Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa
File: 5fv7INHIyx25GqqZ4End3A7HB9k.roa (raw, json)
Hash identifier: 9Qrm3Scb8aGNYLgGsdcACVfGe0Bq6O+TRSxcyPbKhX8=
Subject key identifier: E5:FB:FB:20:D1:C8:CB:1D:B9:1A:AA:99:E0:49:DD:DC:0E:C7:07:D9
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01867F8C29CA9708BBB1A2806033D4020C15
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa
Signing time: Thu 23 Feb 2023 18:32:17 +0000
ROA not before: Thu 23 Feb 2023 18:32:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205655
IP address blocks: 31.135.0.0/24 maxlen: 24
31.135.6.0/24 maxlen: 24
91.245.90.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
64.43.65.0/24 maxlen: 24
64.43.74.0/23 maxlen: 23
91.246.200.0/24 maxlen: 24
91.224.40.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:8c:29:ca:97:08:bb:b1:a2:80:60:33:d4:02:0c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 23 18:32:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5fbfb20d1c8cb1db91aaa99e049dddc0ec707d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6e:da:d8:26:0c:ab:cf:b2:7a:b6:89:3b:12:
ad:5b:3c:67:c5:ee:6d:7d:cb:43:a9:25:d4:5c:9a:
c6:b2:c2:2c:a0:63:d9:e8:dd:44:7f:4c:5d:40:f1:
c3:37:da:b5:4c:21:1f:5d:05:a8:fd:ce:79:20:a4:
52:df:ee:a6:85:d0:96:32:c5:fd:2a:bd:11:ee:cc:
89:09:e7:71:48:71:a6:a0:73:8a:e9:7e:ba:c9:47:
74:c0:c4:92:3a:ed:ed:e4:56:0e:6a:11:79:4c:80:
54:23:2c:d7:81:e5:08:b2:ae:66:93:a2:16:15:d5:
e5:4d:99:2d:98:90:86:d0:6b:3a:25:29:c8:59:da:
05:24:9c:5a:92:ef:df:42:81:aa:9f:24:b1:81:f0:
fe:08:b9:5c:30:cf:a3:b4:37:ce:70:a4:96:98:30:
1a:e9:ba:d1:59:8b:33:63:bb:98:78:11:6e:2b:d7:
7c:9b:c3:3e:89:05:1a:9d:d0:e3:f3:51:e4:97:24:
90:a9:cb:ba:2e:ef:e9:e0:64:ed:12:7b:98:60:78:
f5:6f:4d:a3:10:e5:7f:4c:fa:bd:78:51:ca:e5:46:
a9:81:4a:37:f5:61:1a:4e:fa:06:ec:e3:dc:9f:6d:
83:d6:2d:2e:d2:67:01:49:0a:b1:5e:b4:27:52:5e:
8a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FB:FB:20:D1:C8:CB:1D:B9:1A:AA:99:E0:49:DD:DC:0E:C7:07:D9
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/5fv7INHIyx25GqqZ4End3A7HB9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.0.0/24
31.135.6.0/24
64.43.65.0/24
64.43.74.0/23
91.224.40.0/24
91.245.90.0/24
91.246.200.0/24
176.103.120.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ab:65:44:23:b7:be:5f:e3:d2:c0:4a:18:c5:61:67:38:eb:
11:b4:05:b0:72:3b:c6:bb:20:70:3e:ae:67:d7:63:71:f2:cd:
a8:d3:1c:5d:c4:0d:ee:ae:8e:7f:7c:07:73:66:3f:f4:e2:59:
f3:59:2a:8c:7f:00:c1:76:5a:ab:f8:bc:ee:a7:a3:86:a4:43:
56:94:0c:ba:0d:75:1f:56:05:96:37:4d:92:80:53:5c:77:d8:
fc:de:cb:55:f3:c7:87:0f:43:fe:0c:96:04:44:04:59:5c:d2:
6b:a3:05:db:9d:61:dd:f4:48:aa:73:f6:6a:5c:6e:46:d0:10:
e3:44:a9:58:5c:0e:93:3e:b8:6c:37:57:08:f4:70:cc:91:2c:
42:ea:6a:b8:e5:5e:ff:e9:cb:86:21:46:15:84:56:76:3d:19:
5a:a1:dc:f3:87:df:56:49:54:14:a0:ab:21:25:c3:fb:54:67:
30:bc:0e:3c:51:fd:7d:29:65:d9:c5:94:69:60:46:3e:78:b8:
7b:5f:a5:59:29:f1:a4:d6:9c:d1:a4:9f:a1:db:90:62:bd:1e:
8b:54:fc:9a:f2:6f:e2:8b:a3:03:91:58:45:39:da:bf:d3:0a:
2f:d4:19:8f:e9:16:4e:e7:68:b8:12:cc:a1:5e:5c:b7:5e:88:
ed:3a:50:ad
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYZ/jCnKlwi7saKAYDPUAgwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMjIzMTgzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZiZmIyMGQxYzhjYjFkYjkxYWFhOTllMDQ5ZGRkYzBlYzcwN2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom7a2CYMq8+yeraJOxKtWzxnxe5t
fctDqSXUXJrGssIsoGPZ6N1Ef0xdQPHDN9q1TCEfXQWo/c55IKRS3+6mhdCWMsX9
Kr0R7syJCedxSHGmoHOK6X66yUd0wMSSOu3t5FYOahF5TIBUIyzXgeUIsq5mk6IW
FdXlTZktmJCG0Gs6JSnIWdoFJJxaku/fQoGqnySxgfD+CLlcMM+jtDfOcKSWmDAa
6brRWYszY7uYeBFuK9d8m8M+iQUandDj81HklySQqcu6Lu/p4GTtEnuYYHj1b02j
EOV/TPq9eFHK5UapgUo39WEaTvoG7OPcn22D1i0u0mcBSQqxXrQnUl6KJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOX7+yDRyMsduRqqmeBJ3dwOxwfZMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNWZ2N0lOSEl5eDI1R3FxWjRFbmQzQTdIQjlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH4cAAwQA
H4cGAwQAQCtBAwQBQCtKAwQAW+AoAwQAW/VaAwQAW/bIAwQAsGd4MA0GCSqGSIb3
DQEBCwUAA4IBAQCZq2VEI7e+X+PSwEoYxWFnOOsRtAWwcjvGuyBwPq5n12Nx8s2o
0xxdxA3uro5/fAdzZj/04lnzWSqMfwDBdlqr+Lzup6OGpENWlAy6DXUfVgWWN02S
gFNcd9j83stV88eHD0P+DJYERARZXNJrowXbnWHd9Eiqc/ZqXG5G0BDjRKlYXA6T
PrhsN1cI9HDMkSxC6mq45V7/6cuGIUYVhFZ2PRlaodzzh99WSVQUoKshJcP7VGcw
vA48Uf19KWXZxZRpYEY+eLh7X6VZKfGk1pzRpJ+h25BivR6LVPya8m/ii6MDkVhF
Odq/0wov1BmP6RZO52i4EsyhXly3XojtOlCt
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:10 2024 by rpki-client on console-fra.rpki-client.org