Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/cPuCjWzWQmLG9FTq6j9zwIL80l8.roa
File: cPuCjWzWQmLG9FTq6j9zwIL80l8.roa (raw, json)
Hash identifier: 6IURVJRlqDQ9osaUucjEY+8d3uB2O1FjEWD95ElbCZo=
Subject key identifier: 70:FB:82:8D:6C:D6:42:62:C6:F4:54:EA:EA:3F:73:C0:82:FC:D2:5F
Certificate issuer: /CN=daf0a39cfadf910f6b132ad228e606561887a06c
Certificate serial: 01856C010FA04F5D8917838DBEA90EBE8FA9
Authority key identifier: DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/cPuCjWzWQmLG9FTq6j9zwIL80l8.roa
Signing time: Sun 01 Jan 2023 06:24:46 +0000
ROA not before: Sun 01 Jan 2023 06:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29413
IP address blocks: 185.91.48.0/22 maxlen: 24
213.149.80.0/20 maxlen: 24
31.187.80.0/22 maxlen: 24
213.178.16.0/20 maxlen: 24
31.187.88.0/22 maxlen: 24
217.72.208.0/20 maxlen: 24
185.31.60.0/22 maxlen: 24
46.31.216.0/21 maxlen: 24
88.133.224.0/21 maxlen: 24
91.217.176.0/24 maxlen: 24
37.156.80.0/20 maxlen: 24
88.133.160.0/20 maxlen: 24
2a02:2488::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:0f:a0:4f:5d:89:17:83:8d:be:a9:0e:be:8f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daf0a39cfadf910f6b132ad228e606561887a06c
Validity
Not Before: Jan 1 06:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70fb828d6cd64262c6f454eaea3f73c082fcd25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0f:24:6a:c0:9b:79:5a:28:26:f7:b3:fd:ed:
fd:f8:ee:c6:75:40:2b:a9:4a:15:34:c0:b7:42:7b:
01:3c:0c:b5:b1:a0:1b:d4:19:ed:6a:34:23:68:e4:
30:2f:bb:32:ca:72:d3:13:f6:e0:6a:38:ba:d7:fc:
d1:17:be:9b:6a:22:f0:51:fa:d3:f3:51:e2:6f:41:
c5:4f:61:b1:32:ae:1a:91:73:92:48:a3:1d:ee:95:
c6:b2:fa:4d:40:f0:ad:79:41:a9:8a:5d:3c:6b:d6:
ca:2a:c9:1c:92:e8:43:dc:d8:db:ba:b1:fc:15:86:
4f:59:df:9a:ac:d7:61:5f:0b:25:6c:f2:89:91:4d:
f9:6f:1c:e7:2f:9f:ff:04:31:9e:88:6d:a1:31:48:
28:5f:e5:ae:28:13:d2:1a:28:1e:80:94:86:15:06:
dd:07:82:88:94:a1:7b:ff:4c:24:42:ad:c1:4f:95:
ec:f6:a6:6c:16:a2:41:67:78:f2:58:15:76:49:44:
12:2a:7d:0d:9d:ae:7a:64:45:6b:f7:11:a8:f9:ea:
80:42:8b:76:00:77:92:9a:9f:9f:c1:b8:3d:41:29:
c8:86:f6:6c:cb:0e:97:9e:17:df:f0:ca:d1:29:0d:
20:b6:5a:a5:9c:6a:77:84:fd:5f:b1:dd:04:7e:ae:
28:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FB:82:8D:6C:D6:42:62:C6:F4:54:EA:EA:3F:73:C0:82:FC:D2:5F
X509v3 Authority Key Identifier:
keyid:DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/cPuCjWzWQmLG9FTq6j9zwIL80l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.80.0/22
31.187.88.0/22
37.156.80.0/20
46.31.216.0/21
88.133.160.0/20
88.133.224.0/21
91.217.176.0/24
185.31.60.0/22
185.91.48.0/22
