Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/Y6CBu2dugCzmD8_vHLQlmYdmkNk.roa
File: Y6CBu2dugCzmD8_vHLQlmYdmkNk.roa (raw, json)
Hash identifier: L+GaBmYwhgfxIuNKqyNb3b6CxaQl3QhcSRS1WJqHHks=
Subject key identifier: 63:A0:81:BB:67:6E:80:2C:E6:0F:CF:EF:1C:B4:25:99:87:66:90:D9
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 018CC424BEE9C256B6AD4148371DC4C2BC80
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/Y6CBu2dugCzmD8_vHLQlmYdmkNk.roa
Signing time: Mon 01 Jan 2024 08:29:51 +0000
ROA not before: Mon 01 Jan 2024 08:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.227.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.255.0/24 maxlen: 24
31.129.224.0/22 maxlen: 22
31.129.224.0/24 maxlen: 24
31.129.224.0/23 maxlen: 23
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/23 maxlen: 23
213.5.196.0/24 maxlen: 24
213.5.197.0/24 maxlen: 24
213.5.198.0/24 maxlen: 24
213.5.198.0/23 maxlen: 23
213.5.199.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 06 Apr 2024 17:24:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:be:e9:c2:56:b6:ad:41:48:37:1d:c4:c2:bc:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 1 08:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a081bb676e802ce60fcfef1cb42599876690d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a3:22:6c:df:2b:2f:ea:1a:cd:b4:94:70:8d:
37:1d:7b:d9:a8:7a:f0:f9:2f:53:24:cc:e3:96:37:
80:52:2b:b0:9e:a9:7a:4c:e6:57:5e:cb:82:13:e7:
96:75:9a:0d:e0:59:fb:61:71:68:c1:5e:b6:5c:a8:
de:50:0a:7d:c4:45:13:2b:82:c4:e4:57:44:7a:12:
07:85:cc:88:9a:74:86:a4:04:2f:2b:ee:a2:e0:69:
91:48:0f:6a:80:22:a1:75:4f:ed:f4:c4:d1:01:f1:
7d:2b:d2:96:5d:0e:21:46:3a:49:13:5a:f9:dc:75:
4c:df:28:a6:cc:d0:af:39:f9:1d:ad:6c:15:c1:93:
c9:d4:64:cb:22:dd:58:84:3f:12:d7:d2:b4:96:94:
3a:68:3f:31:cb:d2:fa:01:79:82:b0:8b:47:12:cc:
80:1d:d9:be:52:96:c9:23:65:ac:69:52:9e:16:6e:
a9:b1:f3:08:c0:34:6b:ec:0b:7a:0b:f3:71:6b:43:
57:13:b6:88:e5:95:b0:c5:40:89:02:d1:31:b6:44:
02:27:ce:d1:b7:31:91:a1:25:f1:f7:a7:1d:38:a5:
71:94:3c:95:81:3a:ea:07:04:96:30:7e:76:dc:ff:
cc:95:bb:86:09:d3:6a:e9:12:ca:e3:e0:89:b0:33:
71:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A0:81:BB:67:6E:80:2C:E6:0F:CF:EF:1C:B4:25:99:87:66:90:D9
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/Y6CBu2dugCzmD8_vHLQlmYdmkNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0/22
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
25:8b:46:30:6f:e7:2e:db:a4:ab:95:95:48:be:38:06:9f:2d:
fc:40:83:ce:ff:16:4a:cc:54:fd:2e:f1:5f:18:bc:7e:19:1c:
3e:c4:4c:88:51:94:54:98:39:ab:ac:10:71:5d:a2:7c:26:22:
56:7d:1b:76:73:96:c7:03:0c:3f:f0:c4:71:3e:5c:c6:7f:92:
69:13:0c:53:39:8b:11:38:92:68:9d:6d:ff:86:da:1e:d5:b5:
4d:0d:a3:7e:31:61:d5:9b:be:1f:e3:ba:fb:6d:2c:a3:30:ad:
ce:fb:70:cf:5a:1c:b3:94:a2:a7:09:86:72:39:d3:1f:57:d0:
59:ff:50:d3:e9:09:54:f0:6c:7e:46:f9:f6:18:4f:db:d7:f9:
6e:14:7e:b8:21:ec:d1:3b:87:5f:c5:1f:19:0e:96:7f:52:f1:
31:02:54:7a:06:8c:27:8a:6c:f4:0b:8e:37:4a:51:e6:65:c9:
63:84:e3:d5:c8:ff:55:a9:f1:66:55:82:b1:73:83:6e:5a:72:
24:6e:16:d4:a0:26:55:f0:07:f4:82:12:a3:7e:d6:a1:b4:23:
f4:d3:c7:72:2f:c6:be:57:94:bf:3f:d7:a2:7b:a2:3a:29:67:
23:01:99:6e:bb:9f:26:cb:f5:78:ea:d1:ef:40:01:90:0d:80:
a0:bc:c2:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJL7pwla2rUFINx3EwryAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQwMTAxMDgyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2EwODFiYjY3NmU4MDJjZTYwZmNmZWYxY2I0MjU5OTg3NjY5MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aMibN8rL+oazbSUcI03HXvZqHrw
+S9TJMzjljeAUiuwnql6TOZXXsuCE+eWdZoN4Fn7YXFowV62XKjeUAp9xEUTK4LE
5FdEehIHhcyImnSGpAQvK+6i4GmRSA9qgCKhdU/t9MTRAfF9K9KWXQ4hRjpJE1r5
3HVM3yimzNCvOfkdrWwVwZPJ1GTLIt1YhD8S19K0lpQ6aD8xy9L6AXmCsItHEsyA
Hdm+UpbJI2WsaVKeFm6psfMIwDRr7At6C/Nxa0NXE7aI5ZWwxUCJAtExtkQCJ87R
tzGRoSXx96cdOKVxlDyVgTrqBwSWMH523P/MlbuGCdNq6RLK4+CJsDNxBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGOggbtnboAs5g/P7xy0JZmHZpDZMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvWTZDQnUyZHVnQ3ptRDhfdkhMUWxtWWRta05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH4HgAwQA
H4HqAwQCH4HwAwQCH4H8AwQD1QXAMA0GCSqGSIb3DQEBCwUAA4IBAQAli0Ywb+cu
26SrlZVIvjgGny38QIPO/xZKzFT9LvFfGLx+GRw+xEyIUZRUmDmrrBBxXaJ8JiJW
fRt2c5bHAww/8MRxPlzGf5JpEwxTOYsROJJonW3/htoe1bVNDaN+MWHVm74f47r7
bSyjMK3O+3DPWhyzlKKnCYZyOdMfV9BZ/1DT6QlU8Gx+Rvn2GE/b1/luFH64IezR
O4dfxR8ZDpZ/UvExAlR6Bownimz0C443SlHmZcljhOPVyP9VqfFmVYKxc4NuWnIk
bhbUoCZV8Af0ghKjftahtCP008dyL8a+V5S/P9eie6I6KWcjAZluu58my/V46tHv
QAGQDYCgvMLD
-----END CERTIFICATE-----
Generated at Sat Apr 6 22:00:30 2024 by rpki-client on console-ams.rpki-client.org