Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QJRIxOIp67Cvol8Eo7GUp56qASw.roa
File: QJRIxOIp67Cvol8Eo7GUp56qASw.roa (raw, json)
Hash identifier: 8mscUg8/WGRmBH/LAww7426qXxb87XgoP1ebpQCWQ4Y=
Subject key identifier: 40:94:48:C4:E2:29:EB:B0:AF:A2:5F:04:A3:B1:94:A7:9E:AA:01:2C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0192B9177C9E88DDBE9409CCF65C5C623FE5
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QJRIxOIp67Cvol8Eo7GUp56qASw.roa
Signing time: Wed 23 Oct 2024 11:16:17 +0000
ROA not before: Wed 23 Oct 2024 11:16:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6282
IP address blocks: 31.131.8.0/23 maxlen: 23
31.131.10.0/23 maxlen: 23
64.43.100.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
77.36.24.0/22 maxlen: 22
81.161.0.0/23 maxlen: 23
93.120.16.0/22 maxlen: 22
93.120.20.0/22 maxlen: 22
176.96.52.0/22 maxlen: 22
176.111.160.0/23 maxlen: 23
176.111.162.0/23 maxlen: 23
176.113.184.0/22 maxlen: 22
176.113.188.0/22 maxlen: 22
176.116.32.0/22 maxlen: 22
176.116.36.0/22 maxlen: 22
178.159.144.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:17:7c:9e:88:dd:be:94:09:cc:f6:5c:5c:62:3f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 23 11:16:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=409448c4e229ebb0afa25f04a3b194a79eaa012c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:58:b9:96:21:d5:bf:db:96:55:65:27:5e:38:
71:cf:f3:4b:df:4a:72:09:52:00:86:4f:af:d9:36:
bd:39:b8:11:87:c4:e9:f0:43:be:c2:4c:45:2d:7b:
bb:5d:ca:00:22:60:eb:60:08:65:ca:48:91:84:48:
a9:2d:2d:17:f6:64:9e:8f:08:2e:67:a3:f0:08:af:
2c:cb:c4:bb:80:46:42:23:86:f3:43:04:fc:44:15:
fa:0d:99:78:ed:1b:99:48:aa:2f:0b:ad:2a:88:58:
82:58:29:4d:62:b5:c4:cf:cf:35:5f:67:1d:5f:00:
31:11:8b:0d:30:4b:99:c5:95:d1:3f:1e:16:be:ec:
ec:4b:46:7e:c1:ea:f2:c1:98:81:43:0e:99:61:65:
0d:47:1d:6b:6d:43:8d:93:d6:0b:d5:0b:a5:8a:d9:
40:fb:36:b7:95:6c:2d:c4:26:b4:61:b4:3d:24:6b:
be:1a:c8:ad:8a:d1:3d:f8:64:d8:e0:4d:3f:ec:e7:
d5:69:b6:21:4b:21:38:bb:c4:58:15:6a:11:69:07:
da:fc:5a:db:27:64:e8:5b:17:df:59:5a:9f:3a:8f:
c3:f7:73:a6:99:27:99:04:68:af:81:43:80:c5:3f:
51:0e:31:70:0a:9f:59:93:84:4f:bc:14:8a:66:17:
28:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:94:48:C4:E2:29:EB:B0:AF:A2:5F:04:A3:B1:94:A7:9E:AA:01:2C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/QJRIxOIp67Cvol8Eo7GUp56qASw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.8.0/22
64.43.100.0/22
