Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/AB--qKRKe7MVMWIQiqnqhqm1tvs.roa
File: AB--qKRKe7MVMWIQiqnqhqm1tvs.roa (raw, json)
Hash identifier: G8Qj6cGdvJGeC5AQxpExdt/H+w5vJAc7RrzlKz8WRFo=
Subject key identifier: 00:1F:BE:A8:A4:4A:7B:B3:15:31:62:10:8A:A9:EA:86:A9:B5:B6:FB
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018F4A09A4A096CB85227D5C155EB5E901FC
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/AB--qKRKe7MVMWIQiqnqhqm1tvs.roa
Signing time: Sun 05 May 2024 18:34:56 +0000
ROA not before: Sun 05 May 2024 18:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 31.40.196.0/22 maxlen: 22
62.182.32.0/22 maxlen: 22
77.241.72.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
85.235.72.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
217.18.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 30 May 2024 18:51:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4a:09:a4:a0:96:cb:85:22:7d:5c:15:5e:b5:e9:01:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: May 5 18:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=001fbea8a44a7bb3153162108aa9ea86a9b5b6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:5c:6b:4a:20:af:87:c6:47:0c:36:01:0f:
de:7b:0a:0f:43:aa:cd:0b:6f:9d:6e:97:5a:93:8b:
b9:92:e2:62:b6:08:00:6e:31:34:ef:89:b6:ab:83:
94:5e:25:78:a1:61:89:54:16:73:8e:fa:0d:3f:d1:
4a:02:5c:87:05:70:e3:dc:39:ae:84:15:df:ea:02:
cc:29:ff:9a:70:c0:4e:1c:07:6f:54:b8:5d:3c:8b:
10:8b:54:60:5a:d8:21:6d:04:8e:d0:c4:aa:13:73:
15:e5:ee:12:51:b4:4c:52:c9:64:dd:ec:d1:64:cb:
fa:9a:c5:c7:dd:04:46:be:cf:ec:45:fb:9e:b4:e9:
3f:9f:38:be:0d:77:82:95:77:84:fd:47:d1:f1:e0:
fb:cb:a0:aa:2c:cb:3f:3f:bd:71:1e:fa:45:22:2e:
94:c5:fd:62:37:8c:80:c4:fa:01:e9:5b:bb:4f:98:
e7:aa:e3:ea:9e:39:b7:19:ee:9e:8a:8d:23:56:6a:
2d:01:f5:35:e8:3b:63:8c:9d:85:6a:62:a6:0a:bc:
39:cd:93:7b:99:bb:b1:10:11:51:61:cc:27:7f:bb:
a7:af:98:20:5d:4d:76:df:ac:36:d2:18:38:74:53:
05:7b:14:ce:1a:fe:f8:66:f3:76:50:17:18:19:60:
c7:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1F:BE:A8:A4:4A:7B:B3:15:31:62:10:8A:A9:EA:86:A9:B5:B6:FB
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/AB--qKRKe7MVMWIQiqnqhqm1tvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
62.182.32.0/22
77.241.72.0/22
84.54.0.0/22
85.8.144.0/22
85.235.72.0/22
139.28.48.0/22
139.28.212.0/22
193.32.204.0/22
193.38.44.0/22
212.87.196.0/22
212.115.100.0/22
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:f1:86:1e:f8:ff:9b:ae:e9:e7:a7:e8:bf:01:a3:42:4b:9a:
6b:f5:ac:31:4e:88:6b:de:ea:96:a1:8a:3b:6a:0a:8f:f1:80:
78:5a:01:56:25:b3:f6:2d:ef:ee:a7:68:0c:71:e4:c9:9a:a1:
58:51:be:04:40:99:92:5b:b0:c2:6f:05:38:ac:cf:5c:92:a6:
4e:8f:2c:ef:a4:21:db:2b:50:67:8c:ea:09:83:29:b7:3c:09:
47:05:51:08:f0:cc:34:f6:89:56:cb:85:b4:c2:e4:c0:ee:6e:
f4:76:c9:2e:68:d4:48:fd:36:79:8d:e4:04:2d:ad:96:70:8b:
dd:77:ac:02:09:fe:55:7e:76:15:cd:36:a4:8d:f1:0c:13:15:
a0:1b:19:71:40:d0:43:6e:fe:a4:34:26:0a:76:fd:3e:8f:f0:
2d:36:74:eb:19:c4:4f:fe:32:2c:ee:87:0c:55:cd:9e:ad:d5:
2c:0c:17:ee:5b:c6:58:0d:84:8e:17:98:80:aa:82:ec:fc:79:
24:4e:08:97:fa:63:ed:8c:1d:40:31:2f:86:94:86:cb:dc:43:
ca:0a:c1:15:d4:5a:20:00:41:d4:05:bb:64:dc:c7:a6:45:bd:
2f:d9:7e:a7:63:98:7c:3c:95:fc:c6:cb:79:26:f8:d4:30:c2:
ed:23:9d:55
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY9KCaSglsuFIn1cFV616QH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNTA1MTgzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDFmYmVhOGE0NGE3YmIzMTUzMTYyMTA4YWE5ZWE4NmE5YjViNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKFca0ogr4fGRww2AQ/eewoPQ6rN
C2+dbpdak4u5kuJitggAbjE074m2q4OUXiV4oWGJVBZzjvoNP9FKAlyHBXDj3Dmu
hBXf6gLMKf+acMBOHAdvVLhdPIsQi1RgWtghbQSO0MSqE3MV5e4SUbRMUslk3ezR
ZMv6msXH3QRGvs/sRfuetOk/nzi+DXeClXeE/UfR8eD7y6CqLMs/P71xHvpFIi6U
xf1iN4yAxPoB6Vu7T5jnquPqnjm3Ge6eio0jVmotAfU16DtjjJ2FamKmCrw5zZN7
mbuxEBFRYcwnf7unr5ggXU1236w20hg4dFMFexTOGv74ZvN2UBcYGWDHOwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAAfvqikSnuzFTFiEIqp6oaptbb7MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvQUItLXFLUktlN01WTVdJUWlxbnFocW0xdHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCHyjEAwQC
PrYgAwQCTfFIAwQCVDYAAwQCVQiQAwQCVetIAwQCixwwAwQCixzUAwQCwSDMAwQC
wSYsAwQC1FfEAwQC1HNkAwQC2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQAd8YYe+P+b
runnp+i/AaNCS5pr9awxTohr3uqWoYo7agqP8YB4WgFWJbP2Le/up2gMceTJmqFY
Ub4EQJmSW7DCbwU4rM9ckqZOjyzvpCHbK1BnjOoJgym3PAlHBVEI8Mw09olWy4W0
wuTA7m70dskuaNRI/TZ5jeQELa2WcIvdd6wCCf5VfnYVzTakjfEMExWgGxlxQNBD
bv6kNCYKdv0+j/AtNnTrGcRP/jIs7ocMVc2erdUsDBfuW8ZYDYSOF5iAqoLs/Hkk
TgiX+mPtjB1AMS+GlIbL3EPKCsEV1FogAEHUBbtk3MemRb0v2X6nY5h8PJX8xst5
JvjUMMLtI51V
-----END CERTIFICATE-----
Generated at Thu May 30 22:32:50 2024 by rpki-client on console-ams.rpki-client.org