Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/F6QowwtNWSfuyq6xPz-PnpvtfIc.roa
File: F6QowwtNWSfuyq6xPz-PnpvtfIc.roa (raw, json)
Hash identifier: TEA7h3Mh2CF+AbTH8sxthK1cmWZwXr6lnitKNouRCrw=
Subject key identifier: 17:A4:28:C3:0B:4D:59:27:EE:CA:AE:B1:3F:3F:8F:9E:9B:ED:7C:87
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 0189F814AD143E128E9312DD4FA6E046596F
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/F6QowwtNWSfuyq6xPz-PnpvtfIc.roa
Signing time: Tue 15 Aug 2023 07:24:11 +0000
ROA not before: Tue 15 Aug 2023 07:24:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207728
IP address blocks: 46.28.234.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
194.146.127.0/24 maxlen: 24
185.204.52.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
104.192.42.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 16 Aug 2023 06:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f8:14:ad:14:3e:12:8e:93:12:dd:4f:a6:e0:46:59:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Aug 15 07:24:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17a428c30b4d5927eecaaeb13f3f8f9e9bed7c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:c0:ab:51:dc:6e:0c:61:27:f8:f9:98:3b:
60:45:99:7b:d3:89:06:64:25:b2:b3:0e:7d:1c:a2:
4f:bd:e9:8d:a9:05:9d:00:68:eb:98:8e:e8:44:3a:
86:e6:37:90:29:48:cc:b9:7f:67:40:df:3f:2c:22:
1e:e1:81:d4:5d:62:d3:d7:57:bc:e2:b8:55:e2:36:
89:5b:0b:c5:b8:6d:d3:c3:a0:45:9d:1a:52:1b:61:
e9:42:9c:94:b2:8a:ef:f2:a0:d9:ca:2b:9f:d1:ac:
1e:a8:9a:7c:33:83:40:76:02:66:7d:94:bf:1b:a4:
04:34:73:3f:94:de:a6:b6:9b:01:eb:c8:3e:f1:16:
76:d8:e2:97:f7:10:f7:5d:77:ec:91:c1:82:c2:2e:
43:7d:b8:47:7f:a9:95:2f:58:9e:ac:1c:ad:a5:01:
00:31:cf:a2:7c:05:55:6f:9e:4f:9b:8e:b1:60:c0:
ae:60:30:08:f6:06:d4:21:38:44:6d:c0:ff:43:8f:
4b:70:ae:ca:02:8d:4d:d1:08:d2:ed:78:1f:3f:64:
bd:35:ec:2d:82:e4:84:3f:c8:fa:eb:de:9a:7b:b9:
87:f3:ef:11:0b:06:02:82:1b:6e:9d:c7:6e:e4:82:
a8:81:89:80:99:2a:5c:80:f3:42:df:55:3c:72:a0:
c7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:A4:28:C3:0B:4D:59:27:EE:CA:AE:B1:3F:3F:8F:9E:9B:ED:7C:87
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/F6QowwtNWSfuyq6xPz-PnpvtfIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
46.28.234.0/24
87.236.177.0/24
93.88.74.0/24
104.192.42.0/24
185.162.9.0/24
185.162.11.0/24
185.204.52.0/24
194.146.127.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
79:0a:68:10:03:7b:72:4e:f1:3c:e7:fb:0e:26:41:4e:30:e0:
e8:1d:7e:e5:0e:82:f4:c9:e3:f8:7e:72:eb:90:8c:b2:2e:12:
22:3a:70:7f:4d:6c:31:08:50:98:39:1a:88:70:12:9f:76:02:
1c:5f:34:72:35:fc:25:62:d6:0c:69:5c:87:8d:77:1c:b0:c6:
01:42:17:4b:04:0e:cb:52:f3:22:6f:c8:4b:eb:c2:81:bd:66:
80:af:07:2c:8f:17:c4:e4:11:8b:af:bf:99:59:94:f2:e0:34:
94:c1:5e:ec:55:ed:1b:eb:c2:6c:03:53:c2:85:84:5a:7a:c4:
48:e2:fc:de:4d:3b:f8:9c:54:49:82:3e:7c:ae:f3:a6:89:6a:
20:e7:9a:0e:ab:05:12:cc:a5:c1:a0:9e:d9:63:5a:46:3b:0e:
1b:85:82:da:ee:45:4b:b5:0e:3e:51:26:36:6a:c1:ec:15:fd:
db:3e:da:41:17:eb:91:55:d9:a3:5e:80:76:2c:93:ee:4b:e7:
27:da:8b:b4:f8:13:62:e9:05:fb:c9:d8:58:d9:5d:37:ba:56:
f0:98:82:ab:f7:6e:1d:ac:d0:9b:90:0e:33:1e:b1:a8:6a:eb:
60:41:d7:d1:5e:31:c0:77:0c:cf:69:bc:d4:f7:f0:cc:42:8d:
57:82:a6:bb
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYn4FK0UPhKOkxLdT6bgRllvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwODE1MDcyNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2E0MjhjMzBiNGQ1OTI3ZWVjYWFlYjEzZjNmOGY5ZTliZWQ3Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8XAq1HcbgxhJ/j5mDtgRZl704kG
ZCWysw59HKJPvemNqQWdAGjrmI7oRDqG5jeQKUjMuX9nQN8/LCIe4YHUXWLT11e8
4rhV4jaJWwvFuG3Tw6BFnRpSG2HpQpyUsorv8qDZyiuf0aweqJp8M4NAdgJmfZS/
G6QENHM/lN6mtpsB68g+8RZ22OKX9xD3XXfskcGCwi5DfbhHf6mVL1ierBytpQEA
Mc+ifAVVb55Pm46xYMCuYDAI9gbUIThEbcD/Q49LcK7KAo1N0QjS7XgfP2S9Newt
guSEP8j6696ae7mH8+8RCwYCghtuncdu5IKogYmAmSpcgPNC31U8cqDHCwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBekKMMLTVkn7squsT8/j56b7XyHMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvRjZRb3d3dE5XU2Z1eXE2eFB6LVBucHZ0ZkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQAHwoFAwQB
H9KqAwQAH9KtAwQALhzqAwQAV+yxAwQAXVhKAwQAaMAqAwQAuaIJAwQAuaILAwQA
ucw0AwQAwpJ/MA0EAgACMAcDBQMqEpzAMA0GCSqGSIb3DQEBCwUAA4IBAQB5CmgQ
A3tyTvE85/sOJkFOMODoHX7lDoL0yeP4fnLrkIyyLhIiOnB/TWwxCFCYORqIcBKf
dgIcXzRyNfwlYtYMaVyHjXccsMYBQhdLBA7LUvMib8hL68KBvWaArwcsjxfE5BGL
r7+ZWZTy4DSUwV7sVe0b68JsA1PChYRaesRI4vzeTTv4nFRJgj58rvOmiWog55oO
qwUSzKXBoJ7ZY1pGOw4bhYLa7kVLtQ4+USY2asHsFf3bPtpBF+uRVdmjXoB2LJPu
S+cn2ou0+BNi6QX7ydhY2V03ulbwmIKr924drNCbkA4zHrGoautgQdfRXjHAdwzP
abzU9/DMQo1Xgqa7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org