Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/l_XJmLk4ea1EQBYDxG8w4EMBEKw.roa
File: l_XJmLk4ea1EQBYDxG8w4EMBEKw.roa (raw, json)
Hash identifier: PesjptldRK5683nVlqvJjYPs8o0upNxe+kFKVvu2ziI=
Subject key identifier: 97:F5:C9:98:B9:38:79:AD:44:40:16:03:C4:6F:30:E0:43:01:10:AC
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 01924642CE75AA991993EF62FA57130CEB44
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/l_XJmLk4ea1EQBYDxG8w4EMBEKw.roa
Signing time: Tue 01 Oct 2024 04:07:16 +0000
ROA not before: Tue 01 Oct 2024 04:07:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31216
IP address blocks: 31.217.128.0/19 maxlen: 24
46.18.168.0/21 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
89.30.68.0/22 maxlen: 24
185.55.16.0/22 maxlen: 24
185.143.244.0/22 maxlen: 22
194.126.217.0/24 maxlen: 24
2a01:8200::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 04 Oct 2024 08:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:42:ce:75:aa:99:19:93:ef:62:fa:57:13:0c:eb:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Oct 1 04:07:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97f5c998b93879ad44401603c46f30e0430110ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:aa:1b:87:78:ef:f2:d8:0b:b6:00:93:92:2b:
a1:01:f6:f5:63:8e:04:99:0d:04:f9:e9:82:a2:c3:
fd:d1:33:cd:b1:6e:a4:c4:00:f6:c5:be:16:1a:2f:
83:9c:39:ed:e6:9b:5e:ae:7b:ca:77:f0:c4:10:73:
56:40:45:e2:ee:61:81:3c:6c:f2:50:f7:c6:ec:cd:
8e:4d:28:37:9f:5a:cd:b7:05:a1:45:5e:e4:28:9a:
aa:91:4e:bf:24:83:3b:c9:39:b1:20:da:f0:3d:90:
23:9f:a9:0d:11:a8:d7:f7:92:da:9c:f0:ff:cc:07:
77:34:8e:1d:34:86:d0:43:8a:1b:29:e1:15:73:63:
a5:7f:7d:5b:09:2a:f9:ef:71:4f:f1:b4:3a:49:7f:
0f:cf:87:c4:14:18:9d:43:af:3d:7c:86:08:51:6c:
8d:44:5d:13:f2:93:89:a4:a0:89:69:88:b2:d6:c0:
7c:1b:6a:28:09:39:07:0d:62:dd:db:fa:b9:10:5d:
24:bf:7a:36:e5:00:77:85:ce:85:18:c3:7d:ea:6e:
6f:e4:34:ea:cd:2d:f0:b2:3b:68:12:5c:db:80:8b:
2f:c6:c7:f0:4b:eb:11:0f:ce:93:e7:68:17:78:4b:
09:69:cb:bc:83:00:e2:37:18:79:37:d6:18:2d:1a:
73:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F5:C9:98:B9:38:79:AD:44:40:16:03:C4:6F:30:E0:43:01:10:AC
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/l_XJmLk4ea1EQBYDxG8w4EMBEKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.128.0/19
46.18.168.0/21
83.243.16.0/21
89.30.0.0/17
185.55.16.0/22
185.143.244.0/22
194.126.217.0/24
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
35:b6:9a:09:96:99:f5:29:8a:0c:30:6c:01:ea:18:52:82:4c:
4f:78:7b:83:0a:b0:f1:e7:31:4f:99:c3:7b:da:6d:be:59:fb:
88:93:f5:2e:51:c1:44:10:86:92:f0:23:62:bc:b0:84:e6:aa:
9c:d4:f5:c1:6d:88:00:c4:e8:c9:a7:8b:7e:8b:03:c7:b5:87:
c2:67:35:f1:2e:e4:fb:6b:6e:1a:40:5c:aa:70:d7:c7:85:1a:
1d:a8:18:52:41:08:c1:c7:0f:6f:7e:a3:36:b2:1f:83:8e:93:
34:c0:6e:68:8e:f3:79:2f:55:b1:53:5c:f3:5c:92:5b:78:3d:
34:83:fc:11:f0:bf:c0:b3:9b:90:a0:ef:0a:1f:b4:a8:d7:07:
87:a6:d5:1b:7d:eb:c6:65:29:75:fb:e4:a2:23:25:63:9d:0e:
33:07:6f:da:39:85:f2:36:57:cd:55:3d:22:83:ba:a8:0e:81:
26:5e:aa:0a:80:53:82:e4:f6:70:65:43:b7:18:c6:a8:c6:ba:
9f:58:dc:d1:7f:df:64:d3:78:3a:63:e7:fb:6f:d7:62:9c:b7:
21:22:b6:f7:57:cb:dc:7d:e0:64:a0:2a:56:7f:84:db:3c:95:
46:84:b0:7e:e8:53:e2:be:a6:ac:ed:80:0b:da:15:c2:85:0e:
a0:91:27:43
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZJGQs51qpkZk+9i+lcTDOtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjQxMDAxMDQwNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Y1Yzk5OGI5Mzg3OWFkNDQ0MDE2MDNjNDZmMzBlMDQzMDExMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6obh3jv8tgLtgCTkiuhAfb1Y44E
mQ0E+emCosP90TPNsW6kxAD2xb4WGi+DnDnt5pternvKd/DEEHNWQEXi7mGBPGzy
UPfG7M2OTSg3n1rNtwWhRV7kKJqqkU6/JIM7yTmxINrwPZAjn6kNEajX95LanPD/
zAd3NI4dNIbQQ4obKeEVc2Olf31bCSr573FP8bQ6SX8Pz4fEFBidQ689fIYIUWyN
RF0T8pOJpKCJaYiy1sB8G2ooCTkHDWLd2/q5EF0kv3o25QB3hc6FGMN96m5v5DTq
zS3wsjtoElzbgIsvxsfwS+sRD86T52gXeEsJacu8gwDiNxh5N9YYLRpzWwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJf1yZi5OHmtREAWA8RvMOBDARCsMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvbF9YSm1MazRlYTFFUUJZRHhHOHc0RU1CRUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH9mAAwQD
LhKoAwQDU/MQAwQHWR4AAwQCuTcQAwQCuY/0AwQAwn7ZMA0EAgACMAcDBQAqAYIA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1tpoJlpn1KYoMMGwB6hhSgkxPeHuDCrDx5zFP
mcN72m2+WfuIk/UuUcFEEIaS8CNivLCE5qqc1PXBbYgAxOjJp4t+iwPHtYfCZzXx
LuT7a24aQFyqcNfHhRodqBhSQQjBxw9vfqM2sh+DjpM0wG5ojvN5L1WxU1zzXJJb
eD00g/wR8L/As5uQoO8KH7So1weHptUbfevGZSl1++SiIyVjnQ4zB2/aOYXyNlfN
VT0ig7qoDoEmXqoKgFOC5PZwZUO3GMaoxrqfWNzRf99k03g6Y+f7b9dinLchIrb3
V8vcfeBkoCpWf4TbPJVGhLB+6FPivqas7YAL2hXChQ6gkSdD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:48 2025 by rpki-client