Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/cG4A6TDGhYVHRG6ynmvgQ6zTPAc.roa
File: cG4A6TDGhYVHRG6ynmvgQ6zTPAc.roa (raw, json)
Hash identifier: OMyDPPrsvFnOI1zyzYE61+dhKQt2DGq0S6QTxAEn8iM=
Subject key identifier: 70:6E:00:E9:30:C6:85:85:47:44:6E:B2:9E:6B:E0:43:AC:D3:3C:07
Certificate issuer: /CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Certificate serial: 01869E2EC04ED1BD5C5F6708023C15DAA372
Authority key identifier: 14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/cG4A6TDGhYVHRG6ynmvgQ6zTPAc.roa
Signing time: Wed 01 Mar 2023 17:18:29 +0000
ROA not before: Wed 01 Mar 2023 17:18:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207728
IP address blocks: 46.28.234.0/24 maxlen: 24
93.88.74.0/24 maxlen: 24
185.162.11.0/24 maxlen: 24
185.162.9.0/24 maxlen: 24
31.10.5.0/24 maxlen: 24
185.204.52.0/24 maxlen: 24
87.236.177.0/24 maxlen: 24
31.210.170.0/23 maxlen: 24
104.192.42.0/24 maxlen: 24
31.210.173.0/24 maxlen: 24
2a12:9cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 14 Aug 2023 10:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:2e:c0:4e:d1:bd:5c:5f:67:08:02:3c:15:da:a3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=149d1f67a41ca2e405017cbe48bafff1733e3869
Validity
Not Before: Mar 1 17:18:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=706e00e930c6858547446eb29e6be043acd33c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f0:18:1c:76:4c:c5:f7:bc:76:5b:c3:11:6e:
d2:1c:d2:b0:fb:29:af:d2:90:70:66:09:cb:22:78:
b5:c9:ac:76:38:22:2e:6e:8e:e7:ef:10:84:4f:14:
fb:9c:f8:90:19:61:a0:bb:58:64:c6:d6:f6:ae:bc:
27:c9:cc:fd:90:8f:cc:26:5e:97:ab:23:11:62:12:
74:3a:6e:c2:c5:e5:4d:12:2f:ab:52:a1:8f:d3:23:
c7:4e:59:76:38:eb:a4:74:3f:0e:90:e9:20:0b:67:
55:e4:af:62:33:4d:1d:77:be:87:91:91:18:5e:e7:
c5:26:fe:cc:e1:70:9c:f3:a3:80:f6:4b:c1:42:49:
7c:a4:ff:41:2e:da:1d:e4:78:ce:06:44:4e:d5:60:
2b:0f:7a:52:b3:c4:92:c8:c8:2e:86:ba:80:50:57:
3f:76:ba:a1:2b:00:16:6b:96:f9:65:0f:f0:08:68:
c0:5b:fd:3f:94:19:02:bf:57:9d:a7:60:16:f6:ad:
9a:2a:ca:a6:67:c7:ec:99:fe:24:0a:a9:e6:97:8c:
b0:2e:d5:56:b2:71:22:b3:36:f7:ce:81:15:24:79:
57:48:a2:a4:b4:0f:36:fd:ab:1c:3d:ce:83:7b:86:
54:54:ea:3b:99:67:fd:80:45:a5:69:02:c5:81:8f:
c1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6E:00:E9:30:C6:85:85:47:44:6E:B2:9E:6B:E0:43:AC:D3:3C:07
X509v3 Authority Key Identifier:
keyid:14:9D:1F:67:A4:1C:A2:E4:05:01:7C:BE:48:BA:FF:F1:73:3E:38:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/cG4A6TDGhYVHRG6ynmvgQ6zTPAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/b5090a-ec58-46db-9dd9-5485682a05f5/1/FJ0fZ6QcouQFAXy-SLr_8XM-OGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.5.0/24
