Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/T491liFNJzKoqpdRYHPXbzYu_i8.roa
File: T491liFNJzKoqpdRYHPXbzYu_i8.roa (raw, json)
Hash identifier: 1LclYGTpOJAF4WfPlfVt30NV2twKWHF4MmmcuIJ2owo=
Subject key identifier: 4F:8F:75:96:21:4D:27:32:A8:AA:97:51:60:73:D7:6F:36:2E:FE:2F
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018CC50118844EDF71683BA5901EF4544A90
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/T491liFNJzKoqpdRYHPXbzYu_i8.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47869
IP address blocks: 109.235.48.0/21 maxlen: 21
194.110.67.0/24 maxlen: 24
37.46.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 21
31.171.131.0/24 maxlen: 24
94.228.208.0/20 maxlen: 20
2a00:dd0::/32 maxlen: 48
2a00:dd0:bbbb::/48 maxlen: 48
2a00:dd0:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jul 2024 12:13:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:18:84:4e:df:71:68:3b:a5:90:1e:f4:54:4a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f8f7596214d2732a8aa97516073d76f362efe2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:04:da:e3:68:5e:ca:86:02:e3:da:d2:e6:63:
cc:74:08:a0:d4:a0:e1:ec:ee:b8:bb:82:86:00:80:
f4:d5:00:94:33:e9:fb:c7:49:fe:fb:a3:a7:3f:00:
b5:1a:76:4b:1f:41:ac:07:12:1e:cc:b7:6a:ff:03:
88:18:f9:de:fb:e3:61:98:e3:86:44:f1:85:f5:92:
41:fe:5f:d5:06:a0:8e:30:c3:66:77:96:e9:10:32:
a2:9f:1c:74:fc:2c:ab:1d:80:19:dd:59:b0:eb:c7:
fd:a5:9b:c2:4d:ee:df:fc:76:4f:f9:fc:dc:21:f5:
d7:85:cf:d1:bb:43:fe:ec:d3:a6:28:87:33:d7:67:
f5:0f:f2:f1:67:11:41:c3:1e:ee:b3:99:c5:60:f8:
f4:5b:be:c5:9b:2b:cf:f0:cb:82:96:fd:f4:47:7a:
b3:74:0d:1a:e7:ee:e0:c5:7a:f4:fd:ad:5e:dd:95:
17:25:c4:5e:59:3b:22:5a:3a:44:38:85:bb:74:48:
2c:e4:6a:7b:60:31:3b:da:d0:b2:de:0f:2e:39:27:
f6:01:88:32:68:bd:ab:6c:df:4c:9d:78:4a:f3:d0:
60:8a:f1:cf:da:97:31:bc:c2:40:7a:05:1d:0e:c7:
e1:40:90:f8:34:a3:21:03:a5:49:e3:2c:a1:04:de:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:8F:75:96:21:4D:27:32:A8:AA:97:51:60:73:D7:6F:36:2E:FE:2F
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/T491liFNJzKoqpdRYHPXbzYu_i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.131.0/24
37.46.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
95:be:8b:35:29:bc:83:39:8e:f1:eb:f6:3a:eb:4d:8c:07:ad:
13:2b:9e:14:46:e0:f8:e8:0d:bb:30:7b:f5:68:5c:35:65:c3:
3d:6d:2e:80:6f:9f:f1:b0:95:12:bd:1a:0d:16:21:25:3a:8e:
fc:72:82:32:2e:16:87:64:31:d9:24:40:b9:b1:b4:fa:da:30:
df:a9:33:8b:b8:33:12:9d:ba:4e:e9:ab:c8:9f:96:db:8d:48:
45:90:5d:08:86:7a:83:6f:06:dc:7c:12:46:60:51:4e:c2:a3:
f0:02:c1:a9:06:d8:06:12:e2:ab:4a:b9:6a:37:bf:f6:47:9a:
0c:82:02:eb:07:95:94:8a:73:2b:83:a8:e3:79:b7:ea:00:39:
78:20:81:63:3c:83:2c:e7:4c:1a:38:9a:58:88:47:6d:c6:a1:
4a:d4:52:64:c5:ab:ca:18:42:1a:78:8f:a9:58:c4:eb:17:cd:
df:e0:49:9b:29:73:70:f7:24:b6:78:cc:1f:35:a7:18:14:31:
21:b4:8a:ea:2b:d8:2b:72:70:1b:5f:1c:8e:18:c9:72:64:69:
4b:bb:96:e5:49:c0:2d:a3:d9:79:ae:a4:27:fa:14:13:4c:6f:
3e:fc:b2:aa:c1:9f:08:77:5b:fc:31:0e:1f:d3:c4:9e:a2:f9:
4f:82:8d:1b
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFARiETt9xaDulkB70VEqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjhmNzU5NjIxNGQyNzMyYThhYTk3NTE2MDczZDc2ZjM2MmVmZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigTa42heyoYC49rS5mPMdAig1KDh
7O64u4KGAID01QCUM+n7x0n++6OnPwC1GnZLH0GsBxIezLdq/wOIGPne++NhmOOG
RPGF9ZJB/l/VBqCOMMNmd5bpEDKinxx0/CyrHYAZ3Vmw68f9pZvCTe7f/HZP+fzc
IfXXhc/Ru0P+7NOmKIcz12f1D/LxZxFBwx7us5nFYPj0W77FmyvP8MuClv30R3qz
dA0a5+7gxXr0/a1e3ZUXJcReWTsiWjpEOIW7dEgs5Gp7YDE72tCy3g8uOSf2AYgy
aL2rbN9MnXhK89BgivHP2pcxvMJAegUdDsfhQJD4NKMhA6VJ4yyhBN4zZwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE+PdZYhTScyqKqXUWBz1282Lv4vMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvVDQ5MWxpRk5KektvcXBkUllIUFhiell1X2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAH6uDAwQD
JS7AAwQAW8cyAwQDXrlQAwQEXuTQAwQDbeswAwQAwm5DMA0EAgACMAcDBQAqAA3Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCVvos1KbyDOY7x6/Y6602MB60TK54URuD46A27
MHv1aFw1ZcM9bS6Ab5/xsJUSvRoNFiElOo78coIyLhaHZDHZJEC5sbT62jDfqTOL
uDMSnbpO6avIn5bbjUhFkF0IhnqDbwbcfBJGYFFOwqPwAsGpBtgGEuKrSrlqN7/2
R5oMggLrB5WUinMrg6jjebfqADl4IIFjPIMs50waOJpYiEdtxqFK1FJkxavKGEIa
eI+pWMTrF83f4EmbKXNw9yS2eMwfNacYFDEhtIrqK9grcnAbXxyOGMlyZGlLu5bl
ScAto9l5rqQn+hQTTG8+/LKqwZ8Id1v8MQ4f08SeovlPgo0b
-----END CERTIFICATE-----
Generated at Wed Jul 31 14:18:39 2024 by rpki-client on console-ams.rpki-client.org