Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/rs3hm5s2LkcZ8AUwvtPAy812M2c.roa
File: rs3hm5s2LkcZ8AUwvtPAy812M2c.roa (raw, json)
Hash identifier: hgCIny3brgGOFm759elQrWbjXcB9J61kUFDOC8HcSWo=
Subject key identifier: AE:CD:E1:9B:9B:36:2E:47:19:F0:05:30:BE:D3:C0:CB:CD:76:33:67
Certificate issuer: /CN=09ea1d4531b071d6574699c12e5afa41f89bd409
Certificate serial: 0189AC292FC27086E7163E989BE016F958F7
Authority key identifier: 09:EA:1D:45:31:B0:71:D6:57:46:99:C1:2E:5A:FA:41:F8:9B:D4:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeodRTGwcdZXRpnBLlr6Qfib1Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/rs3hm5s2LkcZ8AUwvtPAy812M2c.roa
Signing time: Mon 31 Jul 2023 13:35:27 +0000
ROA not before: Mon 31 Jul 2023 13:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50245
IP address blocks: 109.206.160.0/19 maxlen: 24
91.229.94.0/24 maxlen: 24
31.133.208.0/20 maxlen: 24
62.122.168.0/21 maxlen: 24
91.227.144.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:29:2f:c2:70:86:e7:16:3e:98:9b:e0:16:f9:58:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ea1d4531b071d6574699c12e5afa41f89bd409
Validity
Not Before: Jul 31 13:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aecde19b9b362e4719f00530bed3c0cbcd763367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7c:b0:fd:dd:61:c2:27:a8:6f:43:85:f1:f5:
c8:30:ef:ee:26:1a:42:1e:05:b5:fc:9d:f9:1e:76:
d6:6f:65:90:de:ee:d6:16:87:ef:08:8c:64:ea:ac:
96:57:4b:14:4e:18:fa:10:d9:02:74:3f:85:55:52:
b6:e6:ff:1e:1c:8c:07:c6:d7:9e:c3:66:e5:02:34:
30:9a:3b:97:27:24:92:db:d4:a6:f0:07:ba:34:01:
81:cd:db:ab:0e:ba:74:7b:ba:c3:48:d3:ab:6c:8f:
94:f4:df:c2:03:1d:7e:e9:0b:71:cc:80:8b:fa:b7:
a4:c8:4a:37:b7:41:3b:b1:8c:5a:07:ce:10:9e:46:
a3:68:a4:5e:7b:d3:6d:8b:cf:62:ce:55:6e:69:82:
55:6b:dd:93:d2:5e:2f:95:5f:4d:2f:34:79:d2:80:
22:b3:03:b7:fa:72:93:09:ca:68:93:00:e0:8f:b6:
8b:1f:30:8d:70:74:8b:bd:b1:68:fc:0d:87:49:fc:
e6:38:25:5c:5b:49:1e:76:f8:72:53:77:a0:42:d8:
07:7e:48:db:72:c5:a9:3e:57:0b:af:7d:4e:c0:a6:
42:59:35:4d:54:1c:31:a5:1b:98:a8:90:c0:ba:64:
88:a7:ea:0e:f2:65:0e:ac:d7:eb:05:da:15:ad:1b:
21:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CD:E1:9B:9B:36:2E:47:19:F0:05:30:BE:D3:C0:CB:CD:76:33:67
X509v3 Authority Key Identifier:
keyid:09:EA:1D:45:31:B0:71:D6:57:46:99:C1:2E:5A:FA:41:F8:9B:D4:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeodRTGwcdZXRpnBLlr6Qfib1Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/rs3hm5s2LkcZ8AUwvtPAy812M2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a7ca61-2e8d-4bbe-9c36-4e6d130bda0f/1/CeodRTGwcdZXRpnBLlr6Qfib1Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.208.0/20
62.122.168.0/21
