Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/dW2p8wYDzSz2hBg10teHECbQ6Qo.roa
File: dW2p8wYDzSz2hBg10teHECbQ6Qo.roa (raw, json)
Hash identifier: 1g8k3SQTs6GqIOfN580l/Qlflc9mub6NjbL4dZ6kk7k=
Subject key identifier: 75:6D:A9:F3:06:03:CD:2C:F6:84:18:35:D2:D7:87:10:26:D0:E9:0A
Certificate issuer: /CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Certificate serial: 0191B3158842A7798AD3F1CBA9E3C4EE24CB
Authority key identifier: E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/dW2p8wYDzSz2hBg10teHECbQ6Qo.roa
Signing time: Mon 02 Sep 2024 14:13:38 +0000
ROA not before: Mon 02 Sep 2024 14:13:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35539
IP address blocks: 31.134.192.0/21 maxlen: 21
46.160.192.0/18 maxlen: 18
46.160.192.0/19 maxlen: 19
46.160.224.0/19 maxlen: 19
93.95.160.0/21 maxlen: 21
93.95.160.0/22 maxlen: 22
93.95.164.0/22 maxlen: 22
93.123.128.0/17 maxlen: 17
93.123.128.0/18 maxlen: 18
93.123.192.0/18 maxlen: 18
95.131.208.0/21 maxlen: 21
95.131.208.0/22 maxlen: 22
95.131.212.0/22 maxlen: 22
217.194.240.0/20 maxlen: 20
217.194.240.0/21 maxlen: 21
217.194.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 24 Sep 2024 07:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:15:88:42:a7:79:8a:d3:f1:cb:a9:e3:c4:ee:24:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e520446f79ffc2d7c3a9ef340ce9de25723a719a
Validity
Not Before: Sep 2 14:13:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=756da9f30603cd2cf6841835d2d7871026d0e90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:90:c8:b3:96:ab:1d:42:2b:1f:d0:f3:6b:dd:
d3:c4:cf:cf:ac:b2:8a:f2:fa:d6:82:79:1e:94:6a:
99:ba:82:b7:79:2f:5a:e3:47:14:dc:c1:6e:c1:4c:
6c:65:e7:f1:66:f4:5b:49:df:01:1b:37:44:85:43:
a9:68:d3:76:04:0d:08:7a:41:ee:a4:23:64:5c:0a:
11:6d:75:27:c8:d4:72:33:9f:ff:ef:ec:5e:a4:be:
72:47:73:79:b6:7c:17:1a:90:ee:c0:69:e1:ac:53:
39:8a:9b:20:f4:d9:14:64:c3:20:d9:ec:38:de:cb:
d9:22:da:94:8f:3a:cb:00:29:b8:20:f5:3a:56:8e:
6a:37:dd:52:f4:21:cc:4f:64:ed:9d:24:1d:28:ca:
aa:13:07:0f:79:1e:e8:35:c2:4f:49:d8:53:48:62:
a9:21:d5:ea:f1:48:33:c7:48:35:30:f2:65:cf:a9:
4f:7e:82:50:67:58:ac:0c:22:cc:15:7a:b2:d0:1f:
9a:20:0e:dd:3f:dc:eb:58:65:c9:c3:0b:49:4a:9c:
47:64:9e:81:8f:f8:1b:e4:ab:96:d0:00:3c:cc:37:
8d:66:87:1f:24:b9:2f:33:6d:5d:71:84:a3:87:d6:
8f:15:37:d3:91:53:83:0e:15:3a:38:b1:5d:b3:5a:
f8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6D:A9:F3:06:03:CD:2C:F6:84:18:35:D2:D7:87:10:26:D0:E9:0A
X509v3 Authority Key Identifier:
keyid:E5:20:44:6F:79:FF:C2:D7:C3:A9:EF:34:0C:E9:DE:25:72:3A:71:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5SBEb3n_wtfDqe80DOneJXI6cZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/dW2p8wYDzSz2hBg10teHECbQ6Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/011ef2-7012-4a6e-8a1c-0e0e137e5591/1/5SBEb3n_wtfDqe80DOneJXI6cZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.192.0/21
