Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lO0dMWbTI6Kpa5Y7ok1D27aWv9s.roa
File: lO0dMWbTI6Kpa5Y7ok1D27aWv9s.roa (raw, json)
Hash identifier: Sq6tRnrMUcS7DlKbxDRA21d8GV1MaptPuGE0IAMvbHg=
Subject key identifier: 94:ED:1D:31:66:D3:23:A2:A9:6B:96:3B:A2:4D:43:DB:B6:96:BF:DB
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DA3BFDA211F9D57D5C856E00F626
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lO0dMWbTI6Kpa5Y7ok1D27aWv9s.roa
Signing time: Sun 01 Jan 2023 16:54:47 +0000
ROA not before: Sun 01 Jan 2023 16:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44277
IP address blocks: 93.118.39.0/24 maxlen: 24
89.43.61.0/24 maxlen: 24
85.204.23.0/24 maxlen: 24
86.106.99.0/24 maxlen: 24
188.240.198.0/23 maxlen: 23
89.35.115.0/24 maxlen: 24
188.214.226.0/24 maxlen: 24
188.241.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:da:3b:fd:a2:11:f9:d5:7d:5c:85:6e:00:f6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94ed1d3166d323a2a96b963ba24d43dbb696bfdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:57:a5:48:9c:3a:8d:fd:3f:fe:b0:13:1f:
bf:20:2f:e6:95:1a:e0:65:de:6b:7a:e3:53:0b:36:
2d:03:36:fe:6c:c4:e2:f3:58:06:14:ca:d4:29:f8:
c6:a6:4e:d2:68:37:8e:ba:66:e1:22:5a:7e:c0:10:
2b:c0:0c:17:3b:5b:60:54:20:35:67:fb:af:2f:ce:
95:75:b2:78:e3:2a:bc:02:b5:89:2b:b2:ac:c1:2c:
2c:34:32:db:5a:77:7f:29:22:f0:21:ae:e3:e8:7c:
4f:8c:14:e5:67:b6:cd:38:ae:b6:f9:df:36:0b:91:
dc:d9:b5:33:a8:f2:88:64:99:61:70:29:cb:00:8a:
46:59:71:f7:5c:45:8e:7e:64:23:c4:c0:60:cb:6c:
9c:c3:47:3f:56:87:2b:e0:b9:dd:8b:52:90:5a:d1:
d8:58:23:44:01:ea:fc:ae:0b:1f:fe:33:4f:3f:93:
16:53:6a:9c:f5:96:f9:ac:ac:33:27:68:3f:30:d3:
a3:66:c5:e9:d7:ad:e2:33:f7:e2:d7:f2:97:c0:d7:
6d:3f:d6:bd:a4:d0:4d:ed:1b:d4:3a:b2:1a:f3:c9:
c0:3f:44:6b:32:d2:df:64:48:1f:61:ac:c2:92:3f:
31:e2:41:d1:bb:2b:2d:d1:02:a6:50:d2:d2:6f:94:
b1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:1D:31:66:D3:23:A2:A9:6B:96:3B:A2:4D:43:DB:B6:96:BF:DB
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lO0dMWbTI6Kpa5Y7ok1D27aWv9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.23.0/24
86.106.99.0/24
89.35.115.0/24
89.43.61.0/24
93.118.39.0/24
188.214.226.0/24
188.240.198.0/23
188.241.108.0/24
Signature Algorithm: sha256WithRSAEncryption
83:17:08:70:0f:2a:a9:76:39:86:91:dd:86:dd:31:83:d8:cc:
5f:94:8a:f5:0b:13:bd:fa:1b:6d:b2:90:b0:6d:30:6d:c0:19:
7b:e9:1e:58:f5:2c:20:58:4f:ce:88:31:52:01:67:c0:d5:44:
55:a9:b2:0d:9c:89:c4:81:b5:4a:f1:e1:99:ff:30:d0:71:d4:
ce:7c:27:ac:dd:45:b6:35:73:a5:e4:8f:53:0f:f3:87:49:d7:
f5:54:00:1a:51:21:d5:4f:c5:82:35:ba:7b:c1:e4:4c:68:f0:
ef:d7:ce:f6:e4:1a:f0:24:63:f8:6f:af:2a:a2:6d:14:2a:4a:
80:ce:77:aa:17:75:88:b8:17:c6:0f:e0:89:c4:7c:ab:07:9d:
1a:a2:06:82:f0:9b:5a:8a:47:32:e8:c3:66:7f:36:fa:03:df:
cc:ad:50:78:dd:ba:58:e9:15:22:35:f8:33:de:fd:fb:d1:5f:
cd:fc:2b:d4:e0:22:d1:42:de:83:92:6f:8a:de:9b:45:43:02:
c8:d2:c8:d1:87:f3:22:4f:e7:d2:ae:7f:57:46:f4:00:29:f7:
db:30:2b:87:c3:4b:d0:8a:56:b8:4a:56:ef:3b:3a:f0:dd:de:
fb:1b:44:33:d3:f5:51:fd:06:f5:24:66:5e:6a:72:4d:63:90:
4f:18:90:0e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVuQdo7/aIR+dV9XIVuAPYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGVkMWQzMTY2ZDMyM2EyYTk2Yjk2M2JhMjRkNDNkYmI2OTZiZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3xXpUicOo39P/6wEx+/IC/mlRrg
Zd5reuNTCzYtAzb+bMTi81gGFMrUKfjGpk7SaDeOumbhIlp+wBArwAwXO1tgVCA1
Z/uvL86VdbJ44yq8ArWJK7KswSwsNDLbWnd/KSLwIa7j6HxPjBTlZ7bNOK62+d82
C5Hc2bUzqPKIZJlhcCnLAIpGWXH3XEWOfmQjxMBgy2ycw0c/Vocr4Lndi1KQWtHY
WCNEAer8rgsf/jNPP5MWU2qc9Zb5rKwzJ2g/MNOjZsXp163iM/fi1/KXwNdtP9a9
pNBN7RvUOrIa88nAP0RrMtLfZEgfYazCkj8x4kHRuyst0QKmUNLSb5SxxQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJTtHTFm0yOiqWuWO6JNQ9u2lr/bMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvbE8wZE1XYlRJNktwYTVZN29rMUQyN2FXdjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVcwXAwQA
VmpjAwQAWSNzAwQAWSs9AwQAXXYnAwQAvNbiAwQBvPDGAwQAvPFsMA0GCSqGSIb3
DQEBCwUAA4IBAQCDFwhwDyqpdjmGkd2G3TGD2MxflIr1CxO9+httspCwbTBtwBl7
6R5Y9SwgWE/OiDFSAWfA1URVqbINnInEgbVK8eGZ/zDQcdTOfCes3UW2NXOl5I9T
D/OHSdf1VAAaUSHVT8WCNbp7weRMaPDv18725BrwJGP4b68qom0UKkqAzneqF3WI
uBfGD+CJxHyrB50aogaC8Jtaikcy6MNmfzb6A9/MrVB43bpY6RUiNfgz3v370V/N
/CvU4CLRQt6Dkm+K3ptFQwLI0sjRh/MiT+fSrn9XRvQAKffbMCuHw0vQila4Slbv
Ozrw3d77G0Qz0/VR/Qb1JGZeanJNY5BPGJAO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org