Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9OhdSqsLK8PIKFb0HjjiUOLbN4M.roa
File: 9OhdSqsLK8PIKFb0HjjiUOLbN4M.roa (raw, json)
Hash identifier: o29QAgJtP72e0vHkz44z6m+xVaCwp2HpxrjDoq1jIVY=
Subject key identifier: F4:E8:5D:4A:AB:0B:2B:C3:C8:28:56:F4:1E:38:E2:50:E2:DB:37:83
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018F171E9E3F75B8941F01836C9CF2ABFCE0
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9OhdSqsLK8PIKFb0HjjiUOLbN4M.roa
Signing time: Thu 25 Apr 2024 21:17:13 +0000
ROA not before: Thu 25 Apr 2024 21:17:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.211.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.218.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 23:32:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:17:1e:9e:3f:75:b8:94:1f:01:83:6c:9c:f2:ab:fc:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 25 21:17:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4e85d4aab0b2bc3c82856f41e38e250e2db3783
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:4f:2c:e7:ce:ac:ef:fe:2e:15:c4:5b:a2:
9f:fd:90:2d:e0:07:c5:4b:58:2f:bf:1d:ce:0d:a2:
44:36:0a:3d:05:89:90:01:e0:a7:f4:74:e1:a1:b2:
89:f4:d1:eb:8b:f9:71:97:7b:9d:c2:f3:d3:9b:ce:
1b:6e:22:ec:b7:2b:df:88:e9:36:4d:a1:26:90:bc:
24:2d:23:a5:0f:89:f3:51:aa:9d:b2:4a:f6:5a:a1:
a9:c2:dd:4c:d2:9b:b8:73:4e:17:f5:2e:04:77:75:
13:b7:0a:e2:c5:b4:87:e8:4d:4c:17:32:be:b2:24:
7d:18:97:d9:b8:ad:75:8f:2b:fa:52:b0:fe:11:bf:
68:f7:3f:4b:ac:d5:83:77:b4:e6:0c:9c:7c:cd:7a:
b0:c9:58:3c:ac:d6:6b:79:2c:84:5e:c7:6d:da:ab:
7c:5a:bf:d9:66:04:71:ad:6c:ec:a3:e1:ee:16:62:
01:39:ba:ee:39:98:ed:c7:10:2a:f8:73:41:e8:fc:
bc:8c:e0:78:85:ee:44:3a:2e:e8:a2:6b:ee:0a:29:
e3:83:6f:f2:87:07:ac:1d:57:52:6c:7c:10:b4:59:
cb:d8:22:d3:f5:54:e8:4e:92:bd:5c:cc:7c:83:79:
a5:47:8a:f2:81:d1:9a:fc:e1:b4:b3:e9:4a:eb:59:
d3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E8:5D:4A:AB:0B:2B:C3:C8:28:56:F4:1E:38:E2:50:E2:DB:37:83
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/9OhdSqsLK8PIKFb0HjjiUOLbN4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.50.0/23
31.210.53.0/24
78.135.78.0/24
188.132.170.0/24
188.132.211.0/24
188.132.215.0/24
188.132.218.0/24
188.132.228.0/24
212.68.36.0/24
212.68.38.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
03:68:af:f0:91:0c:6c:e3:10:65:06:6a:59:63:18:54:71:82:
5f:e8:7e:4a:00:16:86:58:20:da:04:01:12:f7:40:bb:58:3a:
72:0d:fb:9b:9e:24:c9:60:0c:56:3b:f8:bc:f0:0d:75:c5:97:
3e:36:3b:71:84:ec:59:ed:f1:7b:8b:6e:ff:b3:a4:f9:e1:40:
1a:1e:b5:40:c8:f7:82:18:41:e0:a6:4d:70:0a:d2:19:2d:c3:
3a:d9:00:ba:de:be:47:66:fa:e2:71:a6:45:84:b9:91:80:6d:
58:2a:95:22:d7:ea:a3:21:5b:c5:3a:2c:d1:c3:8d:f0:d8:d5:
13:de:e3:eb:83:35:8b:cc:94:f6:8a:97:02:7b:ba:39:6d:2a:
b4:b3:bc:0b:1d:53:db:92:15:de:62:c0:4f:9d:66:1b:6a:e6:
d5:52:44:07:2f:c4:89:41:92:0d:8b:f3:9b:8a:25:53:8f:2c:
86:16:ef:15:96:85:5c:1e:c4:e9:fc:dc:61:e7:4c:65:e4:6b:
a1:2f:f2:3a:84:6e:f2:e3:4e:8f:09:f2:6e:98:ba:a4:8f:a8:
33:0c:70:48:6d:e5:13:c2:43:25:67:6d:ab:a3:6b:d9:47:ce:
31:42:43:2d:f4:6d:8b:57:56:6f:33:ec:e9:fc:52:53:21:ba:
d2:a1:62:4c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY8XHp4/dbiUHwGDbJzyq/zgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwNDI1MjExNzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU4NWQ0YWFiMGIyYmMzYzgyODU2ZjQxZTM4ZTI1MGUyZGIzNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmdPLOfOrO/+LhXEW6Kf/ZAt4AfF
S1gvvx3ODaJENgo9BYmQAeCn9HThobKJ9NHri/lxl3udwvPTm84bbiLstyvfiOk2
TaEmkLwkLSOlD4nzUaqdskr2WqGpwt1M0pu4c04X9S4Ed3UTtwrixbSH6E1MFzK+
siR9GJfZuK11jyv6UrD+Eb9o9z9LrNWDd7TmDJx8zXqwyVg8rNZreSyEXsdt2qt8
Wr/ZZgRxrWzso+HuFmIBObruOZjtxxAq+HNB6Py8jOB4he5EOi7oomvuCinjg2/y
hwesHVdSbHwQtFnL2CLT9VToTpK9XMx8g3mlR4rygdGa/OG0s+lK61nTEwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFPToXUqrCyvDyChW9B444lDi2zeDMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvOU9oZFNxc0xLOFBJS0ZiMEhqamlVT0xiTjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBH9IyAwQA
H9I1AwQATodOAwQAvISqAwQAvITTAwQAvITXAwQAvITaAwQAvITkAwQA1EQkAwQA
1EQmAwQA1EQxMA0GCSqGSIb3DQEBCwUAA4IBAQADaK/wkQxs4xBlBmpZYxhUcYJf
6H5KABaGWCDaBAES90C7WDpyDfubniTJYAxWO/i88A11xZc+NjtxhOxZ7fF7i27/
s6T54UAaHrVAyPeCGEHgpk1wCtIZLcM62QC63r5HZvricaZFhLmRgG1YKpUi1+qj
IVvFOizRw43w2NUT3uPrgzWLzJT2ipcCe7o5bSq0s7wLHVPbkhXeYsBPnWYbaubV
UkQHL8SJQZINi/ObiiVTjyyGFu8VloVcHsTp/Nxh50xl5GuhL/I6hG7y406PCfJu
mLqkj6gzDHBIbeUTwkMlZ22ro2vZR84xQkMt9G2LV1ZvM+zp/FJTIbrSoWJM
-----END CERTIFICATE-----
Generated at Sun May 12 00:14:06 2024 by rpki-client on console-ams.rpki-client.org