Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/DRmo7lgeExAiZ_xqAEPgoaQwkwY.roa
File: DRmo7lgeExAiZ_xqAEPgoaQwkwY.roa (raw, json)
Hash identifier: zSEUbPrPllAzXDuDsDHjw2jKsQCg3pdvoMotLeq2NHk=
Subject key identifier: 0D:19:A8:EE:58:1E:13:10:22:67:FC:6A:00:43:E0:A1:A4:30:93:06
Certificate issuer: /CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Certificate serial: 0185708CAC3F0D17DD4401D8E880EC5780DC
Authority key identifier: 6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/DRmo7lgeExAiZ_xqAEPgoaQwkwY.roa
Signing time: Mon 02 Jan 2023 03:35:45 +0000
ROA not before: Mon 02 Jan 2023 03:35:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203489
IP address blocks: 213.137.32.0/19 maxlen: 21
82.145.160.0/19 maxlen: 19
178.20.72.0/21 maxlen: 21
31.24.136.0/21 maxlen: 21
69.172.96.0/19 maxlen: 19
185.3.36.0/22 maxlen: 22
2a00:fa80::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:ac:3f:0d:17:dd:44:01:d8:e8:80:ec:57:80:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Validity
Not Before: Jan 2 03:35:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d19a8ee581e13102267fc6a0043e0a1a4309306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ea:a1:ba:c6:24:90:ee:72:fc:ba:dc:e4:96:
7c:ad:e9:ba:2d:5b:b8:f4:2d:80:b7:dc:84:f0:32:
38:83:d7:7e:77:da:ee:a3:bb:f6:57:18:4a:0c:71:
3f:8a:50:7b:46:6d:a7:bd:b1:df:a0:09:4b:12:5a:
22:75:a9:c9:47:22:35:dd:e7:7a:89:65:46:0d:da:
c3:29:b1:d8:9a:dd:98:38:a4:c7:0b:b5:80:2a:5b:
d4:cc:ab:6f:15:eb:aa:4d:c1:f8:72:3b:01:8e:56:
ca:65:bf:eb:42:86:94:31:2c:c9:2b:f8:43:b3:13:
f0:ea:26:c8:45:d3:4a:d9:af:91:7e:11:f6:a9:b6:
ec:6f:6f:80:a8:5a:6b:ee:13:fb:5b:8b:41:6b:6d:
6a:07:fc:6b:6a:fd:8d:57:ca:46:cf:2f:74:79:eb:
7a:20:ad:d8:3a:e5:63:7b:d7:80:4b:6c:ed:00:5c:
41:2f:48:c4:d4:05:93:4d:51:62:e7:c5:02:71:86:
2a:96:ff:4b:f2:f0:41:5a:70:13:70:52:ba:94:4e:
ca:b5:5d:2d:cb:3c:19:ff:90:1e:17:65:6d:84:e1:
cb:d1:c8:c0:86:11:94:20:7f:77:09:63:70:e8:2f:
4d:76:73:5c:18:7e:0e:bc:f5:51:1b:e1:52:4f:71:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:19:A8:EE:58:1E:13:10:22:67:FC:6A:00:43:E0:A1:A4:30:93:06
X509v3 Authority Key Identifier:
keyid:6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/DRmo7lgeExAiZ_xqAEPgoaQwkwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.136.0/21
69.172.96.0/19
82.145.160.0/19
178.20.72.0/21
185.3.36.0/22
213.137.32.0/19
IPv6:
2a00:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
