Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa
File: rxtOL5YureCQ_3a_Fhe2MthygW8.roa (raw, json)
Hash identifier: oXMQkGC/ksl7gL3BTKesBXjpU5i8lkHgg2vSdHD3tQo=
Subject key identifier: AF:1B:4E:2F:96:2E:AD:E0:90:FF:76:BF:16:17:B6:32:D8:72:81:6F
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DF535038527FA26B6B2D6C2AE08A46C02
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa
Signing time: Thu 29 Feb 2024 14:11:48 +0000
ROA not before: Thu 29 Feb 2024 14:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 31.216.63.0/24 maxlen: 24
77.87.120.0/24 maxlen: 24
84.246.86.0/24 maxlen: 24
91.246.48.0/24 maxlen: 24
91.246.53.0/24 maxlen: 24
91.247.165.0/24 maxlen: 24
91.247.166.0/24 maxlen: 24
91.247.173.0/24 maxlen: 24
93.157.109.0/24 maxlen: 24
109.107.136.0/24 maxlen: 24
109.107.141.0/24 maxlen: 24
109.205.188.0/24 maxlen: 24
176.97.203.0/24 maxlen: 24
176.116.3.0/24 maxlen: 24
193.160.219.0/24 maxlen: 24
194.105.60.0/24 maxlen: 24
194.107.92.0/24 maxlen: 24
217.198.176.0/24 maxlen: 24
217.198.179.0/24 maxlen: 24
217.198.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 09:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:35:03:85:27:fa:26:b6:b2:d6:c2:ae:08:a4:6c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 29 14:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af1b4e2f962eade090ff76bf1617b632d872816f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:31:6f:1b:e6:8e:80:76:af:48:9c:97:09:cf:
49:b8:d3:4a:6e:20:cf:82:77:fe:fb:07:69:d9:2c:
a2:8f:56:51:d9:36:b2:4d:95:d8:15:be:48:84:98:
7c:e5:dd:62:c8:8f:50:40:15:4e:51:26:f8:86:69:
dd:fe:6e:33:84:f0:2e:bc:bc:9c:ef:06:2a:96:3c:
1a:07:8d:7e:eb:2f:16:d5:15:4e:31:da:bb:eb:fd:
b8:8d:cc:b9:79:b9:1a:ed:4d:f5:6c:0c:23:93:4f:
ab:4b:80:6a:72:b2:14:32:be:1a:8e:b4:c8:1f:fc:
93:d6:5a:9b:30:fa:47:d5:60:f6:b3:de:3a:5e:e4:
a5:4a:47:0e:0f:04:ab:ed:3c:c7:0c:23:18:39:a4:
a6:66:37:20:d5:73:ff:e3:00:98:68:87:34:37:ae:
37:fd:2d:7e:d0:32:32:e1:11:79:c3:e9:f3:6f:62:
fb:54:22:ff:f5:fb:01:0b:e7:d9:09:ca:4b:c0:61:
63:cd:da:ef:39:1e:c6:e7:1b:c5:f4:8a:65:ae:91:
71:06:20:3b:b1:02:cc:c4:30:6e:8c:76:a5:1a:26:
91:1e:61:94:21:4a:7b:ac:27:c8:24:5f:c4:6c:1f:
80:52:23:b9:a6:fe:4b:63:d1:25:5f:be:ad:17:53:
4d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1B:4E:2F:96:2E:AD:E0:90:FF:76:BF:16:17:B6:32:D8:72:81:6F
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/rxtOL5YureCQ_3a_Fhe2MthygW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.63.0/24
77.87.120.0/24
84.246.86.0/24
91.246.48.0/24
91.246.53.0/24
91.247.165.0-91.247.166.255
91.247.173.0/24
