Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/EMfrpjowvXa9QjLdx0KN3cPnhlk.roa
File: EMfrpjowvXa9QjLdx0KN3cPnhlk.roa (raw, json)
Hash identifier: FlSpy7I0KkYts+iYcP0KwNOZSiEDRA0HVZacRljJDTM=
Subject key identifier: 10:C7:EB:A6:3A:30:BD:76:BD:42:32:DD:C7:42:8D:DD:C3:E7:86:59
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 01856DDD3B44615369AA01B6F9B300FD6CEF
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/EMfrpjowvXa9QjLdx0KN3cPnhlk.roa
Signing time: Sun 01 Jan 2023 15:04:53 +0000
ROA not before: Sun 01 Jan 2023 15:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.227.0/24 maxlen: 24
31.129.240.0/22 maxlen: 22
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.255.0/24 maxlen: 24
31.129.224.0/22 maxlen: 22
31.129.224.0/24 maxlen: 24
31.129.224.0/23 maxlen: 23
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/23 maxlen: 23
213.5.196.0/24 maxlen: 24
213.5.197.0/24 maxlen: 24
213.5.198.0/24 maxlen: 24
213.5.198.0/23 maxlen: 23
213.5.199.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 04 Apr 2023 20:40:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:3b:44:61:53:69:aa:01:b6:f9:b3:00:fd:6c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 1 15:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10c7eba63a30bd76bd4232ddc7428dddc3e78659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:8e:f0:5c:d4:6c:1b:64:48:4c:b5:bc:3c:
38:33:06:2a:f8:ec:d1:90:ff:f2:90:bf:47:be:5f:
79:92:5a:3a:83:8d:6a:af:c5:c7:8b:71:db:07:d2:
f6:b1:bd:f7:54:76:d6:70:f9:c3:be:11:c9:67:a3:
d8:dc:34:f5:de:6b:39:f7:a7:da:39:e5:cd:22:d4:
3a:01:c8:99:3e:94:8e:c2:bc:2f:1a:75:77:06:cd:
f1:ef:c6:d3:09:d8:b2:0d:a5:51:34:60:99:8d:c6:
fd:1a:8d:80:13:69:08:c1:1b:b4:45:52:f9:5a:04:
78:a7:c1:76:ee:95:73:c2:91:75:b0:47:f9:5f:2e:
0c:82:ea:7c:7f:5d:bb:5d:9b:47:60:46:a7:c6:94:
3b:05:6f:2c:bf:82:98:e7:56:37:78:99:57:1e:7a:
d7:9c:60:8d:10:66:40:ec:1f:ea:93:4e:b3:40:c3:
f1:dc:0f:ed:3c:7b:7c:f5:93:9b:3b:f0:ff:4f:c6:
3a:63:53:f8:51:fb:92:19:d6:12:e3:00:6c:ea:7c:
26:29:32:73:69:ff:4f:e0:c3:79:55:b3:85:4b:cb:
14:24:22:c5:5e:06:2f:3a:13:dd:f1:db:c3:45:52:
f6:1b:62:5c:9c:4e:f0:46:44:49:ea:10:c7:b3:35:
1a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C7:EB:A6:3A:30:BD:76:BD:42:32:DD:C7:42:8D:DD:C3:E7:86:59
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/EMfrpjowvXa9QjLdx0KN3cPnhlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0/22
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
45:c9:b7:15:35:2a:71:c3:9f:85:d7:54:de:c5:b2:8e:a5:7c:
74:4c:9a:bf:3e:30:b6:52:f6:2e:bf:82:12:26:21:52:eb:8b:
bd:5e:d6:b7:03:5e:8b:1d:b6:31:82:e9:71:ed:54:9d:98:14:
b8:01:c1:83:b1:c3:f8:b1:fc:e3:a8:0f:05:6c:c4:a0:3b:76:
ef:f4:54:6f:f3:94:af:9f:13:24:21:a7:41:3a:3c:0d:40:f4:
14:3e:a4:0e:fe:e2:17:5f:e0:d4:b4:67:65:0f:d8:e0:85:04:
e5:55:4a:ab:bf:ba:b4:5b:2e:f2:b6:cb:0d:fc:b0:22:51:0e:
dd:f3:a3:ef:88:00:6e:f9:ef:c0:0a:69:09:14:d3:e7:cc:6c:
3b:b0:56:97:5f:e7:2b:40:9a:08:ad:1f:36:bb:84:e9:b6:64:
15:a6:cc:11:4f:c1:07:cd:94:ec:0b:1b:44:4b:7e:8b:fb:58:
bc:b2:f9:b0:39:a0:ed:15:d3:c9:dc:e6:40:02:33:c9:c6:cb:
d0:c0:ab:fd:3c:19:fd:44:7a:2b:2c:7a:ce:bc:33:b5:40:77:
08:10:2b:81:e9:91:11:39:27:02:7f:3c:f8:01:5a:49:e8:7e:
5a:ee:f5:15:6c:6f:4e:9e:59:b9:56:be:47:fa:13:96:4b:14:
77:f7:f3:85
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVt3TtEYVNpqgG2+bMA/WzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjMwMTAxMTUwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGM3ZWJhNjNhMzBiZDc2YmQ0MjMyZGRjNzQyOGRkZGMzZTc4NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugGO8FzUbBtkSEy1vDw4MwYq+OzR
kP/ykL9Hvl95klo6g41qr8XHi3HbB9L2sb33VHbWcPnDvhHJZ6PY3DT13ms596fa
OeXNItQ6AciZPpSOwrwvGnV3Bs3x78bTCdiyDaVRNGCZjcb9Go2AE2kIwRu0RVL5
WgR4p8F27pVzwpF1sEf5Xy4Mgup8f127XZtHYEanxpQ7BW8sv4KY51Y3eJlXHnrX
nGCNEGZA7B/qk06zQMPx3A/tPHt89ZObO/D/T8Y6Y1P4UfuSGdYS4wBs6nwmKTJz
af9P4MN5VbOFS8sUJCLFXgYvOhPd8dvDRVL2G2JcnE7wRkRJ6hDHszUarwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBDH66Y6ML12vUIy3cdCjd3D54ZZMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvRU1mcnBqb3d2WGE5UWpMZHgwS04zY1BuaGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH4HgAwQA
H4HqAwQCH4HwAwQCH4H8AwQD1QXAMA0GCSqGSIb3DQEBCwUAA4IBAQBFybcVNSpx
w5+F11TexbKOpXx0TJq/PjC2UvYuv4ISJiFS64u9Xta3A16LHbYxgulx7VSdmBS4
AcGDscP4sfzjqA8FbMSgO3bv9FRv85SvnxMkIadBOjwNQPQUPqQO/uIXX+DUtGdl
D9jghQTlVUqrv7q0Wy7ytssN/LAiUQ7d86PviABu+e/ACmkJFNPnzGw7sFaXX+cr
QJoIrR82u4TptmQVpswRT8EHzZTsCxtES36L+1i8svmwOaDtFdPJ3OZAAjPJxsvQ
wKv9PBn9RHorLHrOvDO1QHcIECuB6ZEROScCfzz4AVpJ6H5a7vUVbG9Onlm5Vr5H
+hOWSxR39/OF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:57 2024 by rpki-client on console-ams.rpki-client.org