64.43.108.0/22
64.43.116.0/22
77.36.24.0/22
81.161.0.0/23
93.120.16.0/21
176.96.52.0/22
176.111.160.0/22
176.113.184.0/21
176.116.32.0/21
178.159.144.0/23
Signature Algorithm: sha256WithRSAEncryption
68:aa:be:0f:b9:ab:e4:d4:47:0f:95:6d:bf:a2:aa:c9:39:73:
84:8c:17:98:da:f3:cd:be:79:6c:0a:8a:e3:b2:03:29:4b:4c:
58:f9:f5:9c:1a:57:d2:5a:cf:b4:8f:c8:af:f9:28:d0:37:f7:
bb:10:91:21:08:18:f6:14:fe:26:75:00:64:64:71:f7:40:ab:
36:30:24:c4:14:72:66:88:83:64:30:b2:49:57:da:dd:71:44:
0d:40:13:db:93:cb:d2:a5:b8:de:4a:9f:49:43:c8:25:49:bb:
65:74:37:9e:35:01:a7:7e:16:3d:c7:b8:a7:29:68:00:d4:de:
6e:bb:aa:4b:aa:22:a3:94:af:18:dd:5a:dd:fc:ce:3a:59:b8:
7f:d7:03:ef:91:0c:b2:06:e1:34:5a:e8:3d:2a:f6:38:5b:6e:
ac:b9:8a:fd:e4:45:83:4e:88:37:35:7b:f3:4f:a8:22:79:76:
66:50:b1:ec:b7:45:06:85:68:df:c2:6a:ec:26:bc:97:8e:83:
87:9c:3e:94:a9:1e:d4:68:5d:1a:d3:ce:ca:f2:d8:0b:6b:1e:
ae:46:8f:8f:0d:5f:72:5a:b7:fc:15:e4:2c:6e:b9:52:18:71:
e9:5e:f1:40:df:fc:ce:24:e6:34:03:36:6f:d7:28:1a:9f:46:
be:70:e3:d7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZK5F3yeiN2+lAnM9lxcYj/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQxMDIzMTExNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDk0NDhjNGUyMjllYmIwYWZhMjVmMDRhM2IxOTRhNzllYWEwMTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11i5liHVv9uWVWUnXjhxz/NL30py
CVIAhk+v2Ta9ObgRh8Tp8EO+wkxFLXu7XcoAImDrYAhlykiRhEipLS0X9mSejwgu
Z6PwCK8sy8S7gEZCI4bzQwT8RBX6DZl47RuZSKovC60qiFiCWClNYrXEz881X2cd
XwAxEYsNMEuZxZXRPx4WvuzsS0Z+werywZiBQw6ZYWUNRx1rbUONk9YL1QulitlA
+za3lWwtxCa0YbQ9JGu+GsititE9+GTY4E0/7OfVabYhSyE4u8RYFWoRaQfa/Frb
J2ToWxffWVqfOo/D93OmmSeZBGivgUOAxT9RDjFwCp9Zk4RPvBSKZhco/wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFECUSMTiKeuwr6JfBKOxlKeeqgEsMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUUpSSXhPSXA2N0N2b2w4RW83R1VwNTZxQVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCH4MIAwQC
QCtkAwQCQCtsAwQCQCt0AwQCTSQYAwQBUaEAAwQDXXgQAwQCsGA0AwQCsG+gAwQD
sHG4AwQDsHQgAwQBsp+QMA0GCSqGSIb3DQEBCwUAA4IBAQBoqr4Puavk1EcPlW2/
oqrJOXOEjBeY2vPNvnlsCorjsgMpS0xY+fWcGlfSWs+0j8iv+SjQN/e7EJEhCBj2
FP4mdQBkZHH3QKs2MCTEFHJmiINkMLJJV9rdcUQNQBPbk8vSpbjeSp9JQ8glSbtl
dDeeNQGnfhY9x7inKWgA1N5uu6pLqiKjlK8Y3Vrd/M46Wbh/1wPvkQyyBuE0Wug9
KvY4W26suYr95EWDTog3NXvzT6gieXZmULHst0UGhWjfwmrsJryXjoOHnD6UqR7U
aF0a087K8tgLax6uRo+PDV9yWrf8FeQsbrlSGHHpXvFA3/zOJOY0AzZv1ygan0a+
cOPX
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:51 2025 by rpki-client