Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/h7oNOXiEs9I86Wmmv3BD_H-A_y0.roa
File: h7oNOXiEs9I86Wmmv3BD_H-A_y0.roa (raw, json)
Hash identifier: RL5tcl5uj69et5dpWEhoW6Ll0PSDIH8VIDniFE5N+6M=
Subject key identifier: 87:BA:0D:39:78:84:B3:D2:3C:E9:69:A6:BF:70:43:FC:7F:80:FF:2D
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 019092E2C93151A493FEBE50477B803F87EF
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/h7oNOXiEs9I86Wmmv3BD_H-A_y0.roa
Signing time: Mon 08 Jul 2024 15:07:34 +0000
ROA not before: Mon 08 Jul 2024 15:07:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 31.40.196.0/22 maxlen: 22
31.40.204.0/22 maxlen: 22
37.221.76.0/22 maxlen: 22
62.182.32.0/22 maxlen: 22
77.241.72.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
85.235.72.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
176.96.128.0/22 maxlen: 22
193.32.204.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
217.18.208.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 22 Jul 2024 10:53:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:e2:c9:31:51:a4:93:fe:be:50:47:7b:80:3f:87:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jul 8 15:07:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87ba0d397884b3d23ce969a6bf7043fc7f80ff2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:58:8c:98:38:b9:57:8f:92:9c:bd:3c:2f:af:
d8:6c:01:6b:d9:9d:f5:09:aa:c1:db:be:c3:74:61:
95:c0:0d:eb:c2:bb:11:46:d7:1f:7b:09:aa:10:94:
cc:e6:ea:16:b7:6a:a9:3b:b2:37:1e:d3:9c:a0:89:
7a:e3:27:f9:5d:07:cd:1f:e6:b1:6f:cb:46:22:7a:
97:85:fa:f3:d8:5f:f3:fe:aa:33:fb:95:1f:8f:48:
20:67:72:95:54:28:b9:81:31:e5:ea:49:b8:d7:a6:
87:91:d8:c0:62:30:af:63:62:81:14:a9:2d:85:8e:
df:f1:40:39:19:d2:6b:5c:2f:e7:3f:84:dd:f1:63:
87:bc:63:ad:36:6b:bb:72:0b:ab:64:62:de:78:8d:
24:c3:7b:8a:a7:15:8d:eb:c0:bb:74:6e:ec:44:e5:
d3:56:25:5f:39:e8:5e:d5:0a:16:c9:e2:98:d3:5d:
60:b3:eb:36:b2:87:38:cc:aa:d6:da:14:06:fc:ff:
db:44:62:e8:cc:3d:28:50:ed:af:1f:b8:51:cb:26:
08:05:cc:c8:df:7b:a1:dd:6c:24:36:b7:dc:10:5a:
5c:be:3b:6a:35:60:e3:3a:f1:b0:88:6f:ed:48:f2:
67:25:49:34:a0:60:95:ce:97:d0:3b:59:5b:53:a4:
84:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:BA:0D:39:78:84:B3:D2:3C:E9:69:A6:BF:70:43:FC:7F:80:FF:2D
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/h7oNOXiEs9I86Wmmv3BD_H-A_y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
31.40.204.0/22
37.221.76.0/22
62.182.32.0/22
77.241.72.0/22
83.171.244.0/22
84.54.0.0/22
85.8.144.0/22
85.235.72.0/22
