Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mJbqLH7h8FZ7R8LeKd4bhR_LKfI.roa
File: mJbqLH7h8FZ7R8LeKd4bhR_LKfI.roa (raw, json)
Hash identifier: 3YbU5i6eY1Kv3jcDfVq7NA/A5g4zcJPywQLN8pHC0Lg=
Subject key identifier: 98:96:EA:2C:7E:E1:F0:56:7B:47:C2:DE:29:DE:1B:85:1F:CB:29:F2
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018D7D4562218E3C48FBCA901CF26530A5BE
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mJbqLH7h8FZ7R8LeKd4bhR_LKfI.roa
Signing time: Tue 06 Feb 2024 07:15:15 +0000
ROA not before: Tue 06 Feb 2024 07:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.234.0/24 maxlen: 24
81.31.235.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
2a05:a6c0::/56 maxlen: 64
2a05:a6c7:ffff:ff00::/56 maxlen: 64
Validation: Failed, certificate revoked on Fri 09 Feb 2024 08:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:45:62:21:8e:3c:48:fb:ca:90:1c:f2:65:30:a5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Feb 6 07:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9896ea2c7ee1f0567b47c2de29de1b851fcb29f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d5:8b:b8:a2:b9:e1:4b:0c:f8:65:80:2b:6f:
2c:cc:5b:60:af:39:8d:96:8a:0e:9d:24:ba:20:10:
b1:b3:1c:05:cd:f5:7f:30:26:28:9e:05:84:71:75:
28:c2:7d:e6:30:ce:32:22:ba:7a:f8:85:bc:5e:1f:
e3:43:1e:87:30:09:c3:40:53:71:82:28:88:95:a0:
97:a7:7f:c8:16:31:88:b3:27:af:42:9d:44:bb:93:
87:d0:0b:8a:89:50:2a:d7:37:c8:61:34:48:6a:31:
88:c2:3e:75:b5:65:47:2d:1e:f7:28:81:b8:2b:b1:
fb:9c:d0:58:35:57:fe:9c:0e:89:48:18:e8:94:85:
d7:9a:a0:dd:dc:69:93:42:e2:02:b2:fe:48:2a:da:
5f:80:36:1f:23:81:fb:ee:aa:93:a2:94:ee:f5:f3:
6c:1f:cf:56:37:3b:6d:91:79:c9:7f:0a:40:d1:61:
9a:1a:db:88:61:b0:ba:72:fa:7f:f7:42:2f:32:45:
2a:38:2c:52:0c:73:f2:cb:07:61:b5:b3:1c:92:a3:
52:2a:e3:09:af:3b:c9:c0:4a:12:5b:70:47:15:34:
da:2c:84:a6:a1:fd:e9:d7:c4:73:3b:f4:6a:1e:42:
fd:5e:1c:19:d0:8b:c3:4d:40:9d:65:b9:e2:15:ef:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:96:EA:2C:7E:E1:F0:56:7B:47:C2:DE:29:DE:1B:85:1F:CB:29:F2
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/mJbqLH7h8FZ7R8LeKd4bhR_LKfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0-81.31.241.255
81.31.248.0/22
IPv6:
2a05:a6c0::/56
2a05:a6c7:ffff:ff00::/56
Signature Algorithm: sha256WithRSAEncryption
86:dc:9f:56:0f:37:c8:6c:c4:ed:f4:a6:27:a6:58:67:88:5d:
ce:aa:16:9d:c9:ea:ff:87:2e:9d:90:dd:95:2f:59:b8:62:b2:
fd:ab:f1:72:19:45:fb:b4:f7:89:57:7c:e9:b4:d2:ea:92:dd:
24:ef:60:12:c8:69:8f:d6:c4:8e:d5:fc:fc:57:93:da:65:42:
04:d6:b0:b5:6a:d4:12:39:a8:c0:60:8c:cf:83:6c:f1:dc:a6:
71:e4:02:ad:c2:c3:59:5c:08:44:d9:56:6c:a1:88:22:ab:da:
4f:d1:cc:7d:c5:9e:dc:2f:e8:7e:a1:6d:cc:6d:26:05:96:c6:
51:ad:b2:39:a8:99:b6:50:a4:3b:90:05:75:b9:33:aa:98:cf:
66:f0:44:11:5b:f3:51:cb:28:7e:88:db:cd:d4:86:d7:54:1c:
74:8c:68:6c:23:69:90:ba:6d:85:5c:17:f4:14:10:7b:cc:59:
63:b1:2b:94:12:c8:0f:1b:b4:6e:46:ff:18:1b:17:3e:ed:b5:
0d:b7:99:43:b8:30:37:ad:2c:8b:02:4b:dc:b8:f5:20:16:4c:
67:a5:89:54:2e:fc:9a:75:b9:7a:ce:f7:5a:46:f9:79:40:07:
24:ab:39:52:49:73:f5:17:9b:e0:92:27:77:64:36:12:8a:e5:
55:4a:5d:4a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY19RWIhjjxI+8qQHPJlMKW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwMjA2MDcxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk2ZWEyYzdlZTFmMDU2N2I0N2MyZGUyOWRlMWI4NTFmY2IyOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NWLuKK54UsM+GWAK28szFtgrzmN
looOnSS6IBCxsxwFzfV/MCYongWEcXUown3mMM4yIrp6+IW8Xh/jQx6HMAnDQFNx
giiIlaCXp3/IFjGIsyevQp1Eu5OH0AuKiVAq1zfIYTRIajGIwj51tWVHLR73KIG4
K7H7nNBYNVf+nA6JSBjolIXXmqDd3GmTQuICsv5IKtpfgDYfI4H77qqTopTu9fNs
H89WNzttkXnJfwpA0WGaGtuIYbC6cvp/90IvMkUqOCxSDHPyywdhtbMckqNSKuMJ
rzvJwEoSW3BHFTTaLISmof3p18RzO/RqHkL9XhwZ0IvDTUCdZbniFe+BjQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFJiW6ix+4fBWe0fC3ineG4UfyynyMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvbUpicUxIN2g4Rlo3UjhMZUtkNGJoUl9MS2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAoBAIAATAiMAwDBAVRH+AD
BABRH+YwDAMEAFEf6QMEAVEf8AMEAlEf+DAaBAIAAjAUAwgAKgWmwAAAAAMIACoF
psf///8wDQYJKoZIhvcNAQELBQADggEBAIbcn1YPN8hsxO30piemWGeIXc6qFp3J
6v+HLp2Q3ZUvWbhisv2r8XIZRfu094lXfOm00uqS3STvYBLIaY/WxI7V/PxXk9pl
QgTWsLVq1BI5qMBgjM+DbPHcpnHkAq3Cw1lcCETZVmyhiCKr2k/RzH3Fntwv6H6h
bcxtJgWWxlGtsjmombZQpDuQBXW5M6qYz2bwRBFb81HLKH6I283UhtdUHHSMaGwj
aZC6bYVcF/QUEHvMWWOxK5QSyA8btG5G/xgbFz7ttQ23mUO4MDetLIsCS9y49SAW
TGeliVQu/Jp1uXrO91pG+XlABySrOVJJc/UXm+CSJ3dkNhKK5VVKXUo=
-----END CERTIFICATE-----
Generated at Fri Feb 9 12:20:41 2024 by rpki-client on console-ams.rpki-client.org