213.149.80.0/20
213.178.16.0/20
217.72.208.0/20
IPv6:
2a02:2488::/32
Signature Algorithm: sha256WithRSAEncryption
72:60:cd:7c:e2:be:c8:1f:30:7e:15:ac:ef:9f:0c:85:ed:89:
4f:4a:b6:ca:4b:10:4f:94:0d:94:94:f1:36:c1:df:fb:25:e6:
a4:e3:f2:54:73:67:77:b4:8e:95:f6:53:20:b0:49:a8:8e:66:
1d:73:bc:ed:55:f2:3a:19:13:7a:57:90:d1:8e:3a:4f:92:6b:
8c:05:de:20:09:20:74:fe:81:d9:82:fb:df:46:43:f7:50:cb:
ed:6c:91:a7:e9:8e:be:af:8a:eb:46:1d:ba:ea:c7:d3:cc:57:
d3:7d:69:d3:33:2d:44:e6:9b:c1:32:53:72:55:bc:67:8b:2a:
88:12:cd:c6:d5:74:41:70:15:d7:b7:06:e9:78:9d:f1:83:5c:
e4:cb:f6:13:eb:c9:9f:60:75:7a:40:c5:6f:4d:d6:b7:19:1d:
aa:3c:2d:60:b2:e1:a5:c1:8f:b4:0d:06:b7:7e:99:7c:28:dc:
05:2c:d4:2a:35:2c:12:77:d9:ca:74:97:a9:70:bf:c6:cb:09:
29:fe:0e:eb:11:ee:1a:c4:1e:e7:4c:29:8c:7d:cb:28:10:39:
65:f8:8a:8d:21:a5:74:48:b1:2b:51:5f:34:dd:22:af:22:29:
9b:23:cc:43:db:7c:b2:ce:f2:9f:1d:5d:0a:7d:7c:dc:09:82:
87:98:a8:e0
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVsAQ+gT12JF4ONvqkOvo+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZjBhMzljZmFkZjkxMGY2YjEzMmFkMjI4ZTYwNjU2MTg4
N2EwNmMwHhcNMjMwMTAxMDYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGZiODI4ZDZjZDY0MjYyYzZmNDU0ZWFlYTNmNzNjMDgyZmNkMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow8kasCbeVooJvez/e39+O7GdUAr
qUoVNMC3QnsBPAy1saAb1BntajQjaOQwL7syynLTE/bgaji61/zRF76baiLwUfrT
81Hib0HFT2GxMq4akXOSSKMd7pXGsvpNQPCteUGpil08a9bKKskckuhD3NjburH8
FYZPWd+arNdhXwslbPKJkU35bxznL5//BDGeiG2hMUgoX+WuKBPSGigegJSGFQbd
B4KIlKF7/0wkQq3BT5Xs9qZsFqJBZ3jyWBV2SUQSKn0Nna56ZEVr9xGo+eqAQot2
AHeSmp+fwbg9QSnIhvZsyw6Xnhff8MrRKQ0gtlqlnGp3hP1fsd0Efq4oywIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHD7go1s1kJixvRU6uo/c8CC/NJfMB8GA1UdIwQY
MBaAFNrwo5z635EPaxMq0ijmBlYYh6BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMt
OTJiMjA3ZjY0MWIxLzEvY1B1Q2pXeldRbUxHOUZUcTZqOXp3SUw4MGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMtOTJiMjA3ZjY0MWIx
LzEvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH7tQAwQC
H7tYAwQEJZxQAwQDLh/YAwQEWIWgAwQDWIXgAwQAW9mwAwQCuR88AwQCuVswAwQE
1ZVQAwQE1bIQAwQE2UjQMA0EAgACMAcDBQAqAiSIMA0GCSqGSIb3DQEBCwUAA4IB
AQByYM184r7IHzB+FazvnwyF7YlPSrbKSxBPlA2UlPE2wd/7Jeak4/JUc2d3tI6V
9lMgsEmojmYdc7ztVfI6GRN6V5DRjjpPkmuMBd4gCSB0/oHZgvvfRkP3UMvtbJGn
6Y6+r4rrRh266sfTzFfTfWnTMy1E5pvBMlNyVbxniyqIEs3G1XRBcBXXtwbpeJ3x
g1zky/YT68mfYHV6QMVvTda3GR2qPC1gsuGlwY+0DQa3fpl8KNwFLNQqNSwSd9nK
dJepcL/Gywkp/g7rEe4axB7nTCmMfcsoEDll+IqNIaV0SLErUV803SKvIimbI8xD
23yyzvKfHV0KfXzcCYKHmKjg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:32 2024 by rpki-client on console-fra.rpki-client.org