Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/dfJsLzXnLaXnlWwChPohPkNwiVk.roa
File: dfJsLzXnLaXnlWwChPohPkNwiVk.roa (raw, json)
Hash identifier: ZSpUpxCmTUR+xounGwmTbrAsMHQsD5BXJCggB/eE0/g=
Subject key identifier: 75:F2:6C:2F:35:E7:2D:A5:E7:95:6C:02:84:FA:21:3E:43:70:89:59
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 019162233FCF35D99175F6D23CFAE52612E2
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/dfJsLzXnLaXnlWwChPohPkNwiVk.roa
Signing time: Sat 17 Aug 2024 20:59:22 +0000
ROA not before: Sat 17 Aug 2024 20:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206617
IP address blocks: 31.14.184.0/21 maxlen: 24
89.32.152.0/23 maxlen: 24
89.40.234.0/23 maxlen: 24
93.114.170.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.18.24.0/22 maxlen: 24
185.167.52.0/22 maxlen: 24
188.213.16.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.241.251.0/24 maxlen: 24
193.178.224.0/23 maxlen: 23
195.2.218.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:62:23:3f:cf:35:d9:91:75:f6:d2:3c:fa:e5:26:12:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Aug 17 20:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75f26c2f35e72da5e7956c0284fa213e43708959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:ef:3c:fb:71:f4:2e:34:64:51:6c:37:6d:
de:13:67:01:13:55:fe:29:38:ef:ad:7c:82:01:76:
cb:97:7d:46:65:f6:4c:3f:ce:2d:cc:af:c1:ab:f7:
8a:56:7a:e6:15:73:41:e4:1a:e9:fe:5f:71:d0:de:
db:47:ef:5a:d6:2e:49:ab:63:00:f7:ae:bb:47:f8:
8f:3e:9a:8f:9b:de:42:8e:77:f7:5a:e1:7b:4d:3f:
98:2b:4e:bd:e2:8e:50:49:7a:20:e9:d5:56:47:0b:
ed:79:bb:c0:86:09:af:52:e2:e8:d4:00:d9:cd:34:
c6:51:c4:d1:bf:bc:2a:f3:80:a4:15:58:b0:25:a3:
04:9d:43:7c:18:69:4f:59:ad:1e:97:4b:21:e3:95:
8d:d7:1b:08:14:1a:c6:e9:5d:90:7f:6f:8d:28:2e:
f4:b1:93:76:f7:b7:d2:79:41:d8:10:9d:36:3c:11:
54:7e:20:46:ca:f8:75:74:3b:43:c3:9b:5d:85:0d:
93:b1:cd:7b:a4:1a:be:cd:40:36:0b:42:57:29:08:
9f:b5:5d:fb:2a:35:e1:c7:77:ac:27:d7:fa:0b:6e:
fc:b7:1b:d3:ce:fe:a6:e1:82:ab:db:00:66:53:a8:
8b:8a:01:0c:a0:58:f2:97:02:a3:16:ab:45:bf:33:
86:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F2:6C:2F:35:E7:2D:A5:E7:95:6C:02:84:FA:21:3E:43:70:89:59
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/dfJsLzXnLaXnlWwChPohPkNwiVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
4b:5f:16:f4:29:5c:20:c1:78:37:3a:5b:f2:f9:b0:38:55:a6:
66:de:8a:e8:2d:9e:8a:ad:72:e1:95:f2:89:33:cc:0e:b8:e4:
2f:c5:11:36:d1:2e:7e:c8:18:53:68:5d:08:7e:4a:b6:96:06:
99:66:09:4b:a9:6d:b1:62:8d:e4:00:ef:62:d2:50:c9:b3:5b:
f7:75:b8:a4:33:e7:46:06:05:9f:a2:03:ae:56:44:ca:62:96:
a3:47:ea:e3:38:9d:ff:e5:40:0e:b4:81:99:62:9e:3f:e7:8d:
83:3f:69:6b:4b:2e:ab:1d:e4:05:8c:53:c5:e7:4a:48:80:c5:
f6:c5:0a:00:8d:39:00:b3:e4:e7:3e:ef:b4:f6:2d:a0:4c:dc:
be:63:e3:d3:da:41:01:45:22:d1:14:16:16:67:6b:a7:6b:65:
f8:06:e1:62:42:d0:1e:a7:9c:69:00:49:55:51:bd:29:14:75:
6c:8f:0a:c4:9f:7a:e6:f4:f8:ae:70:8b:3c:c5:ec:c8:20:b5:
af:79:e8:e1:3f:1d:cd:df:dd:56:d3:1b:d0:2e:d7:e1:b8:be:
b9:9b:63:35:87:79:ec:a1:f0:43:33:46:35:56:87:c5:6e:4d:
06:30:10:b2:12:b3:87:b6:1a:7c:d0:9e:f8:e8:08:35:09:94:
16:85:34:a8
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZFiIz/PNdmRdfbSPPrlJhLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjQwODE3MjA1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYyNmMyZjM1ZTcyZGE1ZTc5NTZjMDI4NGZhMjEzZTQzNzA4OTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wLvPPtx9C40ZFFsN23eE2cBE1X+
KTjvrXyCAXbLl31GZfZMP84tzK/Bq/eKVnrmFXNB5Brp/l9x0N7bR+9a1i5Jq2MA
9667R/iPPpqPm95Cjnf3WuF7TT+YK0694o5QSXog6dVWRwvtebvAhgmvUuLo1ADZ
zTTGUcTRv7wq84CkFViwJaMEnUN8GGlPWa0el0sh45WN1xsIFBrG6V2Qf2+NKC70
sZN297fSeUHYEJ02PBFUfiBGyvh1dDtDw5tdhQ2Tsc17pBq+zUA2C0JXKQiftV37
KjXhx3esJ9f6C278txvTzv6m4YKr2wBmU6iLigEMoFjylwKjFqtFvzOGxQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFHXybC815y2l55VsAoT6IT5DcIlZMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvZGZKc0x6WG5MYVhubFd3Q2hQb2hQa053aVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAS18W9ClcIMF4Nzpb8vmw
OFWmZt6K6C2eiq1y4ZXyiTPMDrjkL8URNtEufsgYU2hdCH5KtpYGmWYJS6ltsWKN
5ADvYtJQybNb93W4pDPnRgYFn6IDrlZEymKWo0fq4zid/+VADrSBmWKeP+eNgz9p
a0suqx3kBYxTxedKSIDF9sUKAI05ALPk5z7vtPYtoEzcvmPj09pBAUUi0RQWFmdr
p2tl+AbhYkLQHqecaQBJVVG9KRR1bI8KxJ965vT4rnCLPMXsyCC1r3no4T8dzd/d
VtMb0C7X4bi+uZtjNYd57KHwQzNGNVaHxW5NBjAQshKzh7YafNCe+OgINQmUFoU0
qA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:49 2025 by rpki-client