Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Uw0KhXZD-d7NerKHSqE5Ya36YVk.roa
File: Uw0KhXZD-d7NerKHSqE5Ya36YVk.roa (raw, json)
Hash identifier: IEZcbNhbCnQnzt87IPdbhgY+isBX33ySZQ+6zJO6zJA=
Subject key identifier: 53:0D:0A:85:76:43:F9:DE:CD:7A:B2:87:4A:A1:39:61:AD:FA:61:59
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01886899BCBCCAAA0411E8CA889E8BADE73F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Uw0KhXZD-d7NerKHSqE5Ya36YVk.roa
Signing time: Mon 29 May 2023 17:41:25 +0000
ROA not before: Mon 29 May 2023 17:41:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133296
IP address blocks: 93.120.74.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
91.246.184.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
31.133.24.0/22 maxlen: 22
91.218.254.0/23 maxlen: 23
93.120.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:68:99:bc:bc:ca:aa:04:11:e8:ca:88:9e:8b:ad:e7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 29 17:41:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=530d0a857643f9decd7ab2874aa13961adfa6159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:e7:27:54:dd:7f:6f:bd:94:8f:09:21:ac:
5f:72:2f:6e:e7:55:3c:37:e7:fc:f4:bd:a9:48:a1:
a4:9f:ad:96:8a:c1:6d:f3:08:7f:04:20:0d:50:fc:
a2:78:22:02:e1:e7:a6:0a:4f:69:04:1a:54:b2:58:
6e:bf:37:c0:01:2e:87:75:96:44:b9:0c:57:22:7a:
7d:2e:84:f6:39:8e:65:d1:38:23:2e:c0:fe:84:33:
df:aa:b2:75:92:42:00:59:bc:20:e0:ae:7a:91:ac:
c6:82:42:da:fe:73:f8:db:e0:ae:ef:71:ff:de:64:
c2:51:0f:29:be:a9:7b:95:34:ea:d2:41:30:ec:a5:
de:d6:b8:03:3f:81:fb:3f:a0:5d:07:d4:29:5a:d0:
f6:4a:29:13:ee:84:ff:7c:6a:e5:03:4c:cc:1c:a4:
51:15:94:fc:43:be:b1:79:ff:ce:d3:54:41:bc:9e:
f2:20:4c:b9:00:52:42:37:69:e2:c6:24:c4:08:1d:
31:e3:24:39:71:cd:e3:69:d3:af:5e:89:ba:fe:92:
bc:76:de:87:dc:49:e3:cc:1f:e0:ba:de:f5:58:d8:
0c:96:80:b4:78:c5:d6:d9:45:52:3c:2e:6e:f8:d7:
3c:f5:2b:0b:48:aa:86:28:5e:b2:84:ac:b1:b3:74:
0a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:0D:0A:85:76:43:F9:DE:CD:7A:B2:87:4A:A1:39:61:AD:FA:61:59
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/Uw0KhXZD-d7NerKHSqE5Ya36YVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
91.218.252.0/22
91.246.184.0/22
93.120.39.0/24
93.120.74.0/24
176.107.72.0/21
Signature Algorithm: sha256WithRSAEncryption
58:16:be:29:44:00:82:db:9e:24:5f:1f:74:7e:92:3c:96:9c:
d5:9f:9f:dc:8a:fb:41:f7:63:49:de:6a:2e:c8:98:5c:63:92:
94:89:93:7a:b8:83:30:7a:6f:7b:a3:dc:06:76:2e:61:0e:57:
56:3a:e1:ab:a6:08:41:60:fe:50:0b:66:9d:f5:38:d2:01:37:
84:7b:5e:8c:a9:cf:46:31:04:23:d9:9a:5e:7f:09:aa:68:d1:
4b:84:56:95:92:f7:c8:b9:5c:64:c0:6a:a0:7b:53:7e:30:a6:
ca:1f:7a:c0:3a:a0:15:89:44:12:13:d9:1b:0a:d0:ae:0d:55:
bb:ef:50:f5:fc:ab:36:2a:0e:87:47:0f:ce:74:0a:29:59:6e:
f5:81:5b:cb:6e:c8:d0:39:08:37:34:02:f8:ac:1a:c8:ad:af:
5b:b8:48:3d:90:f5:01:2f:0f:58:de:50:79:21:e2:95:a3:3d:
d4:74:bd:99:8f:74:83:19:b0:42:03:5c:92:ca:23:83:41:a1:
78:7e:18:cf:a4:96:a9:cb:ab:09:ec:9d:f9:71:27:8a:64:63:
9f:4e:8a:2d:7c:0b:90:30:17:03:d3:18:4a:88:14:6a:3a:86:
35:7f:8c:16:6a:aa:56:c7:9c:6e:bf:b4:41:3e:3b:81:f9:07:
c9:0e:b8:18
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYhomby8yqoEEejKiJ6Lrec/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNTI5MTc0MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzBkMGE4NTc2NDNmOWRlY2Q3YWIyODc0YWExMzk2MWFkZmE2MTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DrnJ1Tdf2+9lI8JIaxfci9u51U8
N+f89L2pSKGkn62WisFt8wh/BCANUPyieCIC4eemCk9pBBpUslhuvzfAAS6HdZZE
uQxXInp9LoT2OY5l0TgjLsD+hDPfqrJ1kkIAWbwg4K56kazGgkLa/nP42+Cu73H/
3mTCUQ8pvql7lTTq0kEw7KXe1rgDP4H7P6BdB9QpWtD2SikT7oT/fGrlA0zMHKRR
FZT8Q76xef/O01RBvJ7yIEy5AFJCN2nixiTECB0x4yQ5cc3jadOvXom6/pK8dt6H
3EnjzB/gut71WNgMloC0eMXW2UVSPC5u+Nc89SsLSKqGKF6yhKyxs3QK2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFMNCoV2Q/nezXqyh0qhOWGt+mFZMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVXcwS2hYWkQtZDdOZXJLSFNxRTVZYTM2WVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH4UYAwQC
W9r8AwQCW/a4AwQAXXgnAwQAXXhKAwQDsGtIMA0GCSqGSIb3DQEBCwUAA4IBAQBY
Fr4pRACC254kXx90fpI8lpzVn5/civtB92NJ3mouyJhcY5KUiZN6uIMwem97o9wG
di5hDldWOuGrpghBYP5QC2ad9TjSATeEe16Mqc9GMQQj2ZpefwmqaNFLhFaVkvfI
uVxkwGqge1N+MKbKH3rAOqAViUQSE9kbCtCuDVW771D1/Ks2Kg6HRw/OdAopWW71
gVvLbsjQOQg3NAL4rBrIra9buEg9kPUBLw9Y3lB5IeKVoz3UdL2Zj3SDGbBCA1yS
yiODQaF4fhjPpJapy6sJ7J35cSeKZGOfTootfAuQMBcD0xhKiBRqOoY1f4wWaqpW
x5xuv7RBPjuB+QfJDrgY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org