40:ed:41:25:f6:7b:25:12:d4:8b:59:92:00:25:8d:b8:7c:a7:
1d:54:09:fb:b9:9b:e5:20:bc:4c:78:3c:50:63:cc:c7:40:e2:
2d:33:a4:42:96:46:d2:20:c1:83:ae:87:9a:ee:e0:67:a8:45:
31:b2:68:28:14:40:3b:09:84:17:ec:2c:3f:b2:85:2d:ea:a4:
4a:06:1a:fc:1e:36:22:39:2b:f0:96:69:91:69:d5:29:15:6e:
ce:7b:2b:17:22:ea:80:d6:54:88:5d:d8:11:04:d7:51:00:cc:
5c:ce:ab:17:5b:79:07:ed:6b:bc:ed:c1:19:2f:3e:96:7b:65:
b7:00:a3:8b:6e:0f:aa:6a:12:d4:d8:43:19:2d:11:20:00:68:
47:d0:d4:0f:10:db:a9:20:20:9a:91:c2:74:f3:3c:43:0e:93:
f6:d4:1d:6d:c9:ba:2c:43:d7:98:9d:2c:55:80:f6:8a:e0:7a:
07:ff:b6:85:df:e8:f3:5b:f5:9d:bb:11:9d:8c:2a:18:68:00:
7b:57:09:cc:84:54:6b:00:c7:e1:07:a0:3f:7a:6f:8e:de:50:
ac:55:7f:e7:e9:68:92:6f:5c:b6:be:3b:9b:e9:db:a6:51:b6:
6c:19:61:ce:a5:76:51:68:9a:91:8f:6e:05:29:c2:86:7e:ec:
eb:ba:aa:b5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwjKw/DRfdRAHY6IDsV4DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjdiOWNlZTAwNDMwMGVhZmUwOWJmMTJmY2I2ZGExZGQz
MGE0ZDcwHhcNMjMwMTAyMDMzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE5YThlZTU4MWUxMzEwMjI2N2ZjNmEwMDQzZTBhMWE0MzA5MzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eqhusYkkO5y/Lrc5JZ8rem6LVu4
9C2At9yE8DI4g9d+d9ruo7v2VxhKDHE/ilB7Rm2nvbHfoAlLEloidanJRyI13ed6
iWVGDdrDKbHYmt2YOKTHC7WAKlvUzKtvFeuqTcH4cjsBjlbKZb/rQoaUMSzJK/hD
sxPw6ibIRdNK2a+RfhH2qbbsb2+AqFpr7hP7W4tBa21qB/xrav2NV8pGzy90eet6
IK3YOuVje9eAS2ztAFxBL0jE1AWTTVFi58UCcYYqlv9L8vBBWnATcFK6lE7KtV0t
yzwZ/5AeF2VthOHL0cjAhhGUIH93CWNw6C9NdnNcGH4OvPVRG+FST3G7FwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFA0ZqO5YHhMQImf8agBD4KGkMJMGMB8GA1UdIwQY
MBaAFGq3uc7gBDAOr+Cb8S/LbaHdMKTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYt
ODhhYTZmZDBhYThlLzEvRFJtbzdsZ2VFeEFpWl94cUFFUGdvYVF3a3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYtODhhYTZmZDBhYThl
LzEvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHxiIAwQF
RaxgAwQFUpGgAwQDshRIAwQCuQMkAwQF1YkgMA0EAgACMAcDBQMqAPqAMA0GCSqG
SIb3DQEBCwUAA4IBAQBA7UEl9nslEtSLWZIAJY24fKcdVAn7uZvlILxMeDxQY8zH
QOItM6RClkbSIMGDroea7uBnqEUxsmgoFEA7CYQX7Cw/soUt6qRKBhr8HjYiOSvw
lmmRadUpFW7OeysXIuqA1lSIXdgRBNdRAMxczqsXW3kH7Wu87cEZLz6We2W3AKOL
bg+qahLU2EMZLREgAGhH0NQPENupICCakcJ08zxDDpP21B1tybosQ9eYnSxVgPaK
4HoH/7aF3+jzW/WduxGdjCoYaAB7VwnMhFRrAMfhB6A/em+O3lCsVX/n6WiSb1y2
vjub6dumUbZsGWHOpXZRaJqRj24FKcKGfuzruqq1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:42 2024 by rpki-client on console-ams.rpki-client.org