Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iYKhHukCEwOyxAMH10lwRHLmy38.roa
File: iYKhHukCEwOyxAMH10lwRHLmy38.roa (raw, json)
Hash identifier: 1nYX0yGntxj8Neu4YUO/4x/R9ZQSyHk5BaJGgsLeH9Q=
Subject key identifier: 89:82:A1:1E:E9:02:13:03:B2:C4:03:07:D7:49:70:44:72:E6:CB:7F
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC11CB148223111422B2994AF4DE7
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iYKhHukCEwOyxAMH10lwRHLmy38.roa
Signing time: Tue 02 Jan 2024 04:30:16 +0000
ROA not before: Tue 02 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 93.120.74.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
91.246.184.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
31.133.24.0/22 maxlen: 22
91.218.254.0/23 maxlen: 23
93.120.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 17:05:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c1:1c:b1:48:22:31:11:42:2b:29:94:af:4d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8982a11ee9021303b2c40307d749704472e6cb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ab:37:c2:37:cc:bc:f4:7f:78:2f:47:16:52:
f1:aa:f9:89:66:09:41:19:6f:10:06:e5:72:aa:50:
29:1c:70:75:d9:96:4a:b3:20:ab:f6:6f:4c:19:6c:
a6:b6:1e:10:21:4b:6b:d4:68:b6:d5:da:14:18:4d:
4c:6e:a1:0c:13:c2:1f:37:8f:57:09:cd:c5:4d:72:
c1:83:bd:88:de:a6:6c:1d:2a:a5:3f:30:a5:4a:72:
ac:7f:ed:f6:6f:eb:bc:89:a7:9c:c0:20:39:bc:19:
dd:eb:b5:64:e2:d0:ef:32:54:e2:6e:54:67:e0:31:
39:11:c0:8e:f9:1d:ad:10:3d:d7:10:e0:04:7b:cd:
f3:f4:a1:b3:a0:d6:1f:ec:e2:c2:27:ab:4d:48:0e:
13:90:52:6d:26:56:39:a8:0e:af:ed:01:5d:96:e5:
14:56:46:5a:1e:58:d9:8b:25:cd:fa:f4:5d:6d:b4:
85:e1:df:29:59:f3:f8:f2:19:48:fd:24:41:b7:a3:
50:e3:97:9d:58:49:34:f9:fe:69:8d:36:29:44:b3:
95:3d:49:28:96:4b:8c:d5:07:47:0b:74:39:cd:c6:
14:af:8b:44:39:f7:67:40:13:bb:95:aa:3a:d5:16:
00:4c:3e:9c:57:ee:32:79:34:5c:f7:84:6f:28:e4:
90:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:82:A1:1E:E9:02:13:03:B2:C4:03:07:D7:49:70:44:72:E6:CB:7F
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/iYKhHukCEwOyxAMH10lwRHLmy38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
91.218.252.0/22
91.246.184.0/22
93.120.39.0/24
93.120.74.0/24
176.107.72.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:72:71:51:34:0d:9d:16:1b:13:cc:7a:f0:79:88:bd:fc:1a:
37:a7:8f:4b:8c:d8:8c:a4:54:36:26:a9:73:3b:d1:5c:2c:45:
d4:c0:8c:d7:1a:ab:98:90:c9:0b:bb:24:70:e8:5f:a3:d4:3c:
fa:55:63:c5:92:e8:68:21:ce:d9:6d:8a:47:08:35:06:53:a4:
47:98:48:70:13:9e:f3:8a:a8:7a:01:c0:90:e3:12:f1:67:b1:
a1:68:dc:9e:58:e7:27:98:d8:25:58:01:db:ce:34:ff:fe:2d:
2d:1e:f9:ff:7e:de:e6:95:38:e9:36:61:f4:fb:04:5e:16:dd:
ee:d7:4b:20:b2:0f:47:81:5e:6c:22:53:a8:f2:5b:64:e8:6b:
fa:8c:da:96:05:44:42:d7:e5:05:49:62:49:04:c4:49:7b:38:
75:f7:78:b8:8f:f7:06:3d:0c:03:4c:a4:95:4a:26:79:f5:d4:
9b:33:d6:81:20:df:31:2b:7e:a5:08:84:55:bf:e7:93:da:b3:
cb:c3:41:ed:3e:aa:61:2d:5d:97:81:4d:36:55:d0:81:c1:05:
30:f1:ee:9c:a8:7d:84:2e:22:32:26:b4:c6:3f:ff:30:95:c6:
94:2f:13:a1:a5:f5:d9:82:8a:4a:10:1c:8f:b6:77:db:6b:33:
81:4a:9a:85
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIb8EcsUgiMRFCKymUr03nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgyYTExZWU5MDIxMzAzYjJjNDAzMDdkNzQ5NzA0NDcyZTZjYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6s3wjfMvPR/eC9HFlLxqvmJZglB
GW8QBuVyqlApHHB12ZZKsyCr9m9MGWymth4QIUtr1Gi21doUGE1MbqEME8IfN49X
Cc3FTXLBg72I3qZsHSqlPzClSnKsf+32b+u8iaecwCA5vBnd67Vk4tDvMlTiblRn
4DE5EcCO+R2tED3XEOAEe83z9KGzoNYf7OLCJ6tNSA4TkFJtJlY5qA6v7QFdluUU
VkZaHljZiyXN+vRdbbSF4d8pWfP48hlI/SRBt6NQ45edWEk0+f5pjTYpRLOVPUko
lkuM1QdHC3Q5zcYUr4tEOfdnQBO7lao61RYATD6cV+4yeTRc94RvKOSQcQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFImCoR7pAhMDssQDB9dJcERy5st/MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvaVlLaEh1a0NFd095eEFNSDEwbHdSSExteTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH4UYAwQC
W9r8AwQCW/a4AwQAXXgnAwQAXXhKAwQDsGtIMA0GCSqGSIb3DQEBCwUAA4IBAQAM
cnFRNA2dFhsTzHrweYi9/Bo3p49LjNiMpFQ2JqlzO9FcLEXUwIzXGquYkMkLuyRw
6F+j1Dz6VWPFkuhoIc7ZbYpHCDUGU6RHmEhwE57ziqh6AcCQ4xLxZ7GhaNyeWOcn
mNglWAHbzjT//i0tHvn/ft7mlTjpNmH0+wReFt3u10sgsg9HgV5sIlOo8ltk6Gv6
jNqWBURC1+UFSWJJBMRJezh193i4j/cGPQwDTKSVSiZ59dSbM9aBIN8xK36lCIRV
v+eT2rPLw0HtPqphLV2XgU02VdCBwQUw8e6cqH2ELiIyJrTGP/8wlcaULxOhpfXZ
gopKEByPtnfbazOBSpqF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org