1l1
Z3mjzrTOJW9kFwwm1laxV4SqHcYHrgPaJnNY+4yDARUn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org