Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LkGrjW2fPq8GZ4or5x7rS0vmGOg.roa
File: LkGrjW2fPq8GZ4or5x7rS0vmGOg.roa (raw, json)
Hash identifier: HrWDBPwxMMA0KSRPBKV+RGiPI4ETqvkFPp2aQnzNaGU=
Subject key identifier: 2E:41:AB:8D:6D:9F:3E:AF:06:67:8A:2B:E7:1E:EB:4B:4B:E6:18:E8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0190EF1934DD25F767EC77FD082A71185AAF
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LkGrjW2fPq8GZ4or5x7rS0vmGOg.roa
Signing time: Fri 26 Jul 2024 12:52:04 +0000
ROA not before: Fri 26 Jul 2024 12:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34744
IP address blocks: 31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.16.0/21 maxlen: 21
77.36.64.0/19 maxlen: 19
77.36.64.0/24 maxlen: 24
77.232.216.0/22 maxlen: 22
91.246.172.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
109.197.232.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 16:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:19:34:dd:25:f7:67:ec:77:fd:08:2a:71:18:5a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jul 26 12:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e41ab8d6d9f3eaf06678a2be71eeb4b4be618e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:14:4e:23:25:27:2f:4f:cc:39:41:05:3e:42:
8a:74:80:50:88:c2:c9:51:8f:d1:c0:78:17:4f:14:
17:55:c5:a8:62:c2:88:7e:f1:08:14:22:5a:bc:43:
1d:48:96:9e:c4:8c:ce:c5:90:f1:d6:75:8e:6e:c8:
7f:ba:04:ba:9b:d6:9b:47:d4:b0:0b:39:3d:47:dd:
b9:3c:39:9f:ec:31:17:e8:92:16:3f:78:58:d9:67:
e6:45:be:b4:bf:48:d2:95:d3:84:8f:7e:c3:4a:56:
ba:32:8a:ef:30:c0:4b:c2:f2:30:96:eb:e4:98:e5:
5f:80:bf:75:8e:0d:ff:bf:30:66:83:7b:9f:37:4d:
20:a0:ef:fe:a8:51:a8:82:1a:1d:24:5d:a7:3b:9e:
18:db:60:9b:eb:7f:01:0f:31:71:e2:29:de:fb:b3:
1c:e7:82:dc:f8:eb:dc:a6:22:7e:30:5f:f7:a5:33:
07:93:04:dc:2a:6b:0c:e4:7b:b5:7e:51:3d:a9:e3:
7b:d8:a3:99:ad:53:4a:fd:7b:49:b0:41:a8:48:e5:
e0:bf:04:c5:04:7e:01:48:bb:df:8a:fa:9a:f0:8e:
cd:1a:52:25:9f:63:fe:d0:e4:ef:4c:e9:bd:43:ae:
db:d5:7f:8d:ac:e6:07:9e:85:cd:a5:10:79:26:86:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:41:AB:8D:6D:9F:3E:AF:06:67:8A:2B:E7:1E:EB:4B:4B:E6:18:E8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/LkGrjW2fPq8GZ4or5x7rS0vmGOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
8f:3e:d8:03:8d:e2:92:8d:a8:22:50:4c:40:ff:0f:55:e5:84:
0e:98:22:b2:98:a5:ef:9a:7d:97:4b:2f:19:73:aa:11:61:0c:
c8:c4:00:5d:c6:9b:3d:71:f1:b7:3c:c7:46:49:cd:78:bb:d9:
2f:e6:b8:59:bf:38:8d:72:83:3d:66:74:ae:0a:00:ec:03:7f:
e6:a1:ba:9e:df:43:f7:d0:93:aa:22:b9:9c:eb:46:dd:4b:a9:
61:74:c8:80:40:50:4a:85:85:71:81:bd:58:1e:49:c1:7f:e7:
28:c2:fd:ca:aa:c0:0a:02:27:91:38:f6:69:a5:52:00:46:b3:
c1:60:9a:d4:98:2b:f0:68:e1:70:17:e9:53:c7:c5:c8:b5:84:
6a:fb:7b:9c:92:da:13:62:ea:c1:2a:8d:4c:d8:a8:54:ad:07:
40:9e:80:7d:db:e3:fa:a2:52:51:1d:c4:8d:80:0d:98:70:14:
31:35:2a:a5:b9:fd:81:9f:61:2d:86:d7:92:3c:75:14:32:61:
ed:7a:dd:19:9f:5f:f7:a8:b4:8a:5a:45:6a:e9:03:89:aa:9d:
be:c1:51:a4:26:49:aa:91:f5:1c:41:20:7a:b4:3f:4a:25:c6:
e1:a7:6d:98:0b:de:a8:2f:2d:ae:b7:94:47:18:8f:8a:cd:42:
b5:62:6a:e8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZDvGTTdJfdn7Hf9CCpxGFqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwNzI2MTI1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQxYWI4ZDZkOWYzZWFmMDY2NzhhMmJlNzFlZWI0YjRiZTYxOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xROIyUnL0/MOUEFPkKKdIBQiMLJ
UY/RwHgXTxQXVcWoYsKIfvEIFCJavEMdSJaexIzOxZDx1nWObsh/ugS6m9abR9Sw
Czk9R925PDmf7DEX6JIWP3hY2WfmRb60v0jSldOEj37DSla6MorvMMBLwvIwluvk
mOVfgL91jg3/vzBmg3ufN00goO/+qFGoghodJF2nO54Y22Cb638BDzFx4ine+7Mc
54Lc+OvcpiJ+MF/3pTMHkwTcKmsM5Hu1flE9qeN72KOZrVNK/XtJsEGoSOXgvwTF
BH4BSLvfivqa8I7NGlIln2P+0OTvTOm9Q67b1X+NrOYHnoXNpRB5JoaBYwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFC5Bq41tnz6vBmeKK+ce60tL5hjoMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTGtHcmpXMmZQcThHWjRvcjV4N3JTMHZtR09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjA3BAIAATAxAwQCH4UcMAsD
AwJNJAMEBU0kQAMEAk3o2AMEAlv2rAMEAF14LwMEAm3F6AMEArBz6DAPBAIAAjAJ
AwcBKgEH2AAAMA0GCSqGSIb3DQEBCwUAA4IBAQCPPtgDjeKSjagiUExA/w9V5YQO
mCKymKXvmn2XSy8Zc6oRYQzIxABdxps9cfG3PMdGSc14u9kv5rhZvziNcoM9ZnSu
CgDsA3/mobqe30P30JOqIrmc60bdS6lhdMiAQFBKhYVxgb1YHknBf+cowv3KqsAK
AieROPZppVIARrPBYJrUmCvwaOFwF+lTx8XItYRq+3ucktoTYurBKo1M2KhUrQdA
noB92+P6olJRHcSNgA2YcBQxNSqluf2Bn2EthteSPHUUMmHtet0Zn1/3qLSKWkVq
6QOJqp2+wVGkJkmqkfUcQSB6tD9KJcbhp22YC96oLy2ut5RHGI+KzUK1Ymro
-----END CERTIFICATE-----
Generated at Thu Oct 24 19:10:33 2024 by rpki-client on console-fra.rpki-client.org