Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/420c14-cb2c-4e3e-87b9-3fc39487807c/1/o1cRFPa_IV3I-bqgAjs3_zON39Y.roa
File: o1cRFPa_IV3I-bqgAjs3_zON39Y.roa (raw, json)
Hash identifier: qP+TXAmKKI4yW3m1oOmsyx/9PGiwfYdGS4I0SFjckEg=
Subject key identifier: A3:57:11:14:F6:BF:21:5D:C8:F9:BA:A0:02:3B:37:FF:33:8D:DF:D6
Certificate issuer: /CN=2c83dfb24629c16779350b4a777b5b280fc59d44
Certificate serial: 01857169BE399D60781086AD2455954E36DB
Authority key identifier: 2C:83:DF:B2:46:29:C1:67:79:35:0B:4A:77:7B:5B:28:0F:C5:9D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIPfskYpwWd5NQtKd3tbKA_FnUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/420c14-cb2c-4e3e-87b9-3fc39487807c/1/o1cRFPa_IV3I-bqgAjs3_zON39Y.roa
Signing time: Mon 02 Jan 2023 07:37:13 +0000
ROA not before: Mon 02 Jan 2023 07:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29644
IP address blocks: 178.250.112.0/21 maxlen: 24
77.75.96.0/21 maxlen: 24
185.51.104.0/22 maxlen: 24
31.193.216.0/21 maxlen: 24
2a03:5f00:104::/48 maxlen: 48
2a03:5f00:107::/48 maxlen: 48
2a03:5f00:102::/48 maxlen: 48
2a03:5f00:105::/48 maxlen: 48
2a03:5f00::/32 maxlen: 32
2a03:5f00:108::/48 maxlen: 48
2a03:5f00:1000::/48 maxlen: 48
2a03:5f00:103::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:be:39:9d:60:78:10:86:ad:24:55:95:4e:36:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c83dfb24629c16779350b4a777b5b280fc59d44
Validity
Not Before: Jan 2 07:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3571114f6bf215dc8f9baa0023b37ff338ddfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:7a:bb:56:30:a8:30:a9:69:44:da:8f:74:
d1:0a:25:5b:6d:15:2f:7c:bd:5a:b7:7a:e2:47:60:
43:bb:c4:77:90:25:44:ea:e2:80:0f:3d:ac:1b:c7:
a7:f8:20:b0:b0:14:ff:83:3c:ce:9b:9a:bc:09:fd:
3c:67:e5:af:46:09:cb:2b:75:73:8e:11:8d:65:4b:
40:ba:0a:96:61:74:d4:f5:10:b7:1a:65:dc:27:34:
b9:40:c1:73:80:1c:a2:1e:c0:30:3b:14:15:ef:4f:
a1:81:a7:98:68:3c:c1:91:fa:84:39:b3:48:50:e9:
bb:50:f8:a1:14:0f:77:c7:72:0d:89:cb:af:f1:d3:
0d:fa:43:ab:51:01:61:bf:b7:b6:47:4a:6a:a5:79:
75:5d:26:86:5c:77:0b:c7:2d:00:65:4f:44:c2:75:
be:3b:ea:03:c9:ea:e2:23:fc:16:26:ce:cf:f1:73:
48:81:93:a4:e0:ca:f5:e4:1e:e7:d9:f7:da:88:38:
af:c8:ac:c3:ac:2d:0c:cf:89:d4:68:b1:af:f8:29:
ad:c4:4a:4b:3e:1e:b9:d0:e7:b4:3e:6d:01:27:c3:
bd:8b:5e:74:82:2d:15:12:0b:eb:98:83:c0:82:94:
ff:02:97:e8:88:0f:57:61:30:44:1d:b9:e9:4c:b8:
76:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:57:11:14:F6:BF:21:5D:C8:F9:BA:A0:02:3B:37:FF:33:8D:DF:D6
X509v3 Authority Key Identifier:
keyid:2C:83:DF:B2:46:29:C1:67:79:35:0B:4A:77:7B:5B:28:0F:C5:9D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIPfskYpwWd5NQtKd3tbKA_FnUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/420c14-cb2c-4e3e-87b9-3fc39487807c/1/o1cRFPa_IV3I-bqgAjs3_zON39Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/420c14-cb2c-4e3e-87b9-3fc39487807c/1/LIPfskYpwWd5NQtKd3tbKA_FnUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.216.0/21
