Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qfyW1C7I7XojnJJYd2qB-F1IqQo.roa
File: qfyW1C7I7XojnJJYd2qB-F1IqQo.roa (raw, json)
Hash identifier: DZSw7dPuKpDDh/7JxMC1b3l6WxUifGfmcYXWZxq1LoU=
Subject key identifier: A9:FC:96:D4:2E:C8:ED:7A:23:9C:92:58:77:6A:81:F8:5D:48:A9:0A
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018DD35E49B868D55D361D99D2ADE4BEC3AA
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qfyW1C7I7XojnJJYd2qB-F1IqQo.roa
Signing time: Fri 23 Feb 2024 00:29:48 +0000
ROA not before: Fri 23 Feb 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 31.210.48.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
77.92.153.0/24 maxlen: 24
78.135.66.0/24 maxlen: 24
185.17.139.0/24 maxlen: 24
188.132.129.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.185.0/24 maxlen: 24
188.132.186.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
188.132.201.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 14:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d3:5e:49:b8:68:d5:5d:36:1d:99:d2:ad:e4:be:c3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 23 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9fc96d42ec8ed7a239c9258776a81f85d48a90a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:d1:1e:d6:da:c9:ce:4e:8b:4d:13:8d:0a:
2c:12:d9:01:ce:0d:9d:fc:a0:42:73:d4:be:ca:f5:
66:b7:22:60:f2:df:92:e2:e0:3d:c7:22:a6:db:d1:
f5:b2:ba:14:14:f7:ad:21:68:60:18:cd:e9:91:67:
3f:ef:82:08:a6:51:13:9a:ab:7a:aa:97:eb:c3:2f:
37:38:a7:89:69:bd:6e:bf:a2:32:bf:88:af:54:cd:
2e:d0:6e:e9:d8:c1:c0:83:03:80:70:56:09:43:68:
13:ed:35:c9:be:9b:5d:19:dc:ce:60:22:dd:52:f8:
21:de:38:50:93:a8:58:b9:c2:7d:d9:76:2d:9a:d5:
b4:1f:4c:b5:d3:01:bc:2c:80:4e:73:17:6e:6d:77:
25:41:2f:ab:a5:54:1f:f1:37:ce:c6:d7:7a:ba:97:
8b:f9:ea:81:67:c1:95:0b:52:0b:7f:68:9a:c1:07:
ce:94:31:05:9c:bf:27:59:6e:23:a3:65:31:ff:1f:
cb:58:03:37:6e:ff:0d:ca:21:99:8d:59:5c:c3:e1:
89:8e:8f:42:86:7f:06:21:b7:83:6a:6b:c1:b4:d0:
e8:ec:4e:96:6e:39:b6:0d:5d:7c:15:54:0a:cd:6a:
af:c0:ea:fd:cf:76:e5:49:f3:c5:af:d1:5c:01:3b:
af:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FC:96:D4:2E:C8:ED:7A:23:9C:92:58:77:6A:81:F8:5D:48:A9:0A
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/qfyW1C7I7XojnJJYd2qB-F1IqQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
31.210.50.0/24
77.92.145.0-77.92.146.255
77.92.153.0/24
78.135.66.0/24
185.17.139.0/24
188.132.129.0/24
188.132.153.0/24
188.132.168.0/24
188.132.183.0-188.132.186.255
188.132.199.0/24
188.132.201.0/24
188.132.206.0/23
Signature Algorithm: sha256WithRSAEncryption
76:f1:83:31:a4:5d:40:7f:33:fb:6b:f6:32:37:3f:76:26:bb:
58:fd:2e:b2:38:b2:0e:85:bb:58:f4:40:27:bb:25:58:b8:c8:
64:a4:25:de:49:e4:71:7a:00:8d:21:da:52:b3:af:de:cc:11:
23:47:6d:55:58:46:0f:26:b3:69:88:da:10:97:59:b5:67:17:
4c:ef:f8:1d:6f:3d:64:c1:84:35:55:09:e1:bb:fe:82:87:62:
1f:1b:8e:f6:be:55:92:4b:0b:30:73:63:62:68:69:44:6e:8f:
88:b7:27:17:03:e6:98:6f:b9:49:07:c9:dc:c6:51:01:03:28:
11:33:78:b7:0c:1c:b3:7f:84:75:92:af:2a:fe:c2:9b:35:ee:
e7:15:ff:70:57:f4:94:17:69:1f:d9:a7:c6:32:9a:ae:95:2a:
6d:cb:84:92:24:96:87:67:b3:5e:f6:8c:d0:91:bf:7a:23:b1:
77:98:01:f6:01:f6:16:95:3e:bc:30:99:75:3e:1e:8e:ee:d3:
7a:8c:c8:d1:5d:2a:48:13:05:dc:31:85:39:f7:95:c7:82:38:
5c:32:bf:56:cb:bc:08:bf:a7:ba:17:ba:6a:0a:78:ed:71:68:
b6:84:b3:e7:3a:49:ca:6f:75:75:d6:e9:2e:b0:bd:b2:f0:56:
71:0d:5e:f4
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAY3TXkm4aNVdNh2Z0q3kvsOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMjIzMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZjOTZkNDJlYzhlZDdhMjM5YzkyNTg3NzZhODFmODVkNDhhOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGzRHtbayc5Oi00TjQosEtkBzg2d
/KBCc9S+yvVmtyJg8t+S4uA9xyKm29H1sroUFPetIWhgGM3pkWc/74IIplETmqt6
qpfrwy83OKeJab1uv6Iyv4ivVM0u0G7p2MHAgwOAcFYJQ2gT7TXJvptdGdzOYCLd
Uvgh3jhQk6hYucJ92XYtmtW0H0y10wG8LIBOcxdubXclQS+rpVQf8TfOxtd6upeL
+eqBZ8GVC1ILf2iawQfOlDEFnL8nWW4jo2Ux/x/LWAM3bv8NyiGZjVlcw+GJjo9C
hn8GIbeDamvBtNDo7E6Wbjm2DV18FVQKzWqvwOr9z3blSfPFr9FcATuvSwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFKn8ltQuyO16I5ySWHdqgfhdSKkKMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvcWZ5VzFDN0k3WG9qbkpKWWQycUItRjFJcVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAH9IwAwQA
H9IyMAwDBABNXJEDBABNXJIDBABNXJkDBABOh0IDBAC5EYsDBAC8hIEDBAC8hJkD
BAC8hKgwDAMEALyEtwMEALyEugMEALyExwMEALyEyQMEAbyEzjANBgkqhkiG9w0B
AQsFAAOCAQEAdvGDMaRdQH8z+2v2Mjc/dia7WP0usjiyDoW7WPRAJ7slWLjIZKQl
3knkcXoAjSHaUrOv3swRI0dtVVhGDyazaYjaEJdZtWcXTO/4HW89ZMGENVUJ4bv+
godiHxuO9r5VkksLMHNjYmhpRG6PiLcnFwPmmG+5SQfJ3MZRAQMoETN4twwcs3+E
dZKvKv7CmzXu5xX/cFf0lBdpH9mnxjKarpUqbcuEkiSWh2ezXvaM0JG/eiOxd5gB
9gH2FpU+vDCZdT4eju7TeozI0V0qSBMF3DGFOfeVx4I4XDK/Vsu8CL+nuhe6agp4
7XFotoSz5zpJym91ddbpLrC9svBWcQ1e9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org