Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7dGAIsIYObVTy8n_LW7XsLJuv2w.roa
File: 7dGAIsIYObVTy8n_LW7XsLJuv2w.roa (raw, json)
Hash identifier: S0JbqDoMj1qnwGulCZrKpcLfiXdhNwUbRicI7R/8TJM=
Subject key identifier: ED:D1:80:22:C2:18:39:B5:53:CB:C9:FF:2D:6E:D7:B0:B2:6E:BF:6C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191FFF409C69EFF0FCC319ABB5B027604B9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7dGAIsIYObVTy8n_LW7XsLJuv2w.roa
Signing time: Tue 17 Sep 2024 12:27:48 +0000
ROA not before: Tue 17 Sep 2024 12:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205175
IP address blocks: 31.13.212.0/24 maxlen: 24
45.81.36.0/24 maxlen: 32
45.91.194.0/24 maxlen: 32
45.91.195.0/24 maxlen: 32
87.121.220.0/24 maxlen: 24
2a00:1728:31::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 10 Oct 2024 07:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:f4:09:c6:9e:ff:0f:cc:31:9a:bb:5b:02:76:04:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 12:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=edd18022c21839b553cbc9ff2d6ed7b0b26ebf6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:59:9c:77:91:b9:7e:51:21:00:7d:a8:3a:2f:
4b:94:05:64:cf:b9:67:00:2e:8b:d0:be:21:70:c0:
4b:dd:05:38:c3:a7:e4:46:c4:80:68:a8:07:75:b2:
4c:d8:ad:b1:c3:1a:49:cd:db:c5:5e:d0:b9:92:2c:
cf:00:78:fe:f5:c9:6d:df:6c:21:8f:cf:e2:19:b9:
93:00:e5:16:76:15:1a:b1:04:46:07:56:3d:80:03:
3f:85:0a:10:35:7b:25:67:5e:74:61:85:42:7d:75:
67:b9:d5:4a:b4:c8:f1:88:d5:d1:ed:8d:7d:0c:39:
18:39:e2:a4:2c:6d:9c:24:b3:ba:3b:1b:8a:a4:65:
f9:e7:98:36:d3:9e:80:01:1d:d4:2b:df:93:56:20:
93:31:26:0c:2b:84:44:28:af:a6:05:4b:f1:5d:cc:
bf:a3:4c:13:f1:8d:4f:bd:bd:c8:1f:73:70:8c:da:
27:1f:68:ac:c8:57:f5:e7:3b:8e:e9:85:ab:25:ec:
c6:3e:73:f3:34:00:59:b3:a2:c4:92:75:7a:1f:f9:
37:c7:27:ab:6f:3b:78:e7:63:70:02:2c:b0:0d:39:
9e:2b:68:23:cf:5f:2f:ad:a6:97:85:1a:80:e6:5b:
73:04:7d:57:64:de:de:a4:19:ff:de:37:65:9f:de:
58:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D1:80:22:C2:18:39:B5:53:CB:C9:FF:2D:6E:D7:B0:B2:6E:BF:6C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7dGAIsIYObVTy8n_LW7XsLJuv2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.212.0/24
45.81.36.0/24
45.91.194.0/23
87.121.220.0/24
IPv6:
2a00:1728:31::/48
Signature Algorithm: sha256WithRSAEncryption
a1:28:5f:03:a3:49:68:11:2b:13:2f:cf:5a:79:51:27:44:2b:
d2:2a:1e:d2:b8:7c:51:04:a5:66:6e:e9:94:45:38:ae:42:e2:
66:d6:08:0a:d4:1b:96:71:f4:0b:fb:8d:a4:84:56:a5:1b:67:
a9:96:1b:57:5c:7b:62:8c:49:38:91:a9:50:cf:33:c6:22:e6:
54:97:10:3a:43:10:39:59:9c:1c:98:ab:42:13:37:b5:29:c3:
7b:45:6d:03:0b:d2:c3:79:99:7b:db:3c:81:4a:02:d0:c1:ea:
e8:f4:17:8c:60:5d:09:88:a4:06:cb:af:7a:ec:64:20:26:df:
74:52:97:e9:02:6b:1e:63:e7:1c:45:20:42:5d:31:f8:8a:3d:
25:12:1f:80:83:ce:04:48:99:1a:00:c3:c5:06:bb:2c:d0:32:
3d:8b:28:ef:35:14:50:b3:a3:fa:85:08:12:d4:0a:66:2d:0d:
c1:22:72:ca:f5:e8:ef:cd:72:23:79:15:6a:68:5b:a3:e8:a5:
ae:e3:11:9f:0f:df:24:08:b6:d1:e7:08:7a:e7:6e:d6:c8:cf:
71:95:fd:b9:21:78:43:38:64:96:bb:54:9b:9e:e1:85:0b:41:
b4:4e:a5:aa:11:0d:8b:aa:ba:20:ad:fc:7a:fd:f6:48:90:c6:
94:b6:1d:03
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZH/9AnGnv8PzDGau1sCdgS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MTIyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGQxODAyMmMyMTgzOWI1NTNjYmM5ZmYyZDZlZDdiMGIyNmViZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVmcd5G5flEhAH2oOi9LlAVkz7ln
AC6L0L4hcMBL3QU4w6fkRsSAaKgHdbJM2K2xwxpJzdvFXtC5kizPAHj+9clt32wh
j8/iGbmTAOUWdhUasQRGB1Y9gAM/hQoQNXslZ150YYVCfXVnudVKtMjxiNXR7Y19
DDkYOeKkLG2cJLO6OxuKpGX555g2056AAR3UK9+TViCTMSYMK4REKK+mBUvxXcy/
o0wT8Y1Pvb3IH3NwjNonH2isyFf15zuO6YWrJezGPnPzNABZs6LEknV6H/k3xyer
bzt452NwAiywDTmeK2gjz18vraaXhRqA5ltzBH1XZN7epBn/3jdln95YhwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFO3RgCLCGDm1U8vJ/y1u17Cybr9sMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN2RHQUlzSVlPYlZUeThuX0xXN1hzTEp1djJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAHw3UAwQA
LVEkAwQBLVvCAwQAV3ncMA8EAgACMAkDBwAqABcoADEwDQYJKoZIhvcNAQELBQAD
ggEBAKEoXwOjSWgRKxMvz1p5USdEK9IqHtK4fFEEpWZu6ZRFOK5C4mbWCArUG5Zx
9Av7jaSEVqUbZ6mWG1dce2KMSTiRqVDPM8Yi5lSXEDpDEDlZnByYq0ITN7Upw3tF
bQML0sN5mXvbPIFKAtDB6uj0F4xgXQmIpAbLr3rsZCAm33RSl+kCax5j5xxFIEJd
MfiKPSUSH4CDzgRImRoAw8UGuyzQMj2LKO81FFCzo/qFCBLUCmYtDcEicsr16O/N
ciN5FWpoW6Popa7jEZ8P3yQIttHnCHrnbtbIz3GV/bkheEM4ZJa7VJue4YULQbRO
paoRDYuquiCt/Hr99kiQxpS2HQM=
-----END CERTIFICATE-----
Generated at Thu Oct 10 10:40:02 2024 by rpki-client on console-ams.rpki-client.org