Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/cDk4FrIRv47_CGphzUqNX88kMqE.roa
File: cDk4FrIRv47_CGphzUqNX88kMqE.roa (raw, json)
Hash identifier: +q6qogqlafShKxSwcHtZ8QwnBQTW9njU6yc/AkDotgY=
Subject key identifier: 70:39:38:16:B2:11:BF:8E:FF:08:6A:61:CD:4A:8D:5F:CF:24:32:A1
Certificate issuer: /CN=caaee579e013218f571386413e2c5b2bc245a836
Certificate serial: 018570CBF1D1599CFD2EC1A0EA0345EBDEA3
Authority key identifier: CA:AE:E5:79:E0:13:21:8F:57:13:86:41:3E:2C:5B:2B:C2:45:A8:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yq7leeATIY9XE4ZBPixbK8JFqDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/cDk4FrIRv47_CGphzUqNX88kMqE.roa
Signing time: Mon 02 Jan 2023 04:44:51 +0000
ROA not before: Mon 02 Jan 2023 04:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208349
IP address blocks: 31.10.7.0/24 maxlen: 24
77.105.157.0/24 maxlen: 24
77.105.156.0/24 maxlen: 24
185.31.133.0/24 maxlen: 24
45.134.125.0/24 maxlen: 24
45.134.124.0/22 maxlen: 22
45.134.124.0/24 maxlen: 24
45.134.127.0/24 maxlen: 24
45.134.126.0/24 maxlen: 24
2a0e:7e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 15 Oct 2023 12:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:f1:d1:59:9c:fd:2e:c1:a0:ea:03:45:eb:de:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caaee579e013218f571386413e2c5b2bc245a836
Validity
Not Before: Jan 2 04:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70393816b211bf8eff086a61cd4a8d5fcf2432a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:77:dd:3a:4c:9a:15:5b:1c:05:14:02:e2:a6:
e4:6e:08:99:8d:e2:0a:4a:47:56:67:84:7b:5b:d2:
d4:60:2d:e1:2b:ef:ae:e7:8f:95:16:6d:a3:f3:d0:
f1:dc:26:ed:a5:83:72:76:7f:23:64:c2:61:1a:c8:
c8:02:b2:7a:12:1d:bb:1f:1a:1b:8b:30:02:f2:b3:
2a:77:3d:92:da:bf:88:fc:53:c5:41:7f:7e:8a:fc:
a7:82:a6:cb:15:4a:e4:f9:42:ad:2c:b9:0b:22:0f:
94:07:16:87:7f:51:62:77:90:a9:67:c9:0b:b8:d8:
10:98:a5:3f:c8:ea:e9:50:6e:2d:57:3f:99:86:eb:
a4:ca:c0:5a:25:d3:77:04:28:c2:a3:09:b4:0b:70:
b4:ff:43:ef:a4:18:17:d8:ca:d4:bd:ee:10:b3:b0:
ec:6b:65:29:e8:16:9f:9a:86:67:74:aa:66:5b:5d:
12:7a:fa:f9:26:37:97:9e:01:22:84:4f:ae:9f:20:
4a:67:70:81:1f:d6:96:4c:3c:c1:9c:d7:0a:d1:f8:
ef:1a:98:4c:43:f8:93:7e:7c:d3:b2:06:97:35:8c:
58:bb:f1:ac:54:92:ba:cf:3f:1b:67:1d:22:1a:8d:
91:9a:d8:4b:bc:e4:b0:35:ce:30:a0:ff:4e:1a:d0:
72:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:39:38:16:B2:11:BF:8E:FF:08:6A:61:CD:4A:8D:5F:CF:24:32:A1
X509v3 Authority Key Identifier:
keyid:CA:AE:E5:79:E0:13:21:8F:57:13:86:41:3E:2C:5B:2B:C2:45:A8:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yq7leeATIY9XE4ZBPixbK8JFqDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/cDk4FrIRv47_CGphzUqNX88kMqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/759874-e7f2-45fd-819d-a5d1148f25bd/1/yq7leeATIY9XE4ZBPixbK8JFqDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.7.0/24
