Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AIc11ViPBdh95CXzNUjKai2QgPw.roa
File: AIc11ViPBdh95CXzNUjKai2QgPw.roa (raw, json)
Hash identifier: BOxHfv8DGWVahFIYQBPjlvCnJE+Th1vw9ioBdLMFr1Q=
Subject key identifier: 00:87:35:D5:58:8F:05:D8:7D:E4:25:F3:35:48:CA:6A:2D:90:80:FC
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018DB2110B196CFDD37730C3CF9A373DEE3C
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AIc11ViPBdh95CXzNUjKai2QgPw.roa
Signing time: Fri 16 Feb 2024 13:17:57 +0000
ROA not before: Fri 16 Feb 2024 13:17:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60446
IP address blocks: 31.210.37.0/24 maxlen: 24
31.210.38.0/24 maxlen: 24
31.210.39.0/24 maxlen: 24
78.135.75.0/24 maxlen: 24
78.135.76.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 00:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:11:0b:19:6c:fd:d3:77:30:c3:cf:9a:37:3d:ee:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 16 13:17:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008735d5588f05d87de425f33548ca6a2d9080fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:21:04:91:01:04:eb:63:c8:72:18:a6:5e:
ba:3f:9d:76:f0:08:38:5c:cb:01:ff:43:61:17:f0:
36:1d:3a:69:fa:bd:a0:53:20:ae:c9:91:81:85:aa:
df:f5:a6:ca:55:2b:9c:c9:c8:23:0a:ac:2f:11:a2:
2e:59:76:45:0a:a6:f6:4b:31:3a:5c:66:62:08:9e:
2e:94:1f:46:96:51:a3:e3:8c:f3:6c:ca:27:f4:be:
80:e3:6f:24:82:c9:bb:14:8b:96:77:50:ba:24:60:
0d:d9:93:64:bb:64:e5:f1:7c:49:bb:4d:c8:59:7e:
b1:1d:fc:b7:93:94:7e:d5:f5:31:26:aa:54:a8:19:
cb:66:80:cb:dd:04:90:2a:13:75:67:f1:f2:38:76:
92:98:bd:ca:69:52:23:89:c0:75:c5:3c:3c:a8:1c:
2b:bf:35:87:d0:3c:fa:df:c8:00:c9:13:f6:0e:09:
3b:cf:29:7f:27:10:10:fb:31:0e:6a:e6:24:b0:bd:
1b:34:90:cf:12:a6:f5:95:81:95:2d:ad:77:ae:e8:
d6:80:04:c9:ee:32:e9:3e:ca:d2:01:6f:6c:0f:7f:
99:d6:d4:07:e0:a5:3c:1c:eb:3e:2d:c4:c7:fc:10:
fc:a8:8d:a9:3f:78:20:32:12:58:d0:d3:0f:a4:f8:
ac:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:87:35:D5:58:8F:05:D8:7D:E4:25:F3:35:48:CA:6A:2D:90:80:FC
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/AIc11ViPBdh95CXzNUjKai2QgPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.37.0-31.210.39.255
78.135.75.0-78.135.76.255
188.132.224.0/24
Signature Algorithm: sha256WithRSAEncryption
85:56:3b:2a:06:b7:86:4a:9e:f9:ce:2f:fe:a9:23:e3:36:57:
97:2a:f2:77:61:85:7c:65:55:68:f9:d0:63:e7:ed:ac:fc:64:
b6:0a:3f:f5:15:9a:46:b3:98:59:c3:8d:1a:60:71:73:60:52:
74:c9:b2:da:52:24:3c:18:e1:d2:3b:00:31:49:de:a7:13:94:
ac:4e:ee:65:54:45:4b:a3:9f:a7:a5:31:79:fe:6c:11:c2:c5:
2e:e6:29:17:d7:5e:7f:c7:ca:96:93:ab:2e:59:e0:72:52:05:
d0:4c:78:97:64:bf:99:2a:11:a6:15:6a:2e:80:2c:6e:00:a8:
e6:74:ea:17:29:41:d4:db:12:50:e8:67:02:3c:b3:d1:b9:67:
65:01:94:dd:28:ab:07:06:7f:03:89:8f:db:49:3d:4b:93:9d:
ed:c2:d0:e2:e3:67:fd:71:24:aa:4d:0a:c1:33:64:95:8b:94:
c8:24:4c:5c:63:e8:42:94:f8:76:e2:a0:85:38:1a:c6:9c:ff:
a3:54:b5:78:1d:10:48:59:8d:3b:c1:76:e2:d7:50:e4:d9:a8:
43:9d:31:d4:d8:dc:35:f4:6f:d4:20:bd:e2:21:32:79:9e:4a:
7e:de:04:71:bf:22:c8:b6:22:d2:97:84:10:8c:bc:22:e8:28:
0a:f3:e1:a4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY2yEQsZbP3TdzDDz5o3Pe48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMjE2MTMxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg3MzVkNTU4OGYwNWQ4N2RlNDI1ZjMzNTQ4Y2E2YTJkOTA4MGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlighBJEBBOtjyHIYpl66P5128Ag4
XMsB/0NhF/A2HTpp+r2gUyCuyZGBharf9abKVSucycgjCqwvEaIuWXZFCqb2SzE6
XGZiCJ4ulB9GllGj44zzbMon9L6A428kgsm7FIuWd1C6JGAN2ZNku2Tl8XxJu03I
WX6xHfy3k5R+1fUxJqpUqBnLZoDL3QSQKhN1Z/HyOHaSmL3KaVIjicB1xTw8qBwr
vzWH0Dz638gAyRP2Dgk7zyl/JxAQ+zEOauYksL0bNJDPEqb1lYGVLa13rujWgATJ
7jLpPsrSAW9sD3+Z1tQH4KU8HOs+LcTH/BD8qI2pP3ggMhJY0NMPpPisgQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFACHNdVYjwXYfeQl8zVIymotkID8MB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvQUljMTFWaVBCZGg5NUNYek5VakthaTJRZ1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAf0iUD
BAMf0iAwDAMEAE6HSwMEAE6HTAMEALyE4DANBgkqhkiG9w0BAQsFAAOCAQEAhVY7
Kga3hkqe+c4v/qkj4zZXlyryd2GFfGVVaPnQY+ftrPxktgo/9RWaRrOYWcONGmBx
c2BSdMmy2lIkPBjh0jsAMUnepxOUrE7uZVRFS6Ofp6Uxef5sEcLFLuYpF9def8fK
lpOrLlngclIF0Ex4l2S/mSoRphVqLoAsbgCo5nTqFylB1NsSUOhnAjyz0blnZQGU
3SirBwZ/A4mP20k9S5Od7cLQ4uNn/XEkqk0KwTNklYuUyCRMXGPoQpT4duKghTga
xpz/o1S1eB0QSFmNO8F24tdQ5NmoQ50x1NjcNfRv1CC94iEyeZ5Kft4Ecb8iyLYi
0peEEIy8IugoCvPhpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:43 2024 by rpki-client on console-fra.rpki-client.org