Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fH2UZ3bd_EYDSaCIvi1ULG0D4Pw.roa
File: fH2UZ3bd_EYDSaCIvi1ULG0D4Pw.roa (raw, json)
Hash identifier: j5fTfzpRU+BuVs/G6HlTL4TkVYKrzVf7DIAsj9+kH7M=
Subject key identifier: 7C:7D:94:67:76:DD:FC:46:03:49:A0:88:BE:2D:54:2C:6D:03:E0:FC
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 0186412152730536D8E8A89EE3D2B93FED76
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fH2UZ3bd_EYDSaCIvi1ULG0D4Pw.roa
Signing time: Sat 11 Feb 2023 15:39:08 +0000
ROA not before: Sat 11 Feb 2023 15:39:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57142
IP address blocks: 89.47.3.0/24 maxlen: 24
86.107.54.0/24 maxlen: 24
89.47.10.0/24 maxlen: 24
89.32.185.0/24 maxlen: 24
89.44.236.0/24 maxlen: 24
89.32.191.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
86.107.181.0/24 maxlen: 24
176.126.175.0/24 maxlen: 24
188.240.208.0/24 maxlen: 24
86.107.30.0/24 maxlen: 24
89.43.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:41:21:52:73:05:36:d8:e8:a8:9e:e3:d2:b9:3f:ed:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Feb 11 15:39:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c7d946776ddfc460349a088be2d542c6d03e0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:93:65:1c:bd:7e:7d:8f:b6:f3:c8:80:c0:36:
ee:1b:c4:45:c3:f2:52:7a:be:da:77:5c:d5:23:2a:
cd:4d:ca:7c:1e:5b:21:4a:3f:26:7f:48:e5:bb:67:
01:68:34:9c:f6:2c:c4:27:85:39:e3:23:fb:88:ef:
a8:21:4d:18:20:78:5c:81:c9:6c:b0:2e:fa:32:1e:
a2:48:b8:e9:c4:a4:5a:bf:aa:4e:b0:10:08:4d:f2:
4c:22:20:66:09:cf:3b:31:a1:04:91:4a:f8:23:63:
9f:18:7a:92:22:ed:c8:f3:80:1d:28:11:7c:99:74:
e9:15:7a:81:b1:e6:b0:0d:e8:c5:cb:c0:08:eb:23:
e9:1c:db:e2:41:bf:a4:d9:af:c9:98:d1:a5:d7:88:
d9:38:59:f0:a0:c8:b9:1e:ef:94:ce:cf:50:68:74:
d5:0a:80:78:c2:30:9e:c9:c6:5b:b1:33:0e:09:9d:
f6:d1:01:4f:e4:d6:97:b9:ca:c4:d9:6a:8b:58:f1:
d6:23:cb:86:8e:5e:f4:83:31:36:cb:e6:4d:6a:ca:
0c:18:94:75:94:d0:ab:b6:f6:13:1c:ed:33:d6:30:
04:6a:12:bf:5e:6b:9b:e4:9c:ea:b9:00:4f:46:47:
46:9f:83:22:5b:db:8b:cf:7e:0c:e5:c1:27:e5:fd:
a5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7D:94:67:76:DD:FC:46:03:49:A0:88:BE:2D:54:2C:6D:03:E0:FC
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/fH2UZ3bd_EYDSaCIvi1ULG0D4Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.30.0/24
86.107.54.0/24
86.107.181.0-86.107.182.255
89.32.185.0/24
89.32.191.0/24
89.43.38.0/24
89.44.236.0/24
89.47.3.0/24
89.47.10.0/24
176.126.175.0/24
188.240.208.0/24
Signature Algorithm: sha256WithRSAEncryption
36:75:70:cd:b8:50:3a:02:83:32:fd:7d:d9:57:10:4a:48:05:
a8:6b:68:0d:25:a3:1e:de:6f:00:d6:96:37:9f:22:5f:ee:42:
58:2e:00:3e:f6:8b:d8:46:27:f3:4a:33:05:74:47:50:22:81:
e5:1b:0c:c0:c6:05:20:db:b4:cb:27:dc:a9:0b:02:86:2a:a0:
f1:ab:b2:a6:66:0a:4c:49:8c:96:02:e3:28:25:3f:d1:01:df:
d7:e5:97:58:1a:c4:0e:ca:d2:58:39:cd:6a:79:fc:1b:ef:f0:
af:83:d4:6c:36:25:93:ad:ec:f0:d7:4e:f7:82:16:4a:8f:e4:
7d:29:52:5c:0d:1b:6a:49:c9:3a:89:b7:d0:2a:67:38:ec:ed:
0d:0d:3a:46:cf:57:98:ad:a9:e1:3c:83:df:e3:5a:a1:d8:e9:
49:f4:f6:53:cf:b1:28:ea:d3:14:e0:c4:71:ad:68:e9:8f:71:
63:8e:69:99:03:a2:73:81:f4:f8:03:70:7c:e9:c1:03:12:4c:
89:93:4a:da:59:b2:39:3f:22:8a:c9:76:79:06:fc:32:5e:1d:
6e:2c:fa:88:ea:16:dc:dc:68:a5:85:ee:c8:58:f2:59:41:73:
74:02:a3:42:26:00:79:63:79:d1:88:ac:eb:02:f6:97:b4:17:
39:40:d7:f6
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYZBIVJzBTbY6Kie49K5P+12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMjExMTUzOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdkOTQ2Nzc2ZGRmYzQ2MDM0OWEwODhiZTJkNTQyYzZkMDNlMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5NlHL1+fY+288iAwDbuG8RFw/JS
er7ad1zVIyrNTcp8HlshSj8mf0jlu2cBaDSc9izEJ4U54yP7iO+oIU0YIHhcgcls
sC76Mh6iSLjpxKRav6pOsBAITfJMIiBmCc87MaEEkUr4I2OfGHqSIu3I84AdKBF8
mXTpFXqBseawDejFy8AI6yPpHNviQb+k2a/JmNGl14jZOFnwoMi5Hu+Uzs9QaHTV
CoB4wjCeycZbsTMOCZ320QFP5NaXucrE2WqLWPHWI8uGjl70gzE2y+ZNasoMGJR1
lNCrtvYTHO0z1jAEahK/Xmub5JzquQBPRkdGn4MiW9uLz34M5cEn5f2lIQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHx9lGd23fxGA0mgiL4tVCxtA+D8MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvZkgyVVozYmRfRVlEU2FDSXZpMVVMRzBENFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAVmseAwQA
Vms2MAwDBABWa7UDBABWa7YDBABZILkDBABZIL8DBABZKyYDBABZLOwDBABZLwMD
BABZLwoDBACwfq8DBAC88NAwDQYJKoZIhvcNAQELBQADggEBADZ1cM24UDoCgzL9
fdlXEEpIBahraA0lox7ebwDWljefIl/uQlguAD72i9hGJ/NKMwV0R1AigeUbDMDG
BSDbtMsn3KkLAoYqoPGrsqZmCkxJjJYC4yglP9EB39fll1gaxA7K0lg5zWp5/Bvv
8K+D1Gw2JZOt7PDXTveCFkqP5H0pUlwNG2pJyTqJt9AqZzjs7Q0NOkbPV5itqeE8
g9/jWqHY6Un09lPPsSjq0xTgxHGtaOmPcWOOaZkDonOB9PgDcHzpwQMSTImTStpZ
sjk/IorJdnkG/DJeHW4s+ojqFtzcaKWF7shY8llBc3QCo0ImAHljedGIrOsC9pe0
FzlA1/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:41 2024 by rpki-client on console-ams.rpki-client.org