Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L9jcxOp-Y-NBTXajIBChjX7qI5M.roa
File: L9jcxOp-Y-NBTXajIBChjX7qI5M.roa (raw, json)
Hash identifier: jcM/AoDmRpBOkiFDRwQnr3cZDKIIQJ7qADyF1oKHURw=
Subject key identifier: 2F:D8:DC:C4:EA:7E:63:E3:41:4D:76:A3:20:10:A1:8D:7E:EA:23:93
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193056FEEDA853B68EC38DB286D6ABC9DA3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L9jcxOp-Y-NBTXajIBChjX7qI5M.roa
Signing time: Thu 07 Nov 2024 07:04:01 +0000
ROA not before: Thu 07 Nov 2024 07:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 08:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:6f:ee:da:85:3b:68:ec:38:db:28:6d:6a:bc:9d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 7 07:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fd8dcc4ea7e63e3414d76a32010a18d7eea2393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:fd:ca:04:17:da:a2:1a:31:c4:a2:5e:7a:2c:
bd:28:ec:8b:71:35:cd:d0:03:d1:5d:b1:0f:30:55:
84:16:24:5c:d4:ec:b3:1e:f7:4a:0a:a0:3f:75:26:
73:f1:e9:01:eb:eb:c6:cc:a3:cb:f2:a4:cb:f9:50:
b6:fe:0c:14:ce:f8:fc:ed:b7:d6:ed:1d:48:ac:63:
1c:ac:bb:97:6e:c1:cd:c1:ed:7b:60:f9:e2:e4:02:
34:0c:cf:f5:40:5e:0a:00:d8:e7:50:f9:b9:9e:28:
3b:31:48:f9:bb:2b:42:b4:2d:96:23:0a:20:89:59:
ce:c2:6f:7b:af:47:4b:9a:2b:cb:fd:f5:73:58:c5:
76:9d:cd:be:49:d5:17:c9:47:a3:1f:c0:a1:51:94:
6c:9f:a6:d1:63:61:cf:be:78:4e:de:aa:f3:f7:22:
0f:01:28:bb:4c:43:38:c7:40:7a:a3:9e:a0:5f:e7:
90:90:38:ce:7c:85:8b:71:cc:6e:76:24:02:64:57:
1a:91:7b:ea:f7:9a:3e:a1:e1:77:56:28:6d:44:86:
02:12:63:b6:16:fa:a7:8c:b9:ef:69:20:a4:dc:32:
1f:12:05:30:62:a7:6a:bf:62:e6:04:36:ff:18:34:
50:4f:3f:14:90:00:2e:27:67:84:62:5f:03:61:68:
43:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D8:DC:C4:EA:7E:63:E3:41:4D:76:A3:20:10:A1:8D:7E:EA:23:93
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/L9jcxOp-Y-NBTXajIBChjX7qI5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.66.228.0/24
45.133.251.0/24
84.21.173.0/24
87.120.165.0/24
87.120.186.0/24
171.22.31.0/24
185.246.223.0/24
193.58.121.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:61:d8:fb:3f:a2:24:35:1a:f0:fd:04:fc:2f:f0:98:7f:f6:
e6:7e:6f:94:da:1c:45:45:6c:e2:65:72:3e:13:15:27:88:34:
94:fc:6e:27:59:72:37:cc:fc:e2:50:31:fc:cd:ca:83:a2:02:
24:c3:b6:19:61:46:4d:2b:55:2b:1f:24:01:17:77:a2:7a:ec:
5d:48:dc:01:4e:46:00:52:ed:e4:55:12:ec:12:25:c8:e6:7b:
95:05:49:37:a0:79:f9:ef:ef:96:50:90:b0:d1:d3:57:5d:66:
8b:2e:b9:3a:ed:b2:04:01:56:fb:89:08:a2:c1:08:a0:b5:ac:
00:d9:18:30:9e:62:d2:23:2c:4b:63:ee:cd:20:e3:18:47:b0:
64:77:c1:4d:cf:4e:d2:e2:b4:9e:0b:c4:04:a1:c6:54:37:30:
6c:d1:ca:50:33:1d:76:a0:45:a1:0b:d4:80:c6:15:54:35:b9:
3f:80:ef:cd:24:65:98:73:d6:2a:2e:f2:9f:ff:61:34:26:87:
83:3e:b2:d4:1d:f9:c2:19:35:1e:95:47:7f:8b:ea:17:7a:ab:
ba:89:a0:b6:d8:af:4b:fd:a7:44:3a:77:62:9f:ef:1c:26:a7:
7a:28:60:92:2d:d2:07:53:14:c9:08:25:8c:10:31:9b:5e:9c:
0a:d5:af:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZMFb+7ahTto7DjbKG1qvJ2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTA3MDcwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQ4ZGNjNGVhN2U2M2UzNDE0ZDc2YTMyMDEwYTE4ZDdlZWEyMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv3KBBfaohoxxKJeeiy9KOyLcTXN
0APRXbEPMFWEFiRc1OyzHvdKCqA/dSZz8ekB6+vGzKPL8qTL+VC2/gwUzvj87bfW
7R1IrGMcrLuXbsHNwe17YPni5AI0DM/1QF4KANjnUPm5nig7MUj5uytCtC2WIwog
iVnOwm97r0dLmivL/fVzWMV2nc2+SdUXyUejH8ChUZRsn6bRY2HPvnhO3qrz9yIP
ASi7TEM4x0B6o56gX+eQkDjOfIWLccxudiQCZFcakXvq95o+oeF3VihtRIYCEmO2
FvqnjLnvaSCk3DIfEgUwYqdqv2LmBDb/GDRQTz8UkAAuJ2eEYl8DYWhDsQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFC/Y3MTqfmPjQU12oyAQoY1+6iOTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTDlqY3hPcC1ZLU5CVFhhaklCQ2hqWDdxSTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHw3QAwQA
LULkAwQALYX7AwQAVBWtAwQAV3ilAwQAV3i6AwQAqxYfAwQAufbfAwQAwTp5AwQA
wd5jMA0GCSqGSIb3DQEBCwUAA4IBAQBOYdj7P6IkNRrw/QT8L/CYf/bmfm+U2hxF
RWziZXI+ExUniDSU/G4nWXI3zPziUDH8zcqDogIkw7YZYUZNK1UrHyQBF3eieuxd
SNwBTkYAUu3kVRLsEiXI5nuVBUk3oHn57++WUJCw0dNXXWaLLrk67bIEAVb7iQii
wQigtawA2RgwnmLSIyxLY+7NIOMYR7Bkd8FNz07S4rSeC8QEocZUNzBs0cpQMx12
oEWhC9SAxhVUNbk/gO/NJGWYc9YqLvKf/2E0JoeDPrLUHfnCGTUelUd/i+oXequ6
iaC22K9L/adEOndin+8cJqd6KGCSLdIHUxTJCCWMEDGbXpwK1a+3
-----END CERTIFICATE-----
Generated at Tue Nov 12 10:16:27 2024 by rpki-client on console-ams.rpki-client.org