45.134.124.0/22
77.105.156.0/23
185.31.133.0/24
IPv6:
2a0e:7e40::/29
Signature Algorithm: sha256WithRSAEncryption
65:58:92:33:7d:88:ca:f0:18:2f:fc:60:26:91:33:7f:dc:d0:
32:a9:80:09:41:84:5f:35:2e:8d:51:69:e2:d1:66:ff:b6:b6:
3d:0c:b3:1c:85:6b:b5:80:00:61:70:df:8d:9f:2c:1c:d0:11:
57:7e:4a:76:27:62:f4:da:0a:b5:4b:fc:2d:0b:b4:44:41:dc:
26:d5:93:0d:fa:10:d6:8c:b0:17:f9:cd:ba:ef:70:9b:85:8a:
42:6d:31:53:c6:c8:47:62:ac:16:1d:b9:aa:ed:df:7e:c6:32:
e7:fc:06:f5:c4:e6:94:38:47:c4:24:64:ec:b0:a5:da:2d:3c:
30:99:d2:79:1a:d2:50:4c:be:91:0f:c0:dc:18:a5:c7:bb:72:
a5:e4:ff:fb:0a:8c:48:f8:32:30:65:74:0e:0f:b0:8e:5d:90:
33:95:7b:f8:5a:ea:4f:c9:e4:17:17:e2:b6:05:d2:57:af:8d:
01:7a:1d:e1:ad:5f:64:66:ec:05:af:ee:ef:db:a0:60:a1:8e:
1e:33:ae:33:fd:cc:69:dd:ea:dd:fb:ab:20:c5:32:9f:df:f9:
18:cb:55:e7:c8:2e:71:ae:f8:e3:bf:d9:33:7f:49:75:ef:61:
1d:12:91:0a:55:dd:54:55:2d:86:02:09:41:fa:60:43:37:8c:
2e:32:05:87
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwy/HRWZz9LsGg6gNF696jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYWVlNTc5ZTAxMzIxOGY1NzEzODY0MTNlMmM1YjJiYzI0
NWE4MzYwHhcNMjMwMTAyMDQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM5MzgxNmIyMTFiZjhlZmYwODZhNjFjZDRhOGQ1ZmNmMjQzMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nfdOkyaFVscBRQC4qbkbgiZjeIK
SkdWZ4R7W9LUYC3hK++u54+VFm2j89Dx3CbtpYNydn8jZMJhGsjIArJ6Eh27Hxob
izAC8rMqdz2S2r+I/FPFQX9+ivyngqbLFUrk+UKtLLkLIg+UBxaHf1Fid5CpZ8kL
uNgQmKU/yOrpUG4tVz+ZhuukysBaJdN3BCjCowm0C3C0/0PvpBgX2MrUve4Qs7Ds
a2Up6BafmoZndKpmW10Sevr5JjeXngEihE+unyBKZ3CBH9aWTDzBnNcK0fjvGphM
Q/iTfnzTsgaXNYxYu/GsVJK6zz8bZx0iGo2RmthLvOSwNc4woP9OGtByYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHA5OBayEb+O/whqYc1KjV/PJDKhMB8GA1UdIwQY
MBaAFMqu5XngEyGPVxOGQT4sWyvCRag2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXE3bGVlQVRJWTlYRTRaQlBpeGJLOEpGcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC83NTk4NzQtZTdmMi00NWZkLTgxOWQt
YTVkMTE0OGYyNWJkLzEvY0RrNEZySVJ2NDdfQ0dwaHpVcU5YODhrTXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC83NTk4NzQtZTdmMi00NWZkLTgxOWQtYTVkMTE0OGYyNWJk
LzEveXE3bGVlQVRJWTlYRTRaQlBpeGJLOEpGcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHwoHAwQC
LYZ8AwQBTWmcAwQAuR+FMA0EAgACMAcDBQMqDn5AMA0GCSqGSIb3DQEBCwUAA4IB
AQBlWJIzfYjK8Bgv/GAmkTN/3NAyqYAJQYRfNS6NUWni0Wb/trY9DLMchWu1gABh
cN+Nnywc0BFXfkp2J2L02gq1S/wtC7REQdwm1ZMN+hDWjLAX+c2673CbhYpCbTFT
xshHYqwWHbmq7d9+xjLn/Ab1xOaUOEfEJGTssKXaLTwwmdJ5GtJQTL6RD8DcGKXH
u3Kl5P/7CoxI+DIwZXQOD7COXZAzlXv4WupPyeQXF+K2BdJXr40Beh3hrV9kZuwF
r+7v26BgoY4eM64z/cxp3erd+6sgxTKf3/kYy1XnyC5xrvjjv9kzf0l172EdEpEK
Vd1UVS2GAglB+mBDN4wuMgWH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:59 2024 by rpki-client on console-fra.rpki-client.org