Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dJyhtt5buoAn4NhaQVexrVUbHkE.roa
File: dJyhtt5buoAn4NhaQVexrVUbHkE.roa (raw, json)
Hash identifier: 3ERCWmrFWngQvSFfP06/Yj+5nuIn9NQEuEELQUgMRXI=
Subject key identifier: 74:9C:A1:B6:DE:5B:BA:80:27:E0:D8:5A:41:57:B1:AD:55:1B:1E:41
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CB6039A4AEA99436F98AD41EA2BD222A2
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dJyhtt5buoAn4NhaQVexrVUbHkE.roa
Signing time: Fri 29 Dec 2023 14:38:58 +0000
ROA not before: Fri 29 Dec 2023 14:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 91.193.28.0/24 maxlen: 24
31.135.4.0/24 maxlen: 24
31.135.4.0/23 maxlen: 23
91.193.29.0/24 maxlen: 24
31.135.5.0/24 maxlen: 24
176.112.80.0/22 maxlen: 24
109.207.139.0/24 maxlen: 24
109.207.137.0/24 maxlen: 24
109.207.136.0/24 maxlen: 24
109.207.138.0/24 maxlen: 24
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:03:9a:4a:ea:99:43:6f:98:ad:41:ea:2b:d2:22:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Dec 29 14:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=749ca1b6de5bba8027e0d85a4157b1ad551b1e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:63:ec:63:44:dd:d3:49:a4:7e:fa:c8:8e:e2:
43:c9:79:4e:b3:a6:1f:35:7a:cb:85:ec:1b:f5:a9:
8b:88:70:79:14:a2:5d:97:01:71:b7:46:a1:37:ba:
63:1c:3b:55:cc:c2:69:bc:d1:74:63:d7:79:dc:bb:
e0:92:52:e2:99:9c:a4:c1:71:f6:82:ce:1f:26:0c:
99:c5:85:b3:6d:30:bb:25:76:00:a5:8e:ec:06:98:
41:ad:bf:c0:d2:93:b0:76:fc:a0:62:3c:09:9e:bf:
e5:c7:af:f0:96:1c:0c:09:4e:c8:05:87:9b:c1:f1:
08:c9:cd:a8:96:e9:0b:cf:e4:03:0e:27:47:3e:68:
b4:9b:6c:76:a9:9f:98:79:01:99:4f:2a:f7:39:b8:
64:f9:95:f4:75:4d:e8:37:c6:b2:b3:53:cc:0d:85:
01:f3:4b:a9:05:a5:bd:12:70:64:8e:b8:7e:10:2b:
3c:93:72:2b:f2:e0:fe:1a:79:4b:76:07:ed:6c:59:
90:66:7e:86:23:74:31:a4:d9:43:a4:b0:5f:00:f3:
d1:fc:9f:c2:73:04:16:83:d6:56:9d:2d:b4:e6:ac:
6b:4f:67:6f:b0:8c:d7:0e:40:31:1c:85:9b:f8:d2:
1d:a3:7f:c9:12:13:89:80:fc:5a:99:24:fd:f7:64:
92:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:9C:A1:B6:DE:5B:BA:80:27:E0:D8:5A:41:57:B1:AD:55:1B:1E:41
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dJyhtt5buoAn4NhaQVexrVUbHkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
109.207.136.0/22
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
91:45:dd:13:a4:d4:a1:ea:27:00:5d:fa:b9:4d:c0:20:97:1d:
0b:da:37:ca:62:13:93:2d:1a:21:28:0e:91:5e:e2:50:93:b1:
af:1e:76:89:ad:8e:33:3f:b5:4a:16:65:dc:8a:c0:a0:af:ee:
68:ce:7a:d5:15:f3:7d:50:d6:0b:40:95:99:10:d9:84:f3:24:
7b:fe:e2:dd:a4:11:5d:5b:2b:69:95:73:ac:e8:37:9d:45:28:
20:64:32:cb:ae:e7:08:c7:84:3f:c6:a5:c0:25:de:71:c7:9b:
3e:07:e9:3b:41:4d:f5:97:b5:2c:ee:bc:02:0c:d3:48:9f:5e:
81:69:29:78:19:d4:e2:61:8f:69:94:c9:e6:7b:d4:50:ba:63:
44:fd:79:86:bb:ed:3e:74:93:0e:ac:c5:e1:3b:6f:ed:d8:65:
26:3b:16:dd:9c:0f:9a:78:42:33:d3:ef:fb:79:9a:34:11:6d:
83:63:02:fe:fa:13:5d:74:31:20:a1:91:b1:fd:bd:80:84:96:
c8:92:24:e3:80:30:d8:32:89:e6:7f:01:4c:9c:d8:a3:52:a2:
40:2a:b1:9d:7e:25:b3:3a:d1:37:d3:a9:d4:ee:bb:98:74:0a:
19:d6:16:e0:15:ce:08:92:0e:87:ce:48:40:57:a8:a1:2a:ec:
f7:89:c0:28
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYy2A5pK6plDb5itQeor0iKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMjI5MTQzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDljYTFiNmRlNWJiYTgwMjdlMGQ4NWE0MTU3YjFhZDU1MWIxZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGPsY0Td00mkfvrIjuJDyXlOs6Yf
NXrLhewb9amLiHB5FKJdlwFxt0ahN7pjHDtVzMJpvNF0Y9d53LvgklLimZykwXH2
gs4fJgyZxYWzbTC7JXYApY7sBphBrb/A0pOwdvygYjwJnr/lx6/wlhwMCU7IBYeb
wfEIyc2olukLz+QDDidHPmi0m2x2qZ+YeQGZTyr3Obhk+ZX0dU3oN8ays1PMDYUB
80upBaW9EnBkjrh+ECs8k3Ir8uD+GnlLdgftbFmQZn6GI3QxpNlDpLBfAPPR/J/C
cwQWg9ZWnS205qxrT2dvsIzXDkAxHIWb+NIdo3/JEhOJgPxamST992SSZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHScobbeW7qAJ+DYWkFXsa1VGx5BMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZEp5aHR0NWJ1b0FuNE5oYVFWZXhyVlViSGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBH4cEAwQB
W8EcAwQCbc+IAwQAsGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQCRRd0TpNSh
6icAXfq5TcAglx0L2jfKYhOTLRohKA6RXuJQk7GvHnaJrY4zP7VKFmXcisCgr+5o
znrVFfN9UNYLQJWZENmE8yR7/uLdpBFdWytplXOs6DedRSggZDLLrucIx4Q/xqXA
Jd5xx5s+B+k7QU31l7Us7rwCDNNIn16BaSl4GdTiYY9plMnme9RQumNE/XmGu+0+
dJMOrMXhO2/t2GUmOxbdnA+aeEIz0+/7eZo0EW2DYwL++hNddDEgoZGx/b2AhJbI
kiTjgDDYMonmfwFMnNijUqJAKrGdfiWzOtE306nU7ruYdAoZ1hbgFc4Ikg6HzkhA
V6ihKuz3icAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org