Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bPa1TPgqc9tURixTobqhZ9g48lE.roa
File: bPa1TPgqc9tURixTobqhZ9g48lE.roa (raw, json)
Hash identifier: 027BW/BdDnLSWRE4ODGXoal7HBVPB1YX50oOotsM18E=
Subject key identifier: 6C:F6:B5:4C:F8:2A:73:DB:54:46:2C:53:A1:BA:A1:67:D8:38:F2:51
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019053CBF85847408ABC5478A4B8A0F4CE17
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bPa1TPgqc9tURixTobqhZ9g48lE.roa
Signing time: Wed 26 Jun 2024 09:06:34 +0000
ROA not before: Wed 26 Jun 2024 09:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59598
IP address blocks: 31.25.88.0/23 maxlen: 24
91.132.56.0/24 maxlen: 24
185.215.247.0/24 maxlen: 24
185.217.108.0/22 maxlen: 24
212.107.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 20:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:cb:f8:58:47:40:8a:bc:54:78:a4:b8:a0:f4:ce:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 26 09:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf6b54cf82a73db54462c53a1baa167d838f251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:08:ab:07:da:6f:45:df:e1:2e:5f:b6:4d:90:
53:58:57:f5:d7:7e:00:92:07:bc:8e:96:66:7b:7f:
9c:d4:bf:82:12:31:2c:85:98:59:80:f2:02:ec:73:
1a:58:dc:8e:52:1d:98:57:1f:cf:8c:e4:72:e7:a0:
98:48:c0:40:30:c6:8c:af:46:23:93:09:90:b7:7c:
8d:36:cb:41:96:9d:57:f6:c7:1a:f1:34:ec:6c:28:
36:d5:dc:7a:4f:0c:7d:ee:53:49:6a:af:8f:5d:aa:
a6:f6:af:96:65:26:70:5a:93:c8:d5:79:83:a6:60:
52:14:40:ca:95:1e:f2:18:29:12:25:89:77:07:7a:
7a:67:46:18:17:91:57:57:f7:f3:bc:e8:de:c4:0d:
a1:36:95:82:d2:a0:b8:ff:a0:7e:3d:5b:9e:6b:37:
39:93:e1:30:62:5d:ad:17:d2:92:00:37:79:17:4b:
89:93:54:f5:07:bf:45:ba:aa:a6:3c:1a:ca:87:fe:
93:47:99:62:ee:8e:7c:9e:30:eb:17:2d:6b:8b:4e:
eb:06:7a:5d:9e:8a:26:25:28:a3:99:e8:de:67:cf:
7d:d4:44:35:9a:a9:ec:e8:e8:d7:33:37:29:f7:66:
28:09:68:ce:13:1f:5e:d9:0b:84:7d:03:92:b6:4c:
76:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F6:B5:4C:F8:2A:73:DB:54:46:2C:53:A1:BA:A1:67:D8:38:F2:51
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/bPa1TPgqc9tURixTobqhZ9g48lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/23
91.132.56.0/24
185.215.247.0/24
185.217.108.0/22
212.107.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:ed:39:46:52:8e:65:bf:08:7e:6b:a8:8a:bb:33:38:84:04:
8c:47:39:72:d2:c7:c3:86:6e:bf:59:18:ed:06:5b:b9:4b:77:
00:29:bf:96:ff:70:d9:93:08:34:ff:0c:60:42:db:06:fe:b8:
87:40:c1:81:69:57:c3:3d:8a:d3:65:bd:51:aa:39:ec:e4:5b:
d2:25:ff:44:18:ab:b5:4a:f8:87:8a:a6:9e:76:7a:d6:c3:ab:
34:6a:92:6a:0d:59:c0:26:32:a3:01:47:43:50:a3:a7:ed:39:
90:84:b1:40:27:53:31:e7:e9:c9:45:34:62:3b:e6:d5:d0:29:
63:04:7d:63:7d:fc:dc:8e:e5:26:5c:f7:8f:88:44:e6:28:51:
35:52:9b:19:67:8c:d2:cd:1b:49:f5:04:f8:ca:f2:a5:42:49:
7b:7f:55:83:f2:ab:99:2b:ea:d3:bc:53:39:6f:35:35:79:16:
b0:43:c7:5d:df:26:e2:9f:2d:cc:27:02:a8:42:60:dd:8c:bc:
f1:ba:75:49:f0:95:8b:05:20:90:08:29:2e:a9:d3:6e:49:45:
4c:43:88:2e:8f:49:50:63:30:73:ac:1b:b5:6d:ed:1c:33:a5:
02:82:a5:46:bb:57:2b:b6:cd:cf:26:aa:7b:42:1e:57:ef:21:
79:4f:aa:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZBTy/hYR0CKvFR4pLig9M4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNjI2MDkwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y2YjU0Y2Y4MmE3M2RiNTQ0NjJjNTNhMWJhYTE2N2Q4MzhmMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AirB9pvRd/hLl+2TZBTWFf1134A
kge8jpZme3+c1L+CEjEshZhZgPIC7HMaWNyOUh2YVx/PjORy56CYSMBAMMaMr0Yj
kwmQt3yNNstBlp1X9sca8TTsbCg21dx6Twx97lNJaq+PXaqm9q+WZSZwWpPI1XmD
pmBSFEDKlR7yGCkSJYl3B3p6Z0YYF5FXV/fzvOjexA2hNpWC0qC4/6B+PVueazc5
k+EwYl2tF9KSADd5F0uJk1T1B79FuqqmPBrKh/6TR5li7o58njDrFy1ri07rBnpd
noomJSijmejeZ8991EQ1mqns6OjXMzcp92YoCWjOEx9e2QuEfQOStkx2HwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGz2tUz4KnPbVEYsU6G6oWfYOPJRMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYlBhMVRQZ3FjOXRVUml4VG9icWhaOWc0OGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHxlYAwQA
W4Q4AwQAudf3AwQCudlsAwQC1GscMA0GCSqGSIb3DQEBCwUAA4IBAQCK7TlGUo5l
vwh+a6iKuzM4hASMRzly0sfDhm6/WRjtBlu5S3cAKb+W/3DZkwg0/wxgQtsG/riH
QMGBaVfDPYrTZb1Rqjns5FvSJf9EGKu1SviHiqaednrWw6s0apJqDVnAJjKjAUdD
UKOn7TmQhLFAJ1Mx5+nJRTRiO+bV0CljBH1jffzcjuUmXPePiETmKFE1UpsZZ4zS
zRtJ9QT4yvKlQkl7f1WD8quZK+rTvFM5bzU1eRawQ8dd3ybiny3MJwKoQmDdjLzx
unVJ8JWLBSCQCCkuqdNuSUVMQ4guj0lQYzBzrBu1be0cM6UCgqVGu1crts3PJqp7
Qh5X7yF5T6qL
-----END CERTIFICATE-----
Generated at Wed Jul 24 00:27:29 2024 by rpki-client on console-fra.rpki-client.org