77.75.96.0/21
178.250.112.0/21
185.51.104.0/22
IPv6:
2a03:5f00::/32
Signature Algorithm: sha256WithRSAEncryption
05:85:02:a5:8f:ed:60:14:fd:a7:e1:dc:17:b6:2b:7e:9f:57:
62:21:8f:c4:57:a5:88:a7:d7:3a:5e:51:b3:d6:11:e9:0c:2e:
1c:eb:a3:e4:98:c5:9a:0c:e4:e3:d7:ea:9c:2a:dc:69:3f:34:
70:ec:3a:a7:29:b9:47:16:1f:ed:e8:df:7b:79:aa:46:81:5e:
84:a1:b3:5a:19:df:cf:8f:4f:1b:c5:f9:c7:37:44:63:b3:1d:
b1:28:b4:30:7b:49:18:d5:1a:3d:a2:af:2b:dd:e6:18:72:31:
6f:32:7d:e6:f8:c8:35:f1:9d:d0:4c:11:c6:7f:ba:9a:f8:69:
12:5b:97:de:90:4d:c6:ae:62:f3:00:f5:f0:cb:8e:83:3f:47:
87:b1:f1:db:2b:80:c8:69:a4:54:36:04:c8:07:9e:a8:72:9a:
7b:ca:52:90:99:fa:b3:47:83:98:b0:09:42:0b:fa:b1:85:44:
c9:c9:c4:17:a0:91:cb:e4:0e:58:42:7b:52:92:8e:73:73:cf:
7b:69:56:39:bb:0a:aa:66:07:c3:e8:99:2a:0a:f1:5e:ac:69:
4e:3c:db:e3:bb:c0:9d:3a:23:0e:40:d8:c8:1d:65:0b:17:c4:
ba:e2:fc:ff:7d:5d:2e:e6:81:84:85:eb:ec:29:dd:1c:c5:2a:
39:c6:b0:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxab45nWB4EIatJFWVTjbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODNkZmIyNDYyOWMxNjc3OTM1MGI0YTc3N2I1YjI4MGZj
NTlkNDQwHhcNMjMwMTAyMDczNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzU3MTExNGY2YmYyMTVkYzhmOWJhYTAwMjNiMzdmZjMzOGRkZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq596u1YwqDCpaUTaj3TRCiVbbRUv
fL1at3riR2BDu8R3kCVE6uKADz2sG8en+CCwsBT/gzzOm5q8Cf08Z+WvRgnLK3Vz
jhGNZUtAugqWYXTU9RC3GmXcJzS5QMFzgByiHsAwOxQV70+hgaeYaDzBkfqEObNI
UOm7UPihFA93x3INicuv8dMN+kOrUQFhv7e2R0pqpXl1XSaGXHcLxy0AZU9EwnW+
O+oDyeriI/wWJs7P8XNIgZOk4Mr15B7n2ffaiDivyKzDrC0Mz4nUaLGv+CmtxEpL
Ph650Oe0Pm0BJ8O9i150gi0VEgvrmIPAgpT/ApfoiA9XYTBEHbnpTLh2FQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKNXERT2vyFdyPm6oAI7N/8zjd/WMB8GA1UdIwQY
MBaAFCyD37JGKcFneTULSnd7WygPxZ1EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElQZnNrWXB3V2Q1TlF0S2QzdGJLQV9GblVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80MjBjMTQtY2IyYy00ZTNlLTg3Yjkt
M2ZjMzk0ODc4MDdjLzEvbzFjUkZQYV9JVjNJLWJxZ0FqczNfek9OMzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80MjBjMTQtY2IyYy00ZTNlLTg3YjktM2ZjMzk0ODc4MDdj
LzEvTElQZnNrWXB3V2Q1TlF0S2QzdGJLQV9GblVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH8HYAwQD
TUtgAwQDsvpwAwQCuTNoMA0EAgACMAcDBQAqA18AMA0GCSqGSIb3DQEBCwUAA4IB
AQAFhQKlj+1gFP2n4dwXtit+n1diIY/EV6WIp9c6XlGz1hHpDC4c66PkmMWaDOTj
1+qcKtxpPzRw7DqnKblHFh/t6N97eapGgV6EobNaGd/Pj08bxfnHN0Rjsx2xKLQw
e0kY1Ro9oq8r3eYYcjFvMn3m+Mg18Z3QTBHGf7qa+GkSW5fekE3GrmLzAPXwy46D
P0eHsfHbK4DIaaRUNgTIB56ocpp7ylKQmfqzR4OYsAlCC/qxhUTJycQXoJHL5A5Y
QntSko5zc897aVY5uwqqZgfD6JkqCvFerGlOPNvju8CdOiMOQNjIHWULF8S64vz/
fV0u5oGEhevsKd0cxSo5xrDJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:10 2024 by rpki-client on console-ams.rpki-client.org