Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/dGifNzrYmQSsY-WQ0xMQ99uxNLs.roa
File: dGifNzrYmQSsY-WQ0xMQ99uxNLs.roa (raw, json)
Hash identifier: 9w+r6c6Emzthge8G6Lb3+rJl3VFHvLterMQGwuMe3/E=
Subject key identifier: 74:68:9F:37:3A:D8:99:04:AC:63:E5:90:D3:13:10:F7:DB:B1:34:BB
Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial: 018C26B14767F770A43F5CA69B369042730F
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/dGifNzrYmQSsY-WQ0xMQ99uxNLs.roa
Signing time: Fri 01 Dec 2023 18:43:21 +0000
ROA not before: Fri 01 Dec 2023 18:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42512
IP address blocks: 91.208.65.0/24 maxlen: 24
193.110.79.0/24 maxlen: 24
194.110.126.0/24 maxlen: 24
91.225.120.0/22 maxlen: 22
91.225.120.0/24 maxlen: 24
91.225.123.0/24 maxlen: 24
91.225.122.0/24 maxlen: 24
91.225.121.0/24 maxlen: 24
31.43.168.0/24 maxlen: 24
31.43.168.0/22 maxlen: 22
31.43.171.0/24 maxlen: 24
31.43.170.0/24 maxlen: 24
31.43.169.0/24 maxlen: 24
31.43.182.0/24 maxlen: 24
31.43.181.0/24 maxlen: 24
31.43.180.0/22 maxlen: 22
31.43.180.0/24 maxlen: 24
31.43.183.0/24 maxlen: 24
193.110.78.0/24 maxlen: 24
193.110.77.0/24 maxlen: 24
193.110.76.0/22 maxlen: 22
193.110.76.0/24 maxlen: 24
2001:67c:a28::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:b1:47:67:f7:70:a4:3f:5c:a6:9b:36:90:42:73:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Validity
Not Before: Dec 1 18:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74689f373ad89904ac63e590d31310f7dbb134bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:38:d9:52:7c:cb:10:d4:ba:e5:71:47:0f:3e:
bc:cf:8a:8a:bf:e0:2b:86:6a:3c:89:bd:52:bb:37:
37:e3:71:cb:cf:65:3b:35:98:82:7a:3e:bd:e5:4e:
65:a2:ed:59:f6:b2:0f:e0:b7:e4:53:b9:18:17:57:
ef:bd:34:c5:24:5c:c0:07:6f:55:4f:f3:b0:4b:d0:
86:c2:35:f3:fc:93:8d:20:c0:43:dc:50:ad:b9:f4:
2f:95:5a:29:97:da:06:a4:b3:29:28:2b:11:a0:55:
c8:5d:a8:a5:89:ae:82:96:18:41:f6:83:e0:e5:38:
8d:d3:a9:f6:b0:d1:e4:50:f4:f4:67:ea:78:c7:fd:
cf:1a:0c:25:7f:af:fa:fe:4e:59:4e:35:51:5c:bc:
9a:67:58:f2:89:09:25:c6:65:a3:08:f4:d8:fc:3b:
a1:75:b6:22:bf:88:27:50:0b:10:86:f3:b1:be:44:
5a:ec:37:63:80:02:74:cc:1e:b9:e4:bd:af:fb:06:
ad:82:5a:f3:bc:bd:75:51:60:fd:ed:f0:b4:ef:ca:
ea:c8:cc:1a:9c:f5:4f:0a:a4:fb:b6:2b:f7:c1:48:
01:c6:32:39:b2:05:ff:ff:48:bb:6e:10:88:81:93:
9c:2a:fc:f7:75:b0:17:83:5f:fe:33:0a:ad:c2:3b:
78:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:68:9F:37:3A:D8:99:04:AC:63:E5:90:D3:13:10:F7:DB:B1:34:BB
X509v3 Authority Key Identifier:
keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/dGifNzrYmQSsY-WQ0xMQ99uxNLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.168.0/22
31.43.180.0/22
91.208.65.0/24
91.225.120.0/22
193.110.76.0/22
194.110.126.0/24
IPv6:
2001:67c:a28::/48
Signature Algorithm: sha256WithRSAEncryption
c3:9b:92:f1:a2:5d:43:b8:4d:62:15:f8:f6:bf:10:06:8c:6b:
8b:d8:20:e9:71:db:bd:eb:3e:5c:e7:22:8b:e8:03:28:8d:15:
99:22:4b:20:6e:f3:2c:d1:75:09:ac:51:58:0a:f9:a9:67:66:
a3:44:77:6d:98:92:fc:9c:3a:6c:c1:1a:2b:0f:9a:ce:54:d5:
b4:49:99:cf:da:15:06:8f:c7:45:5a:6e:28:29:67:70:86:09:
b4:6e:53:0f:09:d0:14:4d:5a:b9:09:f9:3d:83:25:31:78:9f:
e2:81:bc:ee:7f:25:b0:33:e9:12:54:83:5e:1e:f6:d4:7e:45:
cf:13:b6:92:c3:f6:3d:15:94:ec:88:7d:76:38:38:b3:30:4c:
31:de:e7:a5:fe:e7:85:fe:c8:64:50:76:bf:ba:74:1d:27:c5:
3f:2e:4a:d1:58:5e:9d:3b:08:88:9f:31:b7:c9:57:0b:15:87:
58:a5:27:a9:7a:58:a6:ff:e0:ff:27:ae:e4:30:f3:ee:49:8f:
b3:4f:32:06:2e:b2:d5:0f:96:e2:80:c8:01:1d:7b:5d:05:72:
9e:4b:60:13:67:f6:77:ff:5e:84:e0:9c:52:87:a1:9b:43:06:
1a:ad:88:44:15:19:b1:c5:67:d7:a3:49:b4:71:26:87:bf:70:
5b:2c:33:09
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYwmsUdn93CkP1ymmzaQQnMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY3NjI4MmRmNTMyMDlhNThjMDMwMmU3NGY4YTk3Y2Ez
YWZmMDUwHhcNMjMxMjAxMTg0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY4OWYzNzNhZDg5OTA0YWM2M2U1OTBkMzEzMTBmN2RiYjEzNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzjZUnzLENS65XFHDz68z4qKv+Ar
hmo8ib1Suzc343HLz2U7NZiCej695U5lou1Z9rIP4LfkU7kYF1fvvTTFJFzAB29V
T/OwS9CGwjXz/JONIMBD3FCtufQvlVopl9oGpLMpKCsRoFXIXailia6ClhhB9oPg
5TiN06n2sNHkUPT0Z+p4x/3PGgwlf6/6/k5ZTjVRXLyaZ1jyiQklxmWjCPTY/Duh
dbYiv4gnUAsQhvOxvkRa7DdjgAJ0zB655L2v+watglrzvL11UWD97fC078rqyMwa
nPVPCqT7tiv3wