Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/tex7CCAnvIiZFFvYS33LcHg522k.roa
File: tex7CCAnvIiZFFvYS33LcHg522k.roa (raw, json)
Hash identifier: M7b+sBw1PKBhBmbpKUifRKGDG4F3szIpbNmn7w1ERwc=
Subject key identifier: B5:EC:7B:08:20:27:BC:88:99:14:5B:D8:4B:7D:CB:70:78:39:DB:69
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018C8D27B31DACF7D9A62F45832F70E106BD
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/tex7CCAnvIiZFFvYS33LcHg522k.roa
Signing time: Thu 21 Dec 2023 16:13:58 +0000
ROA not before: Thu 21 Dec 2023 16:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47869
IP address blocks: 109.235.48.0/21 maxlen: 21
194.110.67.0/24 maxlen: 24
37.46.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 21
31.171.131.0/24 maxlen: 24
94.228.208.0/20 maxlen: 20
2a00:dd0::/32 maxlen: 48
2a00:dd0:bbbb::/48 maxlen: 48
2a00:dd0:aaaa::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:27:b3:1d:ac:f7:d9:a6:2f:45:83:2f:70:e1:06:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Dec 21 16:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5ec7b082027bc8899145bd84b7dcb707839db69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:ab:7d:37:be:49:ef:1d:8e:d6:66:56:2d:
95:89:fd:be:b3:87:9f:a0:25:ec:69:0a:40:5e:e5:
67:ec:4d:63:d2:9a:45:b1:b7:32:3b:b5:2b:fb:bc:
06:93:67:3d:f4:eb:52:63:87:1b:c4:79:20:65:4e:
95:40:ca:d1:6a:e1:b9:b8:41:c2:d4:71:64:b0:b0:
3f:d2:dc:03:13:c7:0a:1b:6b:b8:17:54:7f:33:ce:
9f:57:a8:7c:12:46:e8:5b:b5:62:f9:86:45:3f:8e:
7e:ad:27:1b:1c:c0:13:67:e3:a3:1a:8a:f9:4f:b3:
e8:0a:9f:94:74:a6:45:d5:18:ee:4c:df:e4:c1:9f:
2c:4f:cf:6c:03:ce:dc:1a:46:fd:d1:c0:f7:15:d5:
6a:11:26:76:3d:2a:76:b9:2e:df:94:6d:7a:13:27:
8b:ca:19:82:f6:d7:79:e7:ad:0f:1c:c1:04:bd:3d:
7a:f3:32:76:89:5b:fe:7e:84:3c:43:df:ce:58:3a:
26:f5:7f:86:06:21:9d:76:af:82:a6:de:c9:1c:3f:
16:23:10:1e:52:8f:f5:68:1c:77:e2:6a:cf:7c:63:
a5:47:2a:94:ee:65:bb:11:22:9a:e5:19:d6:4d:f7:
c4:0e:3d:d5:b6:94:44:f6:27:e9:d8:01:bd:76:a9:
d0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EC:7B:08:20:27:BC:88:99:14:5B:D8:4B:7D:CB:70:78:39:DB:69
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/tex7CCAnvIiZFFvYS33LcHg522k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.131.0/24
37.46.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
88:7c:ff:48:ce:c4:9c:66:81:88:02:55:5d:6e:db:60:cc:cd:
91:11:91:a1:c8:9c:85:91:f9:12:cc:f3:e0:39:ab:d2:40:c6:
91:63:55:88:0a:ee:b7:a8:ab:f8:91:16:9d:35:b9:bd:b2:2b:
e1:72:37:c8:34:5c:29:46:6a:02:93:1a:e6:9b:10:6d:4a:5f:
73:4f:0d:0c:e4:da:f3:dc:cd:e6:6f:ac:08:c8:70:9e:c1:88:
0f:1b:c7:a4:b5:8d:6d:c1:c7:86:42:bc:3d:50:39:94:e7:f0:
60:53:d9:66:82:f3:c2:74:cc:74:26:82:55:27:d6:32:00:37:
9c:0f:3d:07:33:e9:1c:f6:37:ff:05:bb:9f:df:66:5a:00:6e:
1e:09:a0:02:6e:6e:9c:4b:48:0a:08:cc:4e:09:1c:63:a5:8d:
27:db:19:3f:29:0f:bf:e9:30:4c:f9:69:71:2b:b1:d8:28:4d:
28:9b:ac:52:42:fb:a2:16:b9:60:41:eb:e1:2d:44:fe:df:18:
6a:ab:2b:fd:04:7c:e2:47:e4:b1:3c:f6:42:03:f8:8f:d6:b9:
7b:d6:ac:8f:0e:fd:52:54:6c:ed:ff:f4:df:f5:1a:f3:b3:18:
1d:5d:15:0a:69:2c:5b:0b:13:f1:84:bc:98:c8:30:81:ef:da:
0c:d5:f8:f3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYyNJ7MdrPfZpi9Fgy9w4Qa9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjMxMjIxMTYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWVjN2IwODIwMjdiYzg4OTkxNDViZDg0YjdkY2I3MDc4MzlkYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt02rfTe+Se8djtZmVi2Vif2+s4ef
oCXsaQpAXuVn7E1j0ppFsbcyO7Ur+7wGk2c99OtSY4cbxHkgZU6VQMrRauG5uEHC
1HFksLA/0twDE8cKG2u4F1R/M86fV6h8EkboW7Vi+YZFP45+rScbHMATZ+OjGor5
T7PoCp+UdKZF1RjuTN/kwZ8sT89sA87cGkb90cD3FdVqESZ2PSp2uS7flG16EyeL
yhmC9td5560PHMEEvT168zJ2iVv+foQ8Q9/OWDom9X+GBiGddq+Cpt7JHD8WIxAe
Uo/1aBx34mrPfGOlRyqU7mW7ESKa5RnWTffEDj3VtpRE9ifp2AG9dqnQ9wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLXsewggJ7yImRRb2Et9y3B4OdtpMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvdGV4N0NDQW52SWlaRkZ2WVMzM0xjSGc1MjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAH6uDAwQD
JS7AAwQAW8cyAwQDXrlQAwQEXuTQAwQDbeswAwQAwm5DMA0EAgACMAcDBQAqAA3Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCIfP9IzsScZoGIAlVdbttgzM2REZGhyJyFkfkS
zPPgOavSQMaRY1WICu63qKv4kRadNbm9sivhcjfINFwpRmoCkxrmmxBtSl9zTw0M
5Nrz3M3mb6wIyHCewYgPG8ektY1twceGQrw9UDmU5/BgU9lmgvPCdMx0JoJVJ9Yy
ADecDz0HM+kc9jf/Bbuf32ZaAG4eCaACbm6cS0gKCMxOCRxjpY0n2xk/KQ+/6TBM
+WlxK7HYKE0om6xSQvuiFrlgQevhLUT+3xhqqyv9BHziR+SxPPZCA/iP1rl71qyP
Dv1SVGzt//Tf9RrzsxgdXRUKaSxbCxPxhLyYyDCB79oM1fjz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org