Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/nogtOygmqAIaU7WFSsb9bhVT-EQ.roa
File: nogtOygmqAIaU7WFSsb9bhVT-EQ.roa (raw, json)
Hash identifier: Hx6HepDStAmiKw+hUPBsL1CVgD4MbZhabx2+HvTzdFo=
Subject key identifier: 9E:88:2D:3B:28:26:A8:02:1A:53:B5:85:4A:C6:FD:6E:15:53:F8:44
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 01892A0B4EAAD76C85F0D6138FD8D1F28A6E
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/nogtOygmqAIaU7WFSsb9bhVT-EQ.roa
Signing time: Thu 06 Jul 2023 07:12:11 +0000
ROA not before: Thu 06 Jul 2023 07:12:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39386
IP address blocks: 84.235.56.0/23 maxlen: 23
178.86.50.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
37.224.192.0/24 maxlen: 24
84.235.95.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
193.19.244.0/24 maxlen: 24
2001:16a0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Jul 2023 07:04:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:0b:4e:aa:d7:6c:85:f0:d6:13:8f:d8:d1:f2:8a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Jul 6 07:12:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e882d3b2826a8021a53b5854ac6fd6e1553f844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:af:cf:81:86:7b:02:31:92:ef:38:95:d6:
23:73:af:7e:ad:d1:6d:88:ba:f7:68:b6:41:ec:d1:
73:d9:61:a9:0a:af:de:08:88:5a:09:11:64:b0:25:
59:6b:7f:18:7e:e6:a9:ad:ec:16:35:68:40:1f:06:
64:ea:9d:6f:eb:b7:71:c4:47:63:9b:40:43:f1:85:
db:bf:7d:53:74:f5:5c:7d:72:7f:03:25:4e:7c:bd:
7a:6b:2a:2c:f5:55:ef:80:b8:cf:8a:e7:dc:0e:b6:
6d:0c:ca:0e:c2:5e:ca:17:60:83:f9:2a:0e:b4:76:
3f:37:d2:b6:43:90:76:7a:36:ba:77:52:5e:d9:f9:
d4:53:15:87:5d:c5:0d:98:bc:b2:a8:0a:b1:5e:d9:
94:61:5c:91:26:df:bf:e2:9d:d6:26:69:8f:55:f9:
43:ae:0b:e6:94:08:f3:a9:0e:b9:c8:ba:f0:a4:37:
d1:f5:f3:6e:53:09:8f:15:d6:dd:fe:9c:61:75:0e:
c1:d8:85:62:94:16:93:bc:1e:88:4d:ec:00:07:da:
e8:1f:02:28:93:e6:c5:0b:50:53:b8:16:2d:88:ed:
6f:5d:df:38:20:bb:7e:c6:f4:11:4d:87:f5:9c:52:
18:c8:f8:3c:95:01:ec:9a:53:85:6e:01:bd:9c:73:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:88:2D:3B:28:26:A8:02:1A:53:B5:85:4A:C6:FD:6E:15:53:F8:44
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/nogtOygmqAIaU7WFSsb9bhVT-EQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
01:c6:95:73:83:6f:1e:fe:7a:d7:c4:ab:6f:02:e5:48:fe:b3:
7e:8b:e9:bd:54:d9:97:9c:12:34:e8:5c:15:05:1d:7b:00:f4:
5b:62:74:50:91:8c:99:8c:15:cc:a3:ff:fe:62:ca:2e:f5:5b:
7c:7e:64:67:e2:35:28:93:98:ee:27:3a:99:dc:76:fa:77:ed:
3b:2b:30:e0:0c:62:12:03:9b:64:f7:bd:94:71:1e:d3:4c:ff:
9f:fc:5c:9e:95:0a:08:bf:f2:54:42:27:e8:00:37:51:bd:60:
6b:3b:ee:45:2c:7b:82:a9:c0:4c:10:90:f8:1e:2b:37:a8:41:
04:78:0f:c5:2a:ac:2c:bc:2d:86:46:ae:fb:14:7f:68:c2:05:
d1:f1:be:bb:1c:b7:6f:51:d9:70:47:46:ec:8b:09:1f:4e:12:
3d:13:f3:9e:6e:35:07:13:4c:be:74:f1:21:d9:2a:23:6a:4f:
2c:36:e5:72:28:64:3a:c4:70:af:8f:e6:14:0e:a5:0a:c4:af:
8f:88:76:89:12:c0:51:4e:52:ef:04:b4:ab:02:ca:82:67:6a:
c3:8b:d0:d2:64:56:50:a7:3a:37:59:b6:02:2c:a0:49:7e:df:
2c:3b:bf:d4:25:90:d1:d3:e2:a0:a6:32:26:a0:d4:5e:82:e9:
7a:0b:71:42
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYkqC06q12yF8NYTj9jR8opuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjMwNzA2MDcxMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg4MmQzYjI4MjZhODAyMWE1M2I1ODU0YWM2ZmQ2ZTE1NTNmODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFGvz4GGewIxku84ldYjc69+rdFt
iLr3aLZB7NFz2WGpCq/eCIhaCRFksCVZa38YfuaprewWNWhAHwZk6p1v67dxxEdj
m0BD8YXbv31TdPVcfXJ/AyVOfL16ayos9VXvgLjPiufcDrZtDMoOwl7KF2CD+SoO
tHY/N9K2Q5B2eja6d1Je2fnUUxWHXcUNmLyyqAqxXtmUYVyRJt+/4p3WJmmPVflD
rgvmlAjzqQ65yLrwpDfR9fNuUwmPFdbd/pxhdQ7B2IVilBaTvB6ITewAB9roHwIo
k+bFC1BTuBYtiO1vXd84ILt+xvQRTYf1nFIYyPg8lQHsmlOFbgG9nHNoGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJ6ILTsoJqgCGlO1hUrG/W4VU/hEMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEvbm9ndE95Z21xQUlhVTdXRlNzYjliaFZULUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0MA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEBCwUAA4IB
AQABxpVzg28e/nrXxKtvAuVI/rN+i+m9VNmXnBI06FwVBR17APRbYnRQkYyZjBXM
o//+Ysou9Vt8fmRn4jUok5juJzqZ3Hb6d+07KzDgDGISA5tk972UcR7TTP+f/Fye
lQoIv/JUQifoADdRvWBrO+5FLHuCqcBMEJD4His3qEEEeA/FKqwsvC2GRq77FH9o
wgXR8b67HLdvUdlwR0bsiwkfThI9E/OebjUHE0y+dPEh2Sojak8sNuVyKGQ6xHCv
j+YUDqUKxK+PiHaJEsBRTlLvBLSrAsqCZ2rDi9DSZFZQpzo3WbYCLKBJft8sO7/U
JZDR0+KgpjImoNRegul6C3FC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:10 2024 by rpki-client on console-fra.rpki-client.org