Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/j7z051vW0odmEoQUMCTXFKQ7BIs.roa
File: j7z051vW0odmEoQUMCTXFKQ7BIs.roa (raw, json)
Hash identifier: E7tOeec3o094az7O5sOyjGgzsh8NomuNG0OCFYm/kVA=
Subject key identifier: 8F:BC:F4:E7:5B:D6:D2:87:66:12:84:14:30:24:D7:14:A4:3B:04:8B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018B710BBB0160E0FCDD2F9404D0F1AB863F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/j7z051vW0odmEoQUMCTXFKQ7BIs.roa
Signing time: Fri 27 Oct 2023 12:11:16 +0000
ROA not before: Fri 27 Oct 2023 12:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 91.193.28.0/24 maxlen: 24
31.135.4.0/23 maxlen: 23
91.193.29.0/24 maxlen: 24
176.112.80.0/22 maxlen: 24
109.207.137.0/24 maxlen: 24
109.207.136.0/24 maxlen: 24
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Oct 2023 10:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:0b:bb:01:60:e0:fc:dd:2f:94:04:d0:f1:ab:86:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 27 12:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fbcf4e75bd6d287661284143024d714a43b048b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:60:f0:76:1a:03:f8:e9:3f:5b:c2:bd:de:dd:
34:64:c8:fb:3f:c6:63:c0:46:63:7f:e0:9c:90:78:
76:27:ef:3a:49:a7:48:bb:2b:65:53:c3:4a:f1:1c:
50:17:57:e3:6b:4b:76:b7:41:0a:f0:46:f2:9e:06:
8c:7e:34:e5:b7:18:8a:ce:0b:ac:ba:40:40:0f:71:
0c:23:19:65:7f:ab:24:69:e0:2a:a6:aa:e7:48:12:
4e:9d:04:03:66:1b:01:71:c0:36:be:a9:d3:60:9a:
49:c1:d3:08:1b:1e:49:82:f8:00:5e:ac:ac:08:a4:
c8:e1:e8:61:61:ca:66:59:0c:81:ce:85:4a:98:5b:
6d:67:bf:6e:4a:49:21:df:80:fb:5d:14:de:36:a2:
39:e0:45:ac:25:ec:ec:e4:4a:0b:8f:b5:c7:f5:8d:
e0:69:90:9e:f7:0f:f1:66:17:e2:18:d4:29:15:d5:
84:ca:4f:20:93:6e:54:19:51:49:c3:08:30:51:73:
f7:2a:c9:39:3c:7f:4a:e3:00:18:50:16:28:1b:74:
84:bd:47:54:54:7c:7b:e0:2d:4c:96:26:f1:06:f4:
dc:e7:ad:6f:d0:67:b7:f9:49:6d:5a:30:f1:e9:10:
43:e9:5e:42:88:8a:96:14:57:74:db:3a:e9:8f:94:
23:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BC:F4:E7:5B:D6:D2:87:66:12:84:14:30:24:D7:14:A4:3B:04:8B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/j7z051vW0odmEoQUMCTXFKQ7BIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
109.207.136.0/23
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:f1:d5:02:bf:e2:66:ac:98:71:03:e4:0b:9f:d2:5c:1e:fd:
f7:fd:fc:1f:87:91:02:4f:db:94:6a:a8:24:47:c2:4e:36:81:
ed:02:ee:88:90:73:fa:0b:41:20:dd:ec:27:3c:16:5e:c2:00:
eb:2d:4f:4d:a5:f8:0f:54:7b:2b:a6:ac:e8:8f:44:e6:13:90:
da:bc:0d:24:64:8b:53:8b:78:19:59:e0:b8:a7:9e:50:b8:72:
20:7b:41:be:4e:d9:9f:61:ab:23:4a:4a:86:74:58:5b:5b:40:
cb:71:c2:7f:32:87:3c:6c:00:7e:07:31:f0:c8:5a:79:75:af:
2b:b2:a2:36:15:4b:84:be:fa:db:fe:cc:20:02:45:cd:b1:93:
9c:f7:6d:66:e7:16:f9:25:5d:9d:7d:54:ef:be:5b:f1:7d:17:
5b:2d:01:96:27:28:d3:87:77:d7:17:b5:b2:5f:5b:92:54:90:
6c:b5:81:35:be:33:8e:ab:81:22:93:0b:b1:37:99:9f:03:41:
65:e8:2b:11:30:c2:f6:55:ad:b6:bb:b9:8f:4e:e8:fe:36:c1:
b4:26:35:d6:35:7c:fd:ec:e5:a1:6a:24:25:57:0c:fe:96:7a:
52:79:47:26:2a:7f:00:e1:0e:10:c6:2d:b8:71:8f:4a:a7:af:
26:ab:df:f1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtxC7sBYOD83S+UBNDxq4Y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMxMDI3MTIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmJjZjRlNzViZDZkMjg3NjYxMjg0MTQzMDI0ZDcxNGE0M2IwNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGDwdhoD+Ok/W8K93t00ZMj7P8Zj
wEZjf+CckHh2J+86SadIuytlU8NK8RxQF1fja0t2t0EK8EbyngaMfjTltxiKzgus
ukBAD3EMIxllf6skaeAqpqrnSBJOnQQDZhsBccA2vqnTYJpJwdMIGx5JgvgAXqys
CKTI4ehhYcpmWQyBzoVKmFttZ79uSkkh34D7XRTeNqI54EWsJezs5EoLj7XH9Y3g
aZCe9w/xZhfiGNQpFdWEyk8gk25UGVFJwwgwUXP3Ksk5PH9K4wAYUBYoG3SEvUdU
VHx74C1MlibxBvTc561v0Ge3+UltWjDx6RBD6V5CiIqWFFd02zrpj5QjwQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI+89Odb1tKHZhKEFDAk1xSkOwSLMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvajd6MDUxdlcwb2RtRW9RVU1DVFhGS1E3QklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBH4cEAwQB
W8EcAwQBbc+IAwQAsGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQB88dUCv+Jm
rJhxA+QLn9JcHv33/fwfh5ECT9uUaqgkR8JONoHtAu6IkHP6C0Eg3ewnPBZewgDr
LU9NpfgPVHsrpqzoj0TmE5DavA0kZItTi3gZWeC4p55QuHIge0G+TtmfYasjSkqG
dFhbW0DLccJ/Moc8bAB+BzHwyFp5da8rsqI2FUuEvvrb/swgAkXNsZOc921m5xb5
JV2dfVTvvlvxfRdbLQGWJyjTh3fXF7WyX1uSVJBstYE1vjOOq4EikwuxN5mfA0Fl
6CsRMML2Va22u7mPTuj+NsG0JjXWNXz97OWhaiQlVwz+lnpSeUcmKn8A4Q4Qxi24
cY9Kp68mq9/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org