Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/fGSF3hOc1eN8GMThRyNmQhl4qJY.roa
File: fGSF3hOc1eN8GMThRyNmQhl4qJY.roa (raw, json)
Hash identifier: 8Yey9OnMNPjvQNbWqItcvmGUClMDg53NRetxD6NozDA=
Subject key identifier: 7C:64:85:DE:13:9C:D5:E3:7C:18:C4:E1:47:23:66:42:19:78:A8:96
Certificate issuer: /CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Certificate serial: 0187E698950AF6687F61CEB47B3D30833D39
Authority key identifier: 97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/fGSF3hOc1eN8GMThRyNmQhl4qJY.roa
Signing time: Thu 04 May 2023 11:49:31 +0000
ROA not before: Thu 04 May 2023 11:49:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 88.218.151.0/24 maxlen: 24
88.218.150.0/24 maxlen: 24
85.209.4.0/24 maxlen: 24
85.209.7.0/24 maxlen: 24
85.209.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 May 2023 18:45:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:98:95:0a:f6:68:7f:61:ce:b4:7b:3d:30:83:3d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Validity
Not Before: May 4 11:49:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c6485de139cd5e37c18c4e1472366421978a896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:14:0c:f1:ee:e0:bb:cd:2f:5a:d9:23:19:63:
1d:79:58:26:7f:c5:cc:b8:8c:e6:7d:ce:cf:cb:06:
15:68:be:a0:3c:04:7e:9e:0a:9e:b0:cf:53:73:1d:
01:15:39:2b:3a:6f:a7:ad:c7:0e:33:63:14:11:c8:
cf:cb:c9:50:57:d3:8c:22:f8:2e:28:27:a5:f8:b9:
34:93:37:d2:2d:2e:47:46:99:56:82:20:34:5a:ae:
29:3e:14:a1:33:be:24:ef:ab:56:39:7e:92:44:6b:
d3:c6:39:68:73:a4:36:b5:11:02:aa:bd:1b:a7:94:
b8:7f:45:2d:16:04:41:2a:4f:1a:56:81:64:3d:c2:
46:c6:8a:9a:1d:1e:8e:b9:11:1b:17:f1:08:a2:32:
54:72:fd:79:85:33:7e:43:c1:2e:e4:57:d4:71:14:
44:99:49:2b:cf:a6:1a:46:a7:a7:27:3d:00:cf:87:
6c:90:30:88:2a:2e:ff:94:05:00:c9:97:8f:90:36:
e1:d2:70:49:56:e2:fb:de:df:83:5b:d1:59:2a:46:
3b:64:c2:ad:80:f6:33:66:1b:3e:45:12:2f:ab:81:
95:e6:b3:ac:97:93:d8:92:a7:52:7e:10:28:c6:34:
fa:10:8c:76:23:24:e9:27:49:6c:11:9f:f2:77:75:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:64:85:DE:13:9C:D5:E3:7C:18:C4:E1:47:23:66:42:19:78:A8:96
X509v3 Authority Key Identifier:
keyid:97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/fGSF3hOc1eN8GMThRyNmQhl4qJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/lzvsM65zjJiViBnGwTuzNe40q0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.4.0/24
85.209.6.0/23
88.218.150.0/23
Signature Algorithm: sha256WithRSAEncryption
76:c6:6d:3e:0c:3b:af:86:cd:fb:94:65:10:2b:81:81:0a:63:
96:e2:17:d8:fe:bf:e9:ca:0e:74:da:4f:7c:18:b0:3b:f0:fe:
c0:3d:95:99:75:1e:27:27:b5:e9:da:16:41:89:06:cb:9e:68:
59:2e:2b:22:eb:6a:55:da:b5:f2:3f:98:bf:62:67:21:42:48:
93:d2:fd:46:37:56:bc:d2:27:76:36:fd:8d:44:c9:08:69:4c:
8f:55:91:d9:d9:d8:c5:5c:a3:da:de:63:1a:fa:c8:7c:c8:ca:
ca:3a:3d:ee:27:b1:ae:68:17:ff:d5:a5:0d:c9:f9:98:d3:89:
5c:3f:16:4b:da:89:ed:af:a1:ae:f1:fd:52:c3:f4:18:18:4b:
d0:ca:02:85:a5:04:00:af:2c:a8:4a:f3:7b:76:cb:97:d6:d8:
c1:e1:e3:09:c1:4f:99:88:28:aa:62:9e:92:5e:61:a0:38:df:
95:b7:77:29:92:82:e3:57:ac:c6:9a:d9:3b:a6:4f:69:a5:a8:
2e:67:97:95:8c:73:e6:53:89:87:10:91:b0:32:0f:d3:01:9b:
a3:33:ef:28:d2:c0:c9:fb:74:30:4a:6d:e8:87:f2:c5:87:c6:
c0:fa:f9:28:5a:a3:82:85:ef:31:55:ed:1d:2a:4b:44:eb:6a:
11:85:cb:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfmmJUK9mh/Yc60ez0wgz05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3M2JlYzMzYWU3MzhjOTg5NTg4MTljNmMxM2JiMzM1ZWUz
NGFiNGMwHhcNMjMwNTA0MTE0OTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzY0ODVkZTEzOWNkNWUzN2MxOGM0ZTE0NzIzNjY0MjE5NzhhODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRQM8e7gu80vWtkjGWMdeVgmf8XM
uIzmfc7PywYVaL6gPAR+ngqesM9Tcx0BFTkrOm+nrccOM2MUEcjPy8lQV9OMIvgu
KCel+Lk0kzfSLS5HRplWgiA0Wq4pPhShM74k76tWOX6SRGvTxjloc6Q2tRECqr0b
p5S4f0UtFgRBKk8aVoFkPcJGxoqaHR6OuREbF/EIojJUcv15hTN+Q8Eu5FfUcRRE
mUkrz6YaRqenJz0Az4dskDCIKi7/lAUAyZePkDbh0nBJVuL73t+DW9FZKkY7ZMKt
gPYzZhs+RRIvq4GV5rOsl5PYkqdSfhAoxjT6EIx2IyTpJ0lsEZ/yd3V9RwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHxkhd4TnNXjfBjE4UcjZkIZeKiWMB8GA1UdIwQY
MBaAFJc77DOuc4yYlYgZxsE7szXuNKtMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQt
YzQyZjlhYmYxNDc3LzEvZkdTRjNoT2MxZU44R01UaFJ5Tm1RaGw0cUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQtYzQyZjlhYmYxNDc3
LzEvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdEEAwQB
VdEGAwQBWNqWMA0GCSqGSIb3DQEBCwUAA4IBAQB2xm0+DDuvhs37lGUQK4GBCmOW
4hfY/r/pyg502k98GLA78P7APZWZdR4nJ7Xp2hZBiQbLnmhZLisi62pV2rXyP5i/
YmchQkiT0v1GN1a80id2Nv2NRMkIaUyPVZHZ2djFXKPa3mMa+sh8yMrKOj3uJ7Gu
aBf/1aUNyfmY04lcPxZL2ontr6Gu8f1Sw/QYGEvQygKFpQQAryyoSvN7dsuX1tjB
4eMJwU+ZiCiqYp6SXmGgON+Vt3cpkoLjV6zGmtk7pk9ppaguZ5eVjHPmU4mHEJGw
Mg/TAZujM+8o0sDJ+3QwSm3oh/LFh8bA+vkoWqOChe8xVe0dKktE62oRhcua
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:04 2024 by rpki-client on console-ams.rpki-client.org