Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DXXHDwRw9Ga_8w-6thiHsnSxOag.roa
File: DXXHDwRw9Ga_8w-6thiHsnSxOag.roa (raw, json)
Hash identifier: FmFFoms1WuI7qOd2NuXBu1/T13QzpwCE9dPSmFUzbgo=
Subject key identifier: 0D:75:C7:0F:04:70:F4:66:BF:F3:0F:BA:B6:18:87:B2:74:B1:39:A8
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 019242B45AC9CDE76C8B44BB1CC68B814C76
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DXXHDwRw9Ga_8w-6thiHsnSxOag.roa
Signing time: Mon 30 Sep 2024 11:32:48 +0000
ROA not before: Mon 30 Sep 2024 11:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31216
IP address blocks: 31.217.128.0/19 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.68.0/22 maxlen: 24
185.55.16.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate revoked on Tue 01 Oct 2024 04:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:b4:5a:c9:cd:e7:6c:8b:44:bb:1c:c6:8b:81:4c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Sep 30 11:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d75c70f0470f466bff30fbab61887b274b139a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:42:13:2a:b3:71:cc:3b:79:10:4e:a5:6d:aa:
7f:fd:05:db:19:1c:7b:23:09:29:51:38:35:d7:f2:
1e:7f:11:68:14:90:5a:79:1a:f1:05:a5:8f:07:59:
12:85:4d:40:af:92:2c:df:1f:89:d1:43:aa:ba:28:
bd:d5:e6:17:ee:6d:e9:35:3d:2c:31:03:ac:aa:61:
3b:cd:09:02:01:b0:17:24:73:bf:2f:9d:34:29:74:
11:56:28:ad:01:bb:db:a5:e1:da:51:1a:8e:40:24:
b7:da:77:a2:8a:ac:29:dd:67:8c:7d:3e:3c:47:f3:
eb:12:90:1f:39:0c:62:0d:21:b3:cb:cb:7f:c6:32:
4f:5a:7b:4a:2b:e6:d1:61:c4:b4:f5:a0:7a:97:90:
4a:54:60:a6:8a:d9:14:b0:b8:65:d9:31:be:73:fe:
14:08:8c:cf:f8:8a:81:a7:d3:40:92:c7:25:a9:11:
89:96:5a:aa:56:91:ee:2a:35:a3:c0:b3:57:b2:88:
c1:ac:c3:cd:40:90:70:35:50:80:ca:b3:21:2a:cb:
76:69:b8:5d:5c:be:9a:7a:d1:0d:d0:b7:9d:98:cc:
67:a0:86:21:11:cb:cc:93:1d:61:dd:bc:46:86:1c:
9d:6e:0c:c3:e2:b2:6a:f7:ae:7c:01:c2:d0:44:8d:
d1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:75:C7:0F:04:70:F4:66:BF:F3:0F:BA:B6:18:87:B2:74:B1:39:A8
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/DXXHDwRw9Ga_8w-6thiHsnSxOag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
83.243.16.0/21
89.30.0.0/17
185.55.16.0/22
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
6c:da:6d:c2:43:2f:57:22:2c:c9:e9:90:32:fd:23:36:f4:df:
56:57:be:8c:97:d0:fd:af:b7:2b:d6:78:61:96:26:fa:2f:44:
1d:1c:41:fb:69:65:3e:5b:c8:52:d0:c8:7b:6b:d9:1d:a9:ac:
21:a4:eb:83:d5:9e:ef:92:d3:65:7c:59:e6:e2:0d:28:03:e2:
70:35:97:dc:bb:db:ba:9d:73:80:99:d9:e1:a6:2b:05:41:d1:
e4:8c:2d:df:e4:a6:43:ae:68:89:fb:05:1d:df:db:da:a6:d8:
cd:67:8d:2e:66:e9:94:47:85:69:c0:44:0b:c6:48:ef:8c:33:
ea:9a:a2:17:b0:98:34:0b:45:13:b1:80:3e:a1:bf:90:6e:07:
c6:77:e8:75:79:63:c0:31:58:80:22:89:ee:63:71:7d:55:01:
ab:93:dd:40:8d:52:79:44:4f:69:9b:99:75:18:1d:76:10:63:
aa:03:88:6b:0f:78:f8:8e:fb:94:32:06:b6:b5:7e:6e:37:2b:
d4:48:51:55:0c:ef:b2:e5:46:6a:22:43:43:1d:e8:de:b0:5c:
da:e4:9e:5e:17:62:c5:12:ec:94:31:8f:12:a6:4c:8e:96:5b:
31:17:2e:37:39:ca:bd:fd:5f:51:7d:ed:78:7b:60:a1:eb:33:
99:d5:4e:d9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZJCtFrJzedsi0S7HMaLgUx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjQwOTMwMTEzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc1YzcwZjA0NzBmNDY2YmZmMzBmYmFiNjE4ODdiMjc0YjEzOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kITKrNxzDt5EE6lbap//QXbGRx7
IwkpUTg11/IefxFoFJBaeRrxBaWPB1kShU1Ar5Is3x+J0UOquii91eYX7m3pNT0s
MQOsqmE7zQkCAbAXJHO/L500KXQRViitAbvbpeHaURqOQCS32neiiqwp3WeMfT48
R/PrEpAfOQxiDSGzy8t/xjJPWntKK+bRYcS09aB6l5BKVGCmitkUsLhl2TG+c/4U
CIzP+IqBp9NAksclqRGJllqqVpHuKjWjwLNXsojBrMPNQJBwNVCAyrMhKst2abhd
XL6aetEN0LedmMxnoIYhEcvMkx1h3bxGhhydbgzD4rJq9658AcLQRI3RcQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFA11xw8EcPRmv/MPurYYh7J0sTmoMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvRFhYSER3Unc5R2FfOHctNnRoaUhzblN4T2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFH9mAAwQD
U/MQAwQHWR4AAwQCuTcQAwQCuY/0AwQAwn7ZMA0EAgACMAcDBQAqAYIAMA0GCSqG
SIb3DQEBCwUAA4IBAQBs2m3CQy9XIizJ6ZAy/SM29N9WV76Ml9D9r7cr1nhhlib6
L0QdHEH7aWU+W8hS0Mh7a9kdqawhpOuD1Z7vktNlfFnm4g0oA+JwNZfcu9u6nXOA
mdnhpisFQdHkjC3f5KZDrmiJ+wUd39vaptjNZ40uZumUR4VpwEQLxkjvjDPqmqIX
sJg0C0UTsYA+ob+QbgfGd+h1eWPAMViAIonuY3F9VQGrk91AjVJ5RE9pm5l1GB12
EGOqA4hrD3j4jvuUMga2tX5uNyvUSFFVDO+y5UZqIkNDHejesFza5J5eF2LFEuyU
MY8SpkyOllsxFy43Ocq9/V9Rfe14e2Ch6zOZ1U7Z
-----END CERTIFICATE-----
Generated at Tue Oct 1 05:45:27 2024 by rpki-client on console-fra.rpki-client.org