Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/6qoTP_kWTWw8Q25_il0YjxQTFoY.roa
File: 6qoTP_kWTWw8Q25_il0YjxQTFoY.roa (raw, json)
Hash identifier: 3rQz6/ZmuHATKegyGkygiH4sBsT74pAkKMpM8nzFhsI=
Subject key identifier: EA:AA:13:3F:F9:16:4D:6C:3C:43:6E:7F:8A:5D:18:8F:14:13:16:86
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 0185701EDE515864750CAF6E6A7E06CF1AAD
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/6qoTP_kWTWw8Q25_il0YjxQTFoY.roa
Signing time: Mon 02 Jan 2023 01:35:49 +0000
ROA not before: Mon 02 Jan 2023 01:35:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 31.214.246.0/24 maxlen: 24
31.214.245.0/24 maxlen: 24
31.214.247.0/24 maxlen: 24
31.214.141.0/24 maxlen: 24
95.156.227.0/24 maxlen: 24
134.255.220.0/24 maxlen: 32
134.255.225.0/24 maxlen: 24
134.255.227.0/24 maxlen: 24
134.255.252.0/24 maxlen: 24
109.230.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:1e:de:51:58:64:75:0c:af:6e:6a:7e:06:cf:1a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 2 01:35:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaaa133ff9164d6c3c436e7f8a5d188f14131686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:80:d5:bd:8b:3b:d3:20:2e:19:cf:d6:47:56:
2d:80:b3:0d:b9:11:29:c1:ec:db:d2:ff:8e:bd:4b:
51:63:f8:ac:cb:93:16:36:a9:7e:af:5a:6d:07:7c:
2b:23:41:6b:27:1b:76:24:5a:4b:c3:6b:55:7d:87:
f5:c1:76:c6:3c:90:9c:58:c8:2a:ce:78:db:9f:99:
c7:50:4e:14:d9:5d:e1:d9:1e:3b:17:32:14:d3:2d:
24:5c:d1:5f:78:63:55:42:c8:76:88:d3:0d:0d:81:
52:45:de:98:22:9d:e8:35:e5:55:61:20:c4:01:52:
e8:25:e5:b4:c4:ce:d9:e0:ec:fc:23:b4:06:e0:90:
d9:10:88:24:cf:76:de:57:6c:a8:62:07:dc:27:db:
5a:4d:08:82:ad:68:d3:a9:d5:b0:90:9f:05:a4:05:
54:85:4a:35:2e:0a:96:9d:a7:4d:de:c3:e5:33:eb:
04:ec:ea:46:8d:ad:fd:fb:d8:7d:90:d2:7f:db:4f:
11:ec:e4:78:5c:f6:af:0d:77:ff:1f:9d:8b:6b:f7:
17:bc:49:48:f6:a2:c6:a9:68:2d:a2:08:8a:64:4b:
33:98:0c:66:ee:72:59:2e:1f:5e:18:10:14:d3:10:
d7:10:63:4f:c6:10:8d:11:22:59:eb:dc:94:61:fc:
60:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AA:13:3F:F9:16:4D:6C:3C:43:6E:7F:8A:5D:18:8F:14:13:16:86
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/6qoTP_kWTWw8Q25_il0YjxQTFoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.141.0/24
31.214.245.0-31.214.247.255
95.156.227.0/24
109.230.238.0/24
134.255.220.0/24
134.255.225.0/24
134.255.227.0/24
134.255.252.0/24
Signature Algorithm: sha256WithRSAEncryption
36:19:e3:82:19:d9:3f:63:35:ef:31:e5:5f:ea:cf:02:8b:a4:
8f:15:99:2a:d0:58:2a:ea:39:e9:45:5f:2b:d6:ba:93:92:2b:
5d:37:de:7d:c7:9a:36:ea:4e:f0:1b:47:2f:89:ef:be:13:d5:
e8:26:e3:53:3c:e7:17:52:e5:6f:17:f0:42:d2:ee:38:7a:07:
ff:a1:43:02:0a:4c:f2:4c:16:a0:68:00:0c:fa:00:f4:9e:f5:
13:55:b0:20:88:8a:ea:94:81:e9:40:70:b5:b9:ba:df:a4:30:
88:49:c1:c8:0b:0b:b2:5b:4d:31:85:3d:03:0a:81:95:f2:52:
90:66:e8:4f:a9:f8:b1:a5:3a:73:71:78:27:90:da:03:a3:29:
32:b5:9c:19:0d:ab:e3:c7:be:4d:35:1c:bf:16:27:d4:7e:5f:
ef:7a:63:0a:3e:ea:1d:a5:86:21:85:ae:72:47:8b:e4:70:a9:
11:0c:84:7f:48:35:33:2c:9a:87:84:ed:48:83:cc:2a:d5:e3:
94:01:f0:95:d1:f5:d9:8d:ab:9a:0b:03:cd:b1:bd:53:d3:d9:
98:2f:0a:08:51:c2:0f:bb:24:28:70:ad:af:0f:df:92:dd:ad:
de:53:8a:af:2e:b6:b9:33:d3:58:f0:26:f7:f1:2a:ec:c8:37:
14:0b:84:49
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYVwHt5RWGR1DK9uan4GzxqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjMwMTAyMDEzNTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWFhMTMzZmY5MTY0ZDZjM2M0MzZlN2Y4YTVkMTg4ZjE0MTMxNjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYDVvYs70yAuGc/WR1YtgLMNuREp
wezb0v+OvUtRY/isy5MWNql+r1ptB3wrI0FrJxt2JFpLw2tVfYf1wXbGPJCcWMgq
znjbn5nHUE4U2V3h2R47FzIU0y0kXNFfeGNVQsh2iNMNDYFSRd6YIp3oNeVVYSDE
AVLoJeW0xM7Z4Oz8I7QG4JDZEIgkz3beV2yoYgfcJ9taTQiCrWjTqdWwkJ8FpAVU
hUo1LgqWnadN3sPlM+sE7OpGja39+9h9kNJ/208R7OR4XPavDXf/H52La/cXvElI
9qLGqWgtogiKZEszmAxm7nJZLh9eGBAU0xDXEGNPxhCNESJZ69yUYfxgMwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOqqEz/5Fk1sPENuf4pdGI8UExaGMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvNnFvVFBfa1dUV3c4UTI1X2lsMFlqeFFURm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH9aNMAwD
BAAf1vUDBAMf1vADBABfnOMDBABt5u4DBACG/9wDBACG/+EDBACG/+MDBACG//ww
DQYJKoZIhvcNAQELBQADggEBADYZ44IZ2T9jNe8x5V/qzwKLpI8VmSrQWCrqOelF
XyvWupOSK1033n3HmjbqTvAbRy+J774T1egm41M85xdS5W8X8ELS7jh6B/+hQwIK
TPJMFqBoAAz6APSe9RNVsCCIiuqUgelAcLW5ut+kMIhJwcgLC7JbTTGFPQMKgZXy
UpBm6E+p+LGlOnNxeCeQ2gOjKTK1nBkNq+PHvk01HL8WJ9R+X+96Ywo+6h2lhiGF
rnJHi+RwqREMhH9INTMsmoeE7UiDzCrV45QB8JXR9dmNq5oLA82xvVPT2ZgvCghR
wg+7JChwra8P35Ldrd5Tiq8utrkz01jwJvfxKuzINxQLhEk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:07 2024 by rpki-client on console-fra.rpki-client.org