Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/us5cwP-zQO8xXoDPfxsjrvwuI78.roa
File: us5cwP-zQO8xXoDPfxsjrvwuI78.roa (raw, json)
Hash identifier: JealMlksdAIEd2fkdn83DuuXoF8hrufKmiFf1qLQRQQ=
Subject key identifier: BA:CE:5C:C0:FF:B3:40:EF:31:5E:80:CF:7F:1B:23:AE:FC:2E:23:BF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01920989A7DEAB322B83C80563A03DFEE1D9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/us5cwP-zQO8xXoDPfxsjrvwuI78.roa
Signing time: Thu 19 Sep 2024 09:07:49 +0000
ROA not before: Thu 19 Sep 2024 09:07:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 401116
IP address blocks: 31.13.224.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 06:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:89:a7:de:ab:32:2b:83:c8:05:63:a0:3d:fe:e1:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 19 09:07:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bace5cc0ffb340ef315e80cf7f1b23aefc2e23bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:03:ee:95:af:51:c6:ee:30:8b:c7:1e:2b:32:
d9:28:e9:a6:60:70:3a:da:e4:d0:4a:6d:1d:5b:6b:
40:1b:5c:68:b9:7b:9d:56:1e:79:86:89:2c:24:e4:
1d:8d:57:44:f5:fb:59:94:b3:cd:63:c6:f9:25:f5:
59:4b:6d:02:08:32:d6:66:e8:c3:3e:1e:e8:bf:ae:
29:02:5f:15:b0:d2:a9:e7:57:b6:00:24:9a:b4:31:
fc:8f:50:25:b5:e7:cc:e0:0b:3b:b2:36:29:5f:df:
86:e8:ab:4a:94:17:97:3e:df:9d:26:76:4a:9c:b9:
79:04:00:d0:3f:db:a9:a9:fc:10:8c:6a:fc:18:46:
97:45:30:b4:45:2b:e5:60:ed:a7:f5:ad:bb:9b:41:
c5:57:62:74:5c:59:12:aa:8a:dd:a8:7f:66:80:45:
30:fa:32:59:d6:21:03:6e:97:6a:ff:37:9d:f2:8a:
9b:e2:b3:5b:72:a0:45:ad:c9:7e:43:62:5c:3e:8b:
df:a6:36:77:32:69:ed:04:ff:b2:08:7d:db:69:ca:
95:35:84:aa:c7:cb:09:a0:e8:40:2d:ed:fa:a2:27:
52:61:65:29:cf:f7:2a:c2:d7:b3:32:4b:2d:ef:f8:
0e:df:ed:80:33:66:e3:f6:62:d1:ce:dd:76:47:b1:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CE:5C:C0:FF:B3:40:EF:31:5E:80:CF:7F:1B:23:AE:FC:2E:23:BF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/us5cwP-zQO8xXoDPfxsjrvwuI78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
45.149.241.0/24
80.76.51.0/24
85.31.47.0/24
87.121.86.0/24
93.123.109.0/24
94.103.125.0/24
178.215.224.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:42:8e:4d:44:c0:f3:ef:02:cc:7d:37:36:3f:6a:1e:9c:67:
77:63:8d:cf:26:89:8b:ec:2f:e2:0c:51:c1:f2:db:64:52:1f:
44:9f:f3:6f:30:60:73:f5:45:e6:2c:a8:28:35:0f:b2:e1:e9:
f7:b4:ca:67:fe:a3:5b:37:75:bb:35:05:0d:34:e8:b1:ff:15:
02:bb:f5:28:7d:66:1f:73:d3:95:1b:8d:96:69:fc:48:88:59:
e1:3c:f6:b0:32:5b:87:9a:d6:16:7f:2f:1f:f1:96:76:93:ce:
75:68:9b:02:bd:43:0a:70:7d:83:37:c4:99:36:a7:6c:cf:3f:
bf:d6:f1:6d:fd:a9:a7:87:e5:05:5f:2a:36:a2:2b:aa:40:94:
de:50:41:18:ab:66:4c:08:8e:ef:7c:6f:77:b7:58:65:5f:d8:
69:7a:82:ac:c9:22:f4:8a:8d:26:d5:53:6d:ee:cc:96:be:58:
c1:20:ea:b7:c9:90:5f:5d:3a:1f:00:bb:de:a0:4d:ca:d1:3f:
6f:0a:bf:13:71:c3:2d:7f:5c:32:5f:bb:e5:72:e7:4b:e1:eb:
ab:a0:f1:ec:b1:89:67:db:f1:19:22:b0:a4:5f:80:eb:97:2b:
d1:e7:ae:9b:76:27:2f:c9:fe:28:f8:36:e8:c6:e1:62:e3:1e:
84:9d:78:a5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZIJiafeqzIrg8gFY6A9/uHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE5MDkwNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNlNWNjMGZmYjM0MGVmMzE1ZTgwY2Y3ZjFiMjNhZWZjMmUyM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gPula9Rxu4wi8ceKzLZKOmmYHA6
2uTQSm0dW2tAG1xouXudVh55hoksJOQdjVdE9ftZlLPNY8b5JfVZS20CCDLWZujD
Ph7ov64pAl8VsNKp51e2ACSatDH8j1AltefM4As7sjYpX9+G6KtKlBeXPt+dJnZK
nLl5BADQP9upqfwQjGr8GEaXRTC0RSvlYO2n9a27m0HFV2J0XFkSqordqH9mgEUw
+jJZ1iEDbpdq/zed8oqb4rNbcqBFrcl+Q2JcPovfpjZ3MmntBP+yCH3bacqVNYSq
x8sJoOhALe36oidSYWUpz/cqwtezMkst7/gO3+2AM2bj9mLRzt12R7FHSQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLrOXMD/s0DvMV6Az38bI678LiO/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdXM1Y3dQLXpRTzh4WG9EUGZ4c2pydnd1STc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHw3gAwQA
LZXxAwQAUEwzAwQAVR8vAwQAV3lWAwQAXXttAwQAXmd9AwQAstfgMA0GCSqGSIb3
DQEBCwUAA4IBAQBqQo5NRMDz7wLMfTc2P2oenGd3Y43PJomL7C/iDFHB8ttkUh9E
n/NvMGBz9UXmLKgoNQ+y4en3tMpn/qNbN3W7NQUNNOix/xUCu/UofWYfc9OVG42W
afxIiFnhPPawMluHmtYWfy8f8ZZ2k851aJsCvUMKcH2DN8SZNqdszz+/1vFt/amn
h+UFXyo2oiuqQJTeUEEYq2ZMCI7vfG93t1hlX9hpeoKsySL0io0m1VNt7syWvljB
IOq3yZBfXTofALveoE3K0T9vCr8TccMtf1wyX7vlcudL4euroPHssYln2/EZIrCk
X4DrlyvR566bdicvyf4o+DboxuFi4x6EnXil
-----END CERTIFICATE-----
Generated at Tue Sep 24 09:10:19 2024 by rpki-client on console-fra.rpki-client.org