Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/BR_4IZgT-UjJH-Gxys1EAznMOpU.roa
File: BR_4IZgT-UjJH-Gxys1EAznMOpU.roa (raw, json)
Hash identifier: gTZaqniwpNIncqlP/8BfAMBpOyFhjNH2LzwsdzNfyRE=
Subject key identifier: 05:1F:F8:21:98:13:F9:48:C9:1F:E1:B1:CA:CD:44:03:39:CC:3A:95
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 018572FA62BBAD91ECDED0BED54A35FA4116
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/BR_4IZgT-UjJH-Gxys1EAznMOpU.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43531
IP address blocks: 31.217.130.0/24 maxlen: 24
31.217.128.0/24 maxlen: 24
31.217.128.0/19 maxlen: 24
31.217.129.0/24 maxlen: 24
185.55.16.0/22 maxlen: 24
89.30.68.0/22 maxlen: 24
91.196.184.0/22 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
46.18.168.0/21 maxlen: 24
2a01:8200::/32 maxlen: 48
2a02:27f0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:62:bb:ad:91:ec:de:d0:be:d5:4a:35:fa:41:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=051ff8219813f948c91fe1b1cacd440339cc3a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:13:32:5e:1e:e8:23:4f:a4:74:11:c3:a4:ac:
90:8f:21:da:9d:52:c9:6e:dc:91:64:34:d5:cd:7a:
02:7e:ea:e0:25:42:4a:42:69:7f:0a:59:b0:21:e4:
0f:8d:81:23:a6:f6:ba:62:52:b3:a6:ed:1d:34:cc:
65:0b:91:fe:40:f2:a8:fb:7a:09:02:6f:3e:b7:e4:
ce:ff:06:3b:6a:e8:3b:7e:83:fb:3a:57:57:dc:fd:
12:1c:ce:06:81:96:a0:ef:8c:ce:8c:d2:69:23:40:
b4:cd:e4:71:9e:82:e2:e0:04:6d:a8:50:03:b0:f9:
0d:12:d5:57:71:b9:65:7d:d7:94:9c:93:52:df:32:
71:6e:25:13:f7:84:19:ac:a4:ea:6b:d5:74:0b:63:
da:1a:7c:81:7f:f5:b7:07:4c:a5:13:f1:56:5a:ee:
c5:e0:a4:3c:e8:1a:ed:29:6e:9f:79:62:35:e8:ad:
0c:0a:67:c7:ac:4d:4e:c9:e1:2f:23:ca:a9:24:3c:
8f:e4:6f:3b:ca:01:98:13:97:f1:3a:f9:8b:27:bf:
55:14:4c:3d:86:0c:b1:08:74:f7:f6:01:5b:de:66:
98:fa:39:69:4e:a4:ec:45:e9:01:d1:8a:0b:01:20:
21:b9:e5:9b:e4:28:16:a5:a3:63:7f:95:0b:5b:bc:
d8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1F:F8:21:98:13:F9:48:C9:1F:E1:B1:CA:CD:44:03:39:CC:3A:95
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/BR_4IZgT-UjJH-Gxys1EAznMOpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
46.18.168.0/21
83.243.16.0/21
89.30.0.0/17
91.196.184.0/22
185.55.16.0/22
IPv6:
2a01:8200::/32
2a02:27f0::/32
Signature Algorithm: sha256WithRSAEncryption
56:3d:99:b8:33:c7:b4:75:e7:c0:46:1b:ef:d3:dc:1c:e5:23:
47:66:61:23:cd:79:3a:c2:97:bc:7d:a0:85:e6:42:2e:b9:13:
24:39:19:0a:d2:e0:a7:e0:0b:9d:e8:d2:a4:bb:1e:a5:b2:2d:
5f:aa:3c:db:60:ec:88:53:5d:ab:c8:06:2b:0b:f9:0e:a0:5e:
64:8e:cd:79:a0:50:cf:9b:3c:dd:69:6d:80:d5:cb:5d:f5:53:
56:5c:b2:a1:81:9a:7e:55:ff:46:f0:21:76:63:71:22:fb:fb:
7b:a4:ba:44:cc:e5:b2:d1:45:ea:a4:94:63:4d:ea:4c:3f:77:
cb:5d:0c:dd:1a:d7:f7:3c:1c:54:66:fe:6b:39:a1:66:d5:f5:
a2:24:50:91:ef:be:87:4d:57:d3:36:b8:0f:e2:2a:d3:d2:e9:
fc:1f:7d:8e:11:0a:61:6a:cc:ec:1d:2c:72:68:21:11:39:5f:
88:17:37:5c:cc:ad:41:43:f8:eb:aa:18:73:84:3e:a8:9e:00:
f0:24:20:5c:8f:62:3b:20:3c:40:c4:cc:5a:8e:1a:11:43:a9:
a0:a2:ce:ef:bc:32:3c:5e:82:96:9f:ea:d9:2a:38:d8:73:2b:
54:a2:7b:59:dd:06:73:ba:ae:64:d4:83:15:96:57:ac:0c:55:
25:92:e7:63
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVy+mK7rZHs3tC+1Uo1+kEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFmZjgyMTk4MTNmOTQ4YzkxZmUxYjFjYWNkNDQwMzM5Y2MzYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBMyXh7oI0+kdBHDpKyQjyHanVLJ
btyRZDTVzXoCfurgJUJKQml/ClmwIeQPjYEjpva6YlKzpu0dNMxlC5H+QPKo+3oJ
Am8+t+TO/wY7aug7foP7OldX3P0SHM4GgZag74zOjNJpI0C0zeRxnoLi4ARtqFAD
sPkNEtVXcbllfdeUnJNS3zJxbiUT94QZrKTqa9V0C2PaGnyBf/W3B0ylE/FWWu7F
4KQ86BrtKW6feWI16K0MCmfHrE1OyeEvI8qpJDyP5G87ygGYE5fxOvmLJ79VFEw9
hgyxCHT39gFb3maY+jlpTqTsRekB0YoLASAhueWb5CgWpaNjf5ULW7zYCwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAUf+CGYE/lIyR/hscrNRAM5zDqVMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvQlJfNElaZ1QtVWpKSC1HeHlzMUVBem5NT3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQFH9mAAwQD
LhKoAwQDU/MQAwQHWR4AAwQCW8S4AwQCuTcQMBQEAgACMA4DBQAqAYIAAwUAKgIn
8DANBgkqhkiG9w0BAQsFAAOCAQEAVj2ZuDPHtHXnwEYb79PcHOUjR2ZhI815OsKX
vH2gheZCLrkTJDkZCtLgp+ALnejSpLsepbItX6o822DsiFNdq8gGKwv5DqBeZI7N
eaBQz5s83WltgNXLXfVTVlyyoYGaflX/RvAhdmNxIvv7e6S6RMzlstFF6qSUY03q
TD93y10M3RrX9zwcVGb+azmhZtX1oiRQke++h01X0za4D+Iq09Lp/B99jhEKYWrM
7B0scmghETlfiBc3XMytQUP466oYc4Q+qJ4A8CQgXI9iOyA8QMTMWo4aEUOpoKLO
77wyPF6Clp/q2So42HMrVKJ7Wd0Gc7quZNSDFZZXrAxVJZLnYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:02 2024 by rpki-client on console-fra.rpki-client.org