Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/CbHAnfkJIQqvN4XqqLfJw-VIf6w.roa
File: CbHAnfkJIQqvN4XqqLfJw-VIf6w.roa (raw, json)
Hash identifier: MxAwvgtRYqkH6E++6M/5yuofCYg2SqIZnKM7/vhdevA=
Subject key identifier: 09:B1:C0:9D:F9:09:21:0A:AF:37:85:EA:A8:B7:C9:C3:E5:48:7F:AC
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 01934BCC23D6C24CB24A7CF5A8C2037CA0EE
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/CbHAnfkJIQqvN4XqqLfJw-VIf6w.roa
Signing time: Wed 20 Nov 2024 22:58:09 +0000
ROA not before: Wed 20 Nov 2024 22:58:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211090
IP address blocks: 31.14.228.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
185.253.76.0/24 maxlen: 24
185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
185.253.79.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4b:cc:23:d6:c2:4c:b2:4a:7c:f5:a8:c2:03:7c:a0:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Nov 20 22:58:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09b1c09df909210aaf3785eaa8b7c9c3e5487fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b7:7a:5c:e8:0d:49:22:e3:53:74:91:65:e6:
2e:37:8c:b0:36:f6:b4:51:ca:3a:6d:87:b6:ac:c8:
3a:bd:b0:49:c3:32:17:3b:3a:09:9e:34:a3:61:d5:
d1:38:17:72:2a:01:0a:53:2b:85:83:fb:58:eb:88:
7a:19:69:f6:96:27:ed:b6:37:ce:be:e3:31:fd:2d:
e6:9c:ec:b1:20:12:5e:e4:82:31:f8:24:17:46:dc:
84:10:b9:7f:4d:ab:d0:16:cd:50:63:bd:e7:12:f5:
66:0b:71:10:b7:e9:4d:58:e5:2f:fe:53:ea:7d:dc:
5d:a3:e5:bc:89:2a:64:13:99:6a:2d:53:28:a0:93:
af:76:16:68:71:93:32:85:63:a1:14:ef:bd:9b:8e:
ba:dd:c5:52:49:2e:81:7c:43:3e:2f:3f:2e:6e:31:
04:1c:cb:8f:d2:08:93:20:53:e8:00:cc:6b:39:8d:
e2:d2:8d:3a:b4:d5:fd:f6:9f:bf:17:43:6c:8a:07:
a8:21:25:2e:8a:03:a3:5a:60:14:95:13:d5:e6:af:
df:ac:b9:b4:ca:ab:1d:84:56:36:33:e2:a7:04:fe:
43:fc:2b:eb:89:c7:7a:fb:cd:28:9d:14:cd:1b:ad:
e7:02:d8:0e:20:f6:08:76:66:e2:bf:70:ed:9f:6f:
3c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B1:C0:9D:F9:09:21:0A:AF:37:85:EA:A8:B7:C9:C3:E5:48:7F:AC
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/CbHAnfkJIQqvN4XqqLfJw-VIf6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/24
91.239.119.0/24
185.253.76.0/22
IPv6:
2a10:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
7e:72:99:97:8d:8e:4d:65:cb:26:77:b2:88:56:58:81:42:db:
90:32:14:20:09:e0:cd:22:57:7a:d5:44:54:c3:72:e8:24:c3:
64:7a:49:32:2b:6f:10:01:18:3d:5f:d5:59:d7:51:f9:71:ac:
9b:aa:e8:8c:11:ff:9f:c4:ca:2d:ea:47:5b:da:30:90:48:00:
63:63:5d:34:64:c4:36:33:43:b8:40:c7:d0:ca:3c:f6:c2:62:
3a:14:94:81:b2:f7:c1:f5:e3:07:14:4f:c5:f3:24:85:81:18:
60:95:50:01:6d:8d:c2:70:1c:15:89:44:4f:f6:ef:d8:8c:dc:
81:c5:60:f1:da:58:1a:89:06:38:e4:43:d2:26:6b:92:1b:c9:
0a:a8:c7:3e:f3:1b:d3:ee:72:f4:f9:9c:cf:00:13:c0:1f:62:
78:0d:47:26:63:20:64:1a:5c:32:bb:a3:26:9b:95:5d:0c:76:
41:c8:99:76:94:1b:fb:32:2a:b8:0c:1a:73:2d:1e:bb:29:01:
ef:fb:23:d2:47:f1:35:e8:ee:ab:53:46:74:85:4e:38:8d:fc:
7d:2f:f2:08:9f:f0:07:72:f0:be:87:30:02:7e:33:68:75:a3:
4a:76:0b:15:ba:82:a7:81:99:ff:f7:ae:cc:4a:9f:e4:30:c6:
16:80:30:a9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZNLzCPWwkyySnz1qMIDfKDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQxMTIwMjI1ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIxYzA5ZGY5MDkyMTBhYWYzNzg1ZWFhOGI3YzljM2U1NDg3ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbd6XOgNSSLjU3SRZeYuN4ywNva0
Uco6bYe2rMg6vbBJwzIXOzoJnjSjYdXROBdyKgEKUyuFg/tY64h6GWn2lifttjfO
vuMx/S3mnOyxIBJe5IIx+CQXRtyEELl/TavQFs1QY73nEvVmC3EQt+lNWOUv/lPq
fdxdo+W8iSpkE5lqLVMooJOvdhZocZMyhWOhFO+9m4663cVSSS6BfEM+Lz8ubjEE
HMuP0giTIFPoAMxrOY3i0o06tNX99p+/F0NsigeoISUuigOjWmAUlRPV5q/frLm0
yqsdhFY2M+KnBP5D/Cvricd6+80onRTNG63nAtgOIPYIdmbiv3Dtn288IQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAmxwJ35CSEKrzeF6qi3ycPlSH+sMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvQ2JIQW5ma0pJUXF2TjRYcXFMZkp3LVZJZjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHw7kAwQA
W+93AwQCuf1MMA8EAgACMAkDBwAqEPHAAAAwDQYJKoZIhvcNAQELBQADggEBAH5y
mZeNjk1lyyZ3sohWWIFC25AyFCAJ4M0iV3rVRFTDcugkw2R6STIrbxABGD1f1VnX
UflxrJuq6IwR/5/Eyi3qR1vaMJBIAGNjXTRkxDYzQ7hAx9DKPPbCYjoUlIGy98H1
4wcUT8XzJIWBGGCVUAFtjcJwHBWJRE/279iM3IHFYPHaWBqJBjjkQ9Ima5IbyQqo
xz7zG9PucvT5nM8AE8AfYngNRyZjIGQaXDK7oyablV0MdkHImXaUG/syKrgMGnMt
HrspAe/7I9JH8TXo7qtTRnSFTjiN/H0v8gif8Ady8L6HMAJ+M2h1o0p2CxW6gqeB
mf/3rsxKn+QwxhaAMKk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:30 2025 by rpki-client