Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/4pZk81KZNYC9Wy-1FPht6AwQpY0.roa
File: 4pZk81KZNYC9Wy-1FPht6AwQpY0.roa (raw, json)
Hash identifier: qpQhc09jryvQpnDM+NpKIYAcDtA9KF8l6zYS9LeKzu8=
Subject key identifier: E2:96:64:F3:52:99:35:80:BD:5B:2F:B5:14:F8:6D:E8:0C:10:A5:8D
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 018572836F2EB2594BDA0DD1256D9ECAA672
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/4pZk81KZNYC9Wy-1FPht6AwQpY0.roa
Signing time: Mon 02 Jan 2023 12:44:54 +0000
ROA not before: Mon 02 Jan 2023 12:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197433
IP address blocks: 91.221.132.0/24 maxlen: 24
91.221.133.0/24 maxlen: 24
31.131.143.0/24 maxlen: 24
31.131.140.0/24 maxlen: 24
31.131.141.0/24 maxlen: 24
31.131.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 06:56:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:6f:2e:b2:59:4b:da:0d:d1:25:6d:9e:ca:a6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Jan 2 12:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e29664f352993580bd5b2fb514f86de80c10a58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a3:dd:c3:18:9e:3f:73:e9:42:ee:a9:ce:e6:
59:1f:5b:ab:26:42:c0:66:43:40:fb:44:23:fc:3e:
fe:51:5f:54:0c:62:88:ef:68:60:ec:69:eb:fd:95:
57:c0:13:17:35:48:e4:6b:36:a3:70:0f:93:6a:ad:
08:d3:c9:0c:ad:cd:21:2c:2e:cd:09:aa:51:df:36:
f5:73:ed:df:ad:89:2f:bd:6e:27:cd:6e:83:3e:9b:
17:db:eb:ce:f7:fb:f6:50:28:be:d5:c0:7a:4f:08:
e5:c2:63:d5:d4:8e:93:21:54:1d:55:ab:a6:26:97:
3e:c0:91:2d:d4:57:c8:07:de:3a:33:dc:6c:75:ee:
98:00:8e:05:bd:06:b8:4e:20:15:89:68:57:9a:84:
59:12:38:ba:cc:c7:d0:a9:fc:ee:ba:c3:e6:3b:1b:
7c:c7:24:3c:14:5f:03:11:9f:91:9c:70:fd:50:50:
1a:dc:05:e6:44:42:da:dc:13:ee:ff:66:17:d3:05:
24:35:ff:77:ca:a5:88:c8:b4:3f:92:6d:25:85:fe:
ca:df:8c:8d:b4:41:68:00:75:3b:0f:f0:2d:17:ef:
c8:86:80:6e:19:2d:d5:09:0e:f5:f9:90:96:c8:d1:
d0:5e:b9:5b:a2:1b:f6:0e:f9:a4:b3:91:19:b9:50:
5b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:96:64:F3:52:99:35:80:BD:5B:2F:B5:14:F8:6D:E8:0C:10:A5:8D
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/4pZk81KZNYC9Wy-1FPht6AwQpY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.140.0/22
91.221.132.0/23
Signature Algorithm: sha256WithRSAEncryption
99:ae:e7:11:3f:5b:9f:82:53:53:cd:c4:90:34:41:20:ab:4d:
f5:bd:a6:79:f4:9e:bc:41:64:56:4f:8c:27:f3:62:34:2f:e2:
6b:1d:0c:1c:b8:4a:9f:70:fc:1f:78:36:65:8f:e2:ac:25:29:
8e:20:94:37:29:e3:e1:09:69:b6:e9:b3:6a:3f:f3:6b:f4:03:
d0:b4:8e:26:ee:0f:56:c5:80:d5:2b:a7:6b:a9:80:d6:8e:20:
8d:52:9b:be:05:05:bf:76:32:17:e1:33:37:1c:b0:18:4d:81:
07:c1:04:49:26:f2:76:fa:82:23:b7:45:eb:ef:5b:24:00:9c:
37:f5:58:74:59:18:d0:86:c3:d8:d1:54:a6:fa:ed:1e:7e:9b:
51:72:52:15:72:34:da:12:28:8c:c4:c9:5c:d4:6d:69:b6:cb:
f9:ac:e3:44:29:97:1b:db:bc:ea:da:c9:70:47:1c:24:3e:65:
10:b5:ab:de:89:14:0a:3c:3b:f6:bf:71:5d:fe:c1:e5:38:c6:
54:b9:1a:77:10:83:e1:0f:cf:23:23:67:ae:9a:7d:65:e7:97:
02:7c:e5:8d:d2:bd:37:c2:5e:c5:e0:b1:d7:a0:ca:15:f7:59:
89:62:78:0b:21:91:2e:9c:fb:7b:0a:83:25:a1:53:ee:6b:28:
51:52:bb:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg28usllL2g3RJW2eyqZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjMwMTAyMTI0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk2NjRmMzUyOTkzNTgwYmQ1YjJmYjUxNGY4NmRlODBjMTBhNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqPdwxieP3PpQu6pzuZZH1urJkLA
ZkNA+0Qj/D7+UV9UDGKI72hg7Gnr/ZVXwBMXNUjkazajcA+Taq0I08kMrc0hLC7N
CapR3zb1c+3frYkvvW4nzW6DPpsX2+vO9/v2UCi+1cB6TwjlwmPV1I6TIVQdVaum
Jpc+wJEt1FfIB946M9xsde6YAI4FvQa4TiAViWhXmoRZEji6zMfQqfzuusPmOxt8
xyQ8FF8DEZ+RnHD9UFAa3AXmRELa3BPu/2YX0wUkNf93yqWIyLQ/km0lhf7K34yN
tEFoAHU7D/AtF+/IhoBuGS3VCQ71+ZCWyNHQXrlbohv2Dvmks5EZuVBblQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOKWZPNSmTWAvVsvtRT4begMEKWNMB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvNHBaazgxS1pOWUM5V3ktMUZQaHQ2QXdRcFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4OMAwQB
W92EMA0GCSqGSIb3DQEBCwUAA4IBAQCZrucRP1ufglNTzcSQNEEgq031vaZ59J68
QWRWT4wn82I0L+JrHQwcuEqfcPwfeDZlj+KsJSmOIJQ3KePhCWm26bNqP/Nr9APQ
tI4m7g9WxYDVK6drqYDWjiCNUpu+BQW/djIX4TM3HLAYTYEHwQRJJvJ2+oIjt0Xr
71skAJw39Vh0WRjQhsPY0VSm+u0efptRclIVcjTaEiiMxMlc1G1ptsv5rONEKZcb
27zq2slwRxwkPmUQtaveiRQKPDv2v3Fd/sHlOMZUuRp3EIPhD88jI2eumn1l55cC
fOWN0r03wl7F4LHXoMoV91mJYngLIZEunPt7CoMloVPuayhRUrv/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:21 2024 by rpki-client on console-fra.rpki-client.org