139.28.48.0/22
139.28.212.0/22
176.53.156.0/22
176.96.128.0/22
193.32.204.0/22
193.38.44.0/22
194.93.48.0/22
212.115.100.0/22
217.18.208.0/22
Signature Algorithm: sha256WithRSAEncryption
cb:9e:b3:28:79:12:3d:7c:3c:60:20:29:ef:79:75:2a:e4:14:
c2:a2:0e:4a:b3:e1:81:07:ca:8a:28:46:52:75:3b:46:a4:28:
b0:0f:32:1c:6a:f7:ac:c8:17:f7:84:67:f5:c0:4e:be:2e:82:
4f:ca:77:bd:f4:9f:74:8d:e3:6d:91:79:9b:1f:0a:d2:49:4a:
b2:39:e5:9c:50:b9:9d:ef:e9:eb:d0:62:4c:6f:68:ee:46:d8:
74:2d:f1:aa:15:02:5b:48:d9:55:19:3e:73:ee:ff:04:5e:c4:
bf:cf:08:e3:a7:ed:50:bd:a9:2a:02:7a:69:cc:b8:64:81:6f:
de:43:9a:ba:3f:2a:d0:c1:05:69:32:7c:7f:5f:c8:ab:61:04:
09:21:3b:a1:d3:46:72:82:b4:1a:49:8a:71:f0:56:17:84:d1:
a5:d1:d5:7f:f5:45:a3:23:7c:dc:cd:88:87:0d:7b:23:8c:88:
ef:30:54:fd:d7:88:08:2b:4a:84:1e:81:e7:78:56:41:7f:e3:
13:35:12:c0:99:18:0a:8e:a1:cf:74:a3:86:f9:05:43:36:89:
f9:37:4c:83:47:73:ec:0e:1c:4e:76:bf:ed:55:86:cb:4c:e2:
47:84:35:50:fb:6c:62:49:33:ef:aa:90:d4:5a:0a:3a:26:03:
b6:c3:05:ae
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZCS4skxUaST/r5QR3uAP4fvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwNzA4MTUwNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2JhMGQzOTc4ODRiM2QyM2NlOTY5YTZiZjcwNDNmYzdmODBmZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwliMmDi5V4+SnL08L6/YbAFr2Z31
CarB277DdGGVwA3rwrsRRtcfewmqEJTM5uoWt2qpO7I3HtOcoIl64yf5XQfNH+ax
b8tGInqXhfrz2F/z/qoz+5Ufj0ggZ3KVVCi5gTHl6km416aHkdjAYjCvY2KBFKkt
hY7f8UA5GdJrXC/nP4Td8WOHvGOtNmu7cgurZGLeeI0kw3uKpxWN68C7dG7sROXT
ViVfOehe1QoWyeKY011gs+s2soc4zKrW2hQG/P/bRGLozD0oUO2vH7hRyyYIBczI
33uh3WwkNrfcEFpcvjtqNWDjOvGwiG/tSPJnJUk0oGCVzpfQO1lbU6SELQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIe6DTl4hLPSPOlppr9wQ/x/gP8tMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvaDdvTk9YaUVzOUk4NldtbXYzQkRfSC1BX3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAh8oxAME
Ah8ozAMEAiXdTAMEAj62IAMEAk3xSAMEAlOr9AMEAlQ2AAMEAlUIkAMEAlXrSAME
AoscMAMEAosc1AMEArA1nAMEArBggAMEAsEgzAMEAsEmLAMEAsJdMAMEAtRzZAME
AtkS0DANBgkqhkiG9w0BAQsFAAOCAQEAy56zKHkSPXw8YCAp73l1KuQUwqIOSrPh
gQfKiihGUnU7RqQosA8yHGr3rMgX94Rn9cBOvi6CT8p3vfSfdI3jbZF5mx8K0klK
sjnlnFC5ne/p69BiTG9o7kbYdC3xqhUCW0jZVRk+c+7/BF7Ev88I46ftUL2pKgJ6
acy4ZIFv3kOauj8q0MEFaTJ8f1/Iq2EECSE7odNGcoK0GkmKcfBWF4TRpdHVf/VF
oyN83M2Ihw17I4yI7zBU/deICCtKhB6B53hWQX/jEzUSwJkYCo6hz3SjhvkFQzaJ
+TdMg0dz7A4cTna/7VWGy0ziR4Q1UPtsYkkz76qQ1FoKOiYDtsMFrg==
-----END CERTIFICATE-----
Generated at Mon Jul 22 14:12:10 2024 by rpki-client on console-ams.rpki-client.org