Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/A6Zg7QfAfTjDW2XFVOGvRbKv-rE.roa
File: A6Zg7QfAfTjDW2XFVOGvRbKv-rE.roa (raw, json)
Hash identifier: 61RP0NP93UzNNw0WnxEJuf1RnNPbvtZqODwF7jCf8Yc=
Subject key identifier: 03:A6:60:ED:07:C0:7D:38:C3:5B:65:C5:54:E1:AF:45:B2:AF:FA:B1
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 018E7A3BD44CFAA337415BF0E7831F19FFC9
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/A6Zg7QfAfTjDW2XFVOGvRbKv-rE.roa
Signing time: Tue 26 Mar 2024 10:08:44 +0000
ROA not before: Tue 26 Mar 2024 10:08:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44843
IP address blocks: 31.207.64.0/20 maxlen: 20
152.89.134.0/24 maxlen: 24
178.236.128.0/21 maxlen: 21
178.236.128.0/24 maxlen: 24
178.236.129.0/24 maxlen: 24
178.236.130.0/24 maxlen: 24
178.236.131.0/24 maxlen: 24
178.236.132.0/24 maxlen: 24
178.236.133.0/24 maxlen: 24
178.236.134.0/24 maxlen: 24
178.236.135.0/24 maxlen: 24
2a02:1710:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 May 2024 07:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:3b:d4:4c:fa:a3:37:41:5b:f0:e7:83:1f:19:ff:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Mar 26 10:08:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03a660ed07c07d38c35b65c554e1af45b2affab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:09:de:93:e8:15:05:58:b3:12:d6:a1:2a:31:
6f:84:81:dc:bf:61:30:d4:7c:15:2b:52:b2:26:ed:
a3:8c:5a:ff:10:7d:f4:79:dc:e5:6c:72:c9:b9:42:
f8:f5:c4:ce:36:0c:81:5f:38:9f:0a:b8:82:e9:38:
f9:97:cf:65:a7:6a:ae:92:79:41:43:fb:9c:55:b9:
b6:24:6e:ca:c1:85:70:7e:be:bd:20:c4:ef:af:82:
48:de:49:99:37:52:6a:f5:45:c3:69:b0:77:e3:72:
2c:0f:ae:7f:a6:ec:a6:91:e6:e3:df:0d:53:c3:69:
86:cc:6f:e3:c3:fc:7f:b9:eb:d9:30:94:06:bd:5e:
d3:8a:9f:c7:8e:e1:81:52:18:36:52:bb:8c:a0:2d:
25:fd:d2:f6:ec:84:20:d7:9c:fa:d5:7c:b2:33:95:
81:97:25:a8:6d:1d:12:ba:b2:1c:28:7c:9a:80:43:
19:d4:5c:eb:af:40:fd:3e:36:45:2b:c1:b1:9c:6b:
f8:a2:07:4e:0f:d5:c6:e1:dd:88:63:e2:46:9f:7b:
1a:dc:55:a4:98:f8:e6:eb:a0:b0:06:2e:48:fa:c4:
1e:bb:2f:43:b8:70:11:41:48:87:21:04:85:c3:6d:
1d:5a:3c:44:24:67:7a:7d:b4:b0:da:e7:af:74:61:
23:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A6:60:ED:07:C0:7D:38:C3:5B:65:C5:54:E1:AF:45:B2:AF:FA:B1
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/A6Zg7QfAfTjDW2XFVOGvRbKv-rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/20
152.89.134.0/24
178.236.128.0/21
IPv6:
2a02:1710:4::/48
Signature Algorithm: sha256WithRSAEncryption
5f:18:47:fb:3b:3f:36:f2:f8:72:4c:d5:02:56:a1:8b:38:36:
18:eb:50:ed:64:9b:d4:4a:c8:f4:99:e7:da:b7:c1:18:4a:3d:
e5:09:3a:fd:cb:96:e0:94:aa:40:18:b2:3c:d6:7a:01:dd:f3:
fd:f1:ea:59:24:3f:2d:b2:64:45:22:c0:0e:a5:9e:74:ec:87:
c2:03:8a:47:fd:55:68:bf:bd:a4:35:ca:5d:00:c6:0c:9f:a8:
84:b2:4c:58:55:41:a6:3d:6b:69:19:51:cb:1b:38:69:dc:3b:
30:2d:be:82:45:4c:c8:aa:12:1a:53:e1:4c:5a:6e:50:25:54:
0a:5f:c5:a7:1d:d6:e8:5c:d0:cf:23:58:ca:4c:61:77:39:3b:
89:62:88:4f:0e:33:83:d8:37:66:03:6f:45:fa:57:b6:b8:d3:
c2:a9:98:e3:4a:5d:a5:36:b8:7f:db:9f:bb:5c:50:fd:ab:07:
5a:96:32:b3:f7:b5:8f:c3:f4:fe:9c:84:60:cb:eb:83:6c:f5:
6b:81:8d:2a:5c:23:9a:93:25:4b:be:3a:cf:6c:c6:12:22:8b:
e8:04:04:21:41:9d:08:43:82:02:7e:b1:99:f1:2c:1d:10:1e:
4a:19:9a:97:6a:f0:3c:22:d7:04:de:b7:b4:9e:35:ad:f5:79:
35:ef:ff:03
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY56O9RM+qM3QVvw54MfGf/JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjQwMzI2MTAwODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2E2NjBlZDA3YzA3ZDM4YzM1YjY1YzU1NGUxYWY0NWIyYWZmYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwnek+gVBVizEtahKjFvhIHcv2Ew
1HwVK1KyJu2jjFr/EH30edzlbHLJuUL49cTONgyBXzifCriC6Tj5l89lp2quknlB
Q/ucVbm2JG7KwYVwfr69IMTvr4JI3kmZN1Jq9UXDabB343IsD65/puymkebj3w1T
w2mGzG/jw/x/uevZMJQGvV7Tip/HjuGBUhg2UruMoC0l/dL27IQg15z61XyyM5WB
lyWobR0SurIcKHyagEMZ1Fzrr0D9PjZFK8GxnGv4ogdOD9XG4d2IY+JGn3sa3FWk
mPjm66CwBi5I+sQeuy9DuHARQUiHIQSFw20dWjxEJGd6fbSw2uevdGEjzQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAOmYO0HwH04w1tlxVThr0Wyr/qxMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvQTZaZzdRZkFmVGpEVzJYRlZPR3ZSYkt2LXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQEH89AAwQA
mFmGAwQDsuyAMA8EAgACMAkDBwAqAhcQAAQwDQYJKoZIhvcNAQELBQADggEBAF8Y
R/s7Pzby+HJM1QJWoYs4NhjrUO1km9RKyPSZ59q3wRhKPeUJOv3LluCUqkAYsjzW
egHd8/3x6lkkPy2yZEUiwA6lnnTsh8IDikf9VWi/vaQ1yl0AxgyfqISyTFhVQaY9
a2kZUcsbOGncOzAtvoJFTMiqEhpT4UxablAlVApfxacd1uhc0M8jWMpMYXc5O4li
iE8OM4PYN2YDb0X6V7a408KpmONKXaU2uH/bn7tcUP2rB1qWMrP3tY/D9P6chGDL
64Ns9WuBjSpcI5qTJUu+Os9sxhIii+gEBCFBnQhDggJ+sZnxLB0QHkoZmpdq8Dwi
1wTet7SeNa31eTXv/wM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:35 2024 by rpki-client on console-ams.rpki-client.org