31.210.170.0/23
31.210.173.0/24
46.28.234.0/24
87.236.177.0/24
93.88.74.0/24
104.192.42.0/24
185.162.9.0/24
185.162.11.0/24
185.204.52.0/24
IPv6:
2a12:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
04:58:eb:0b:77:7b:2b:47:a7:bb:b6:3b:70:72:ad:b8:43:c4:
76:db:64:42:4b:ab:e8:f7:f2:19:e1:27:1b:5e:9e:dd:e4:e7:
52:f5:fe:42:f7:01:d7:96:9a:11:99:a6:1f:1b:9d:aa:16:ce:
3c:2d:23:a6:3d:7d:d2:66:9a:98:fb:98:b8:9b:13:fa:00:2c:
7b:df:af:a4:23:57:d0:a1:ba:eb:36:57:19:2b:7c:9a:6e:c7:
4c:d2:64:93:66:16:dd:6a:4d:81:82:0f:27:1a:f6:e9:49:28:
2d:ed:ec:71:0d:0b:4f:b3:24:2e:18:13:5b:03:7e:d0:ab:23:
64:45:c7:17:36:d8:62:e4:b0:e4:a7:3f:81:45:31:ac:b4:8f:
e1:b0:14:3c:56:30:4a:8f:68:e3:b7:3d:b4:23:3f:15:d6:8e:
b4:5b:fb:99:84:03:60:71:db:88:34:c8:e3:85:9b:be:58:85:
16:0b:eb:f6:dc:db:69:60:f4:4b:49:30:31:a0:1c:82:dd:de:
94:22:a2:f5:d5:70:32:cd:73:98:cd:8d:82:ac:ba:71:9d:23:
08:6a:aa:53:b0:45:0e:44:44:50:ae:02:9c:b4:87:d5:d1:19:
00:f6:19:12:43:04:ab:9a:c4:41:5d:69:4f:b6:00:a0:49:aa:
3b:56:99:f7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYaeLsBO0b1cX2cIAjwV2qNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0OWQxZjY3YTQxY2EyZTQwNTAxN2NiZTQ4YmFmZmYxNzMz
ZTM4NjkwHhcNMjMwMzAxMTcxODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDZlMDBlOTMwYzY4NTg1NDc0NDZlYjI5ZTZiZTA0M2FjZDMzYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPAYHHZMxfe8dlvDEW7SHNKw+ymv
0pBwZgnLIni1yax2OCIubo7n7xCETxT7nPiQGWGgu1hkxtb2rrwnycz9kI/MJl6X
qyMRYhJ0Om7CxeVNEi+rUqGP0yPHTll2OOukdD8OkOkgC2dV5K9iM00dd76HkZEY
XufFJv7M4XCc86OA9kvBQkl8pP9BLtod5HjOBkRO1WArD3pSs8SSyMguhrqAUFc/
drqhKwAWa5b5ZQ/wCGjAW/0/lBkCv1edp2AW9q2aKsqmZ8fsmf4kCqnml4ywLtVW
snEiszb3zoEVJHlXSKKktA82/ascPc6De4ZUVOo7mWf9gEWlaQLFgY/BzQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHBuAOkwxoWFR0Rusp5r4EOs0zwHMB8GA1UdIwQY
MBaAFBSdH2ekHKLkBQF8vki6//FzPjhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDkt
NTQ4NTY4MmEwNWY1LzEvY0c0QTZUREdoWVZIUkc2eW5tdmdRNnpUUEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iNTA5MGEtZWM1OC00NmRiLTlkZDktNTQ4NTY4MmEwNWY1
LzEvRkowZlo2UWNvdVFGQVh5LVNMcl84WE0tT0drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAHwoFAwQB
H9KqAwQAH9KtAwQALhzqAwQAV+yxAwQAXVhKAwQAaMAqAwQAuaIJAwQAuaILAwQA
ucw0MA0EAgACMAcDBQMqEpzAMA0GCSqGSIb3DQEBCwUAA4IBAQAEWOsLd3srR6e7
tjtwcq24Q8R222RCS6vo9/IZ4ScbXp7d5OdS9f5C9wHXlpoRmaYfG52qFs48LSOm
PX3SZpqY+5i4mxP6ACx736+kI1fQobrrNlcZK3yabsdM0mSTZhbdak2Bgg8nGvbp
SSgt7exxDQtPsyQuGBNbA37QqyNkRccXNthi5LDkpz+BRTGstI/hsBQ8VjBKj2jj
tz20Iz8V1o60W/uZhANgcduINMjjhZu+WIUWC+v23NtpYPRLSTAxoByC3d6UIqL1
1XAyzXOYzY2CrLpxnSMIaqpTsEUORERQrgKctIfV0RkA9hkSQwSrmsRBXWlPtgCg
Sao7Vpn3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org