46.160.192.0/18
93.95.160.0/21
93.123.128.0/17
95.131.208.0/21
217.194.240.0/20
Signature Algorithm: sha256WithRSAEncryption
78:0d:e3:71:a3:30:85:49:ff:bd:20:ed:38:43:a6:8e:43:ba:
11:79:70:f2:63:df:28:db:43:1b:91:d1:eb:09:ce:ae:70:c6:
0c:03:f2:b7:9f:fa:c8:92:89:f4:39:24:37:68:30:60:2f:e3:
e3:74:c4:e3:e0:b4:5a:73:c1:6f:3a:83:f3:f1:6f:24:71:6f:
67:99:58:3b:17:8d:ae:2b:9d:33:4d:2b:99:bf:3e:04:ba:b6:
31:8d:dc:38:fc:d2:ed:88:8e:0b:bc:fc:37:9c:7a:cf:81:12:
23:a5:d8:09:a6:39:2f:46:11:f9:f1:e3:12:16:c2:df:a6:0a:
09:86:dc:74:52:87:af:52:0e:c8:55:d3:48:0f:8e:6e:dd:3d:
43:f5:dd:a0:e7:5f:3f:f1:a5:a9:ce:65:bc:34:23:ea:73:e4:
58:8f:6f:36:79:e2:28:81:34:e7:ed:30:be:67:d7:e3:16:fe:
8e:ca:ae:e5:c5:47:69:0d:5d:0c:4f:3b:44:37:b0:5b:d0:89:
9c:b7:3a:2d:26:2f:62:95:b2:b8:00:23:fe:a4:c2:70:37:f9:
45:61:62:24:40:f9:a1:03:10:81:aa:c2:80:94:64:62:94:c1:
f4:8c:25:5d:cb:d7:af:fc:42:4b:f7:8c:94:da:61:dd:da:d3:
e2:2a:55:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZGzFYhCp3mK0/HLqePE7iTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MjA0NDZmNzlmZmMyZDdjM2E5ZWYzNDBjZTlkZTI1NzIz
YTcxOWEwHhcNMjQwOTAyMTQxMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZkYTlmMzA2MDNjZDJjZjY4NDE4MzVkMmQ3ODcxMDI2ZDBlOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5DIs5arHUIrH9Dza93TxM/PrLKK
8vrWgnkelGqZuoK3eS9a40cU3MFuwUxsZefxZvRbSd8BGzdEhUOpaNN2BA0IekHu
pCNkXAoRbXUnyNRyM5//7+xepL5yR3N5tnwXGpDuwGnhrFM5ipsg9NkUZMMg2ew4
3svZItqUjzrLACm4IPU6Vo5qN91S9CHMT2TtnSQdKMqqEwcPeR7oNcJPSdhTSGKp
IdXq8Ugzx0g1MPJlz6lPfoJQZ1isDCLMFXqy0B+aIA7dP9zrWGXJwwtJSpxHZJ6B
j/gb5KuW0AA8zDeNZocfJLkvM21dcYSjh9aPFTfTkVODDhU6OLFds1r4BwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHVtqfMGA80s9oQYNdLXhxAm0OkKMB8GA1UdIwQY
MBaAFOUgRG95/8LXw6nvNAzp3iVyOnGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMt
MGUwZTEzN2U1NTkxLzEvZFcycDh3WUR6U3oyaEJnMTB0ZUhFQ2JRNlFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTFlZjItNzAxMi00YTZlLThhMWMtMGUwZTEzN2U1NTkx
LzEvNVNCRWIzbl93dGZEcWU4MERPbmVKWEk2Y1pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDH4bAAwQG
LqDAAwQDXV+gAwQHXXuAAwQDX4PQAwQE2cLwMA0GCSqGSIb3DQEBCwUAA4IBAQB4
DeNxozCFSf+9IO04Q6aOQ7oReXDyY98o20MbkdHrCc6ucMYMA/K3n/rIkon0OSQ3
aDBgL+PjdMTj4LRac8FvOoPz8W8kcW9nmVg7F42uK50zTSuZvz4EurYxjdw4/NLt
iI4LvPw3nHrPgRIjpdgJpjkvRhH58eMSFsLfpgoJhtx0UoevUg7IVdNID45u3T1D
9d2g518/8aWpzmW8NCPqc+RYj282eeIogTTn7TC+Z9fjFv6Oyq7lxUdpDV0MTztE
N7Bb0ImctzotJi9ilbK4ACP+pMJwN/lFYWIkQPmhAxCBqsKAlGRilMH0jCVdy9ev
/EJL94yU2mHd2tPiKlU8
-----END CERTIFICATE-----
Generated at Tue Sep 24 09:10:19 2024 by rpki-client on console-fra.rpki-client.org