Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/dEAg_qYACruqe5c3acx3PdbHQEc.roa
File: dEAg_qYACruqe5c3acx3PdbHQEc.roa (raw, json)
Hash identifier: /OoDpqLZPt1Kd4CPlYVRHNReWrOIZ9M/zG+CjVK+nTQ=
Subject key identifier: 74:40:20:FE:A6:00:0A:BB:AA:7B:97:37:69:CC:77:3D:D6:C7:40:47
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018E6FF584C7DB976A25BADF35E25F3E702F
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/dEAg_qYACruqe5c3acx3PdbHQEc.roa
Signing time: Sun 24 Mar 2024 10:15:45 +0000
ROA not before: Sun 24 Mar 2024 10:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211090
IP address blocks: 31.14.228.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
185.253.76.0/24 maxlen: 24
185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Nov 2024 22:58:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6f:f5:84:c7:db:97:6a:25:ba:df:35:e2:5f:3e:70:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Mar 24 10:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=744020fea6000abbaa7b973769cc773dd6c74047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d7:d1:63:f2:88:98:82:cb:60:70:c2:fa:ac:
d3:57:7b:bb:82:f0:e6:f3:cf:83:2f:94:47:ee:5a:
34:50:f8:f8:f6:44:4d:e1:c0:9f:a4:01:1d:2f:3b:
1c:d4:3c:71:60:41:ea:70:c7:40:aa:89:72:dd:22:
e1:33:b9:3f:41:db:22:12:fc:b6:71:b3:24:d9:84:
fa:97:5a:37:d3:d4:09:a2:02:32:81:4c:d0:de:5b:
bf:fa:aa:4e:98:bc:42:09:16:fa:7f:7b:1d:19:02:
cb:37:0c:68:d4:ac:d3:85:57:b3:dd:8e:b6:58:72:
0e:e5:db:f0:95:ea:58:26:ba:2d:d3:9a:f8:eb:2f:
1e:54:a1:04:7c:43:43:fd:f8:25:61:64:e0:7e:35:
93:06:77:9c:af:68:bf:f0:0e:54:38:57:cc:19:b1:
9e:ee:06:d7:27:66:d3:c0:44:26:f4:cd:a6:91:cc:
fe:3b:b1:f0:ae:89:a7:98:ea:ca:df:44:db:1b:c9:
f3:93:9a:93:38:7e:a7:ab:e8:28:de:66:34:06:51:
7e:30:68:cf:a0:23:02:ba:fb:7c:f9:4e:02:59:48:
1a:ec:28:cd:13:40:8a:82:1b:c0:50:66:49:55:a0:
81:bd:85:38:c9:60:46:78:83:70:05:1a:a2:5f:45:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:40:20:FE:A6:00:0A:BB:AA:7B:97:37:69:CC:77:3D:D6:C7:40:47
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/dEAg_qYACruqe5c3acx3PdbHQEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/24
91.239.119.0/24
185.253.76.0-185.253.78.255
IPv6:
2a10:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:e0:10:b3:fe:97:67:08:cb:b1:c5:d4:d5:a6:36:be:b4:95:
99:3a:ec:11:e8:f3:46:a8:bc:0f:41:11:7a:3e:35:6a:a4:d1:
f4:37:27:9c:63:30:4e:aa:d3:c8:05:84:0d:50:bb:dd:f9:1a:
7f:f2:f8:45:2e:59:e2:e8:84:c6:88:f8:fa:a2:04:eb:23:ac:
71:a8:30:29:ac:2a:40:a8:21:f3:e6:de:10:27:e7:6c:89:cd:
9b:b8:27:70:2e:d2:48:a0:d2:06:19:c0:c2:3a:36:a2:d1:c7:
a4:9d:e2:a7:28:bc:18:85:21:d8:95:e8:eb:8e:b3:3f:89:cf:
21:d2:da:8e:4e:2f:2e:96:b1:33:26:cd:85:32:ff:6f:f9:c3:
e6:9f:5b:1b:32:91:c7:0c:d2:43:2a:52:4f:f3:b2:6a:bb:ea:
ae:81:d6:16:f5:f0:af:c6:d6:1a:02:9a:0a:58:b5:26:db:dc:
79:cd:82:7a:de:72:d6:d8:77:5e:a2:5f:fe:79:0f:d1:78:5a:
06:4d:97:61:fe:b9:a6:48:91:11:1f:e2:cc:da:83:89:f4:77:
43:d4:53:ac:04:9c:9b:fe:d3:04:cc:16:2d:14:ed:00:c3:47:
4e:7c:16:3c:66:f3:49:c9:bb:65:65:2c:45:90:84:ea:53:f4:
45:63:e2:f7
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAY5v9YTH25dqJbrfNeJfPnAvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjQwMzI0MTAxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDQwMjBmZWE2MDAwYWJiYWE3Yjk3Mzc2OWNjNzczZGQ2Yzc0MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNfRY/KImILLYHDC+qzTV3u7gvDm
88+DL5RH7lo0UPj49kRN4cCfpAEdLzsc1DxxYEHqcMdAqoly3SLhM7k/QdsiEvy2
cbMk2YT6l1o309QJogIygUzQ3lu/+qpOmLxCCRb6f3sdGQLLNwxo1KzThVez3Y62
WHIO5dvwlepYJrot05r46y8eVKEEfEND/fglYWTgfjWTBnecr2i/8A5UOFfMGbGe
7gbXJ2bTwEQm9M2mkcz+O7HwromnmOrK30TbG8nzk5qTOH6nq+go3mY0BlF+MGjP
oCMCuvt8+U4CWUga7CjNE0CKghvAUGZJVaCBvYU4yWBGeINwBRqiX0VmhQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHRAIP6mAAq7qnuXN2nMdz3Wx0BHMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvZEVBZ19xWUFDcnVxZTVjM2FjeDNQZGJIUUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAHw7kAwQA
W+93MAwDBAK5/UwDBAC5/U4wDwQCAAIwCQMHACoQ8cAAADANBgkqhkiG9w0BAQsF
AAOCAQEAKuAQs/6XZwjLscXU1aY2vrSVmTrsEejzRqi8D0ERej41aqTR9DcnnGMw
TqrTyAWEDVC73fkaf/L4RS5Z4uiExoj4+qIE6yOscagwKawqQKgh8+beECfnbInN
m7gncC7SSKDSBhnAwjo2otHHpJ3ipyi8GIUh2JXo646zP4nPIdLajk4vLpaxMybN
hTL/b/nD5p9bGzKRxwzSQypST/OyarvqroHWFvXwr8bWGgKaCli1Jtvcec2Cet5y
1th3XqJf/nkP0XhaBk2XYf65pkiRER/izNqDifR3Q9RTrAScm/7TBMwWLRTtAMNH
TnwWPGbzScm7ZWUsRZCE6lP0RWPi9w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:11:07 2024 by rpki-client on console-ams.rpki-client.org