93.157.109.0/24
109.107.136.0/24
109.107.141.0/24
109.205.188.0/24
176.97.203.0/24
176.116.3.0/24
193.160.219.0/24
194.105.60.0/24
194.107.92.0/24
217.198.176.0/24
217.198.179.0-217.198.180.255
Signature Algorithm: sha256WithRSAEncryption
3d:14:46:34:53:5c:e8:82:e5:24:2a:80:f5:8a:8f:1d:52:e0:
53:51:19:54:e3:2d:f7:a6:b8:fa:5e:ea:b4:ac:75:2c:d3:bc:
7b:75:f2:84:cd:76:c7:74:6c:b6:17:ca:5a:49:e5:d3:a9:c7:
dd:61:71:8f:af:d0:90:f0:5f:39:c6:f0:b9:f7:f7:da:5b:7f:
f1:e3:2a:1a:55:47:c2:e6:93:ef:f5:c8:19:53:18:ce:4d:f9:
82:d4:8a:63:7a:41:ba:3a:72:85:1a:fb:02:93:23:1b:3c:1f:
d4:cf:2d:7b:4c:27:71:09:e0:19:05:70:20:6b:e6:e5:06:99:
1e:ff:d8:e1:07:a4:c0:59:02:ab:6e:38:29:ff:6e:cd:ea:4c:
40:15:d8:2a:98:c7:5f:ee:3d:f6:a7:26:76:0a:b3:09:6a:cb:
06:b2:ab:70:bc:ce:2a:d1:b5:2c:de:40:df:8a:13:ef:84:62:
65:5c:7b:27:d2:69:f3:78:79:de:6b:29:b5:fb:b5:76:c1:91:
60:9c:2f:11:77:96:33:8a:f6:19:4b:7d:a1:68:07:29:c1:b8:
78:99:27:1d:2d:2d:23:0c:d7:f3:aa:4d:3d:00:24:2c:70:84:
a7:4a:45:30:43:24:16:b5:14:12:eb:e3:31:71:69:88:05:83:
82:2a:54:19
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY31NQOFJ/omtrLWwq4IpGwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI5MTQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFiNGUyZjk2MmVhZGUwOTBmZjc2YmYxNjE3YjYzMmQ4NzI4MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTFvG+aOgHavSJyXCc9JuNNKbiDP
gnf++wdp2Syij1ZR2TayTZXYFb5IhJh85d1iyI9QQBVOUSb4hmnd/m4zhPAuvLyc
7wYqljwaB41+6y8W1RVOMdq76/24jcy5ebka7U31bAwjk0+rS4BqcrIUMr4ajrTI
H/yT1lqbMPpH1WD2s946XuSlSkcODwSr7TzHDCMYOaSmZjcg1XP/4wCYaIc0N643
/S1+0DIy4RF5w+nzb2L7VCL/9fsBC+fZCcpLwGFjzdrvOR7G5xvF9IplrpFxBiA7
sQLMxDBujHalGiaRHmGUIUp7rCfIJF/EbB+AUiO5pv5LY9ElX76tF1NNsQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFK8bTi+WLq3gkP92vxYXtjLYcoFvMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvcnh0T0w1WXVyZUNRXzNhX0ZoZTJNdGh5Z1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAB/Y
PwMEAE1XeAMEAFT2VgMEAFv2MAMEAFv2NTAMAwQAW/elAwQAW/emAwQAW/etAwQA
XZ1tAwQAbWuIAwQAbWuNAwQAbc28AwQAsGHLAwQAsHQDAwQAwaDbAwQAwmk8AwQA
wmtcAwQA2cawMAwDBADZxrMDBADZxrQwDQYJKoZIhvcNAQELBQADggEBAD0URjRT
XOiC5SQqgPWKjx1S4FNRGVTjLfemuPpe6rSsdSzTvHt18oTNdsd0bLYXylpJ5dOp
x91hcY+v0JDwXznG8Ln399pbf/HjKhpVR8Lmk+/1yBlTGM5N+YLUimN6Qbo6coUa
+wKTIxs8H9TPLXtMJ3EJ4BkFcCBr5uUGmR7/2OEHpMBZAqtuOCn/bs3qTEAV2CqY
x1/uPfanJnYKswlqywayq3C8zirRtSzeQN+KE++EYmVceyfSafN4ed5rKbX7tXbB
kWCcLxF3ljOK9hlLfaFoBynBuHiZJx0tLSMM1/OqTT0AJCxwhKdKRTBDJBa1FBLr
4zFxaYgFg4IqVBk=
-----END CERTIFICATE-----
Generated at Mon Mar 4 12:18:10 2024 by rpki-client on console-ams.rpki-client.org