91.227.144.0/22
91.229.94.0/24
109.206.160.0/19
Signature Algorithm: sha256WithRSAEncryption
3e:95:8b:9d:7c:d4:f6:cc:69:35:4e:c5:0f:98:12:ec:04:3d:
29:55:a6:c6:d7:d0:a7:05:ed:e7:4f:8b:33:96:e3:1b:ac:36:
a5:20:08:04:6c:09:4a:e0:f3:3a:84:6a:03:d0:d8:be:da:ac:
8f:f5:d1:c3:b2:a8:de:7b:1c:14:6e:8b:52:d4:32:85:f8:b7:
78:14:04:d2:f6:f7:03:ca:8e:e5:b0:ae:8a:c9:5e:58:c6:25:
7a:d0:4b:f0:04:b2:46:1d:6c:94:dc:cb:05:46:3b:bd:44:97:
15:94:5e:b0:79:a2:be:45:ee:25:57:95:6e:61:77:af:4e:93:
aa:54:7c:3f:04:77:f4:4f:64:40:70:d4:4d:90:7f:30:a1:fc:
7b:49:dd:cc:09:50:90:1b:b5:bc:b8:56:cb:68:66:dd:9d:69:
a7:42:0a:20:9b:ea:94:c5:70:29:01:31:0e:3d:89:83:2d:52:
85:3d:3d:12:60:ef:5c:2b:10:52:ad:ba:b3:e4:f9:54:88:2c:
7e:8d:5a:7f:e6:81:e1:d5:a8:39:ec:44:73:4e:ba:2c:7c:3d:
29:09:2d:fb:8c:8f:ba:0e:d9:c8:1b:5d:66:d0:9d:05:d3:51:
69:3e:6e:6a:de:81:4a:05:50:61:30:b7:d2:cf:f2:df:f3:65:
92:58:b4:81
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmsKS/CcIbnFj6Ym+AW+Vj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWExZDQ1MzFiMDcxZDY1NzQ2OTljMTJlNWFmYTQxZjg5
YmQ0MDkwHhcNMjMwNzMxMTMzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWNkZTE5YjliMzYyZTQ3MTlmMDA1MzBiZWQzYzBjYmNkNzYzMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3yw/d1hwieob0OF8fXIMO/uJhpC
HgW1/J35HnbWb2WQ3u7WFofvCIxk6qyWV0sUThj6ENkCdD+FVVK25v8eHIwHxtee
w2blAjQwmjuXJySS29Sm8Ae6NAGBzdurDrp0e7rDSNOrbI+U9N/CAx1+6QtxzICL
+rekyEo3t0E7sYxaB84QnkajaKRee9Nti89izlVuaYJVa92T0l4vlV9NLzR50oAi
swO3+nKTCcpokwDgj7aLHzCNcHSLvbFo/A2HSfzmOCVcW0kedvhyU3egQtgHfkjb
csWpPlcLr31OwKZCWTVNVBwxpRuYqJDAumSIp+oO8mUOrNfrBdoVrRsh8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK7N4ZubNi5HGfAFML7TwMvNdjNnMB8GA1UdIwQY
MBaAFAnqHUUxsHHWV0aZwS5a+kH4m9QJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VvZFJUR3djZFpYUnBuQkxscjZRZmliMUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hN2NhNjEtMmU4ZC00YmJlLTljMzYt
NGU2ZDEzMGJkYTBmLzEvcnMzaG01czJMa2NaOEFVd3Z0UEF5ODEyTTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hN2NhNjEtMmU4ZC00YmJlLTljMzYtNGU2ZDEzMGJkYTBm
LzEvQ2VvZFJUR3djZFpYUnBuQkxscjZRZmliMUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEH4XQAwQD
PnqoAwQCW+OQAwQAW+VeAwQFbc6gMA0GCSqGSIb3DQEBCwUAA4IBAQA+lYudfNT2
zGk1TsUPmBLsBD0pVabG19CnBe3nT4szluMbrDalIAgEbAlK4PM6hGoD0Ni+2qyP
9dHDsqjeexwUbotS1DKF+Ld4FATS9vcDyo7lsK6KyV5YxiV60EvwBLJGHWyU3MsF
Rju9RJcVlF6weaK+Re4lV5VuYXevTpOqVHw/BHf0T2RAcNRNkH8wofx7Sd3MCVCQ
G7W8uFbLaGbdnWmnQgogm+qUxXApATEOPYmDLVKFPT0SYO9cKxBSrbqz5PlUiCx+
jVp/5oHh1ag57ERzTrosfD0pCS37jI+6DtnIG11m0J0F01FpPm5q3oFKBVBhMLfS
z/Lf82WSWLSB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:22 2024 by rpki-client on console-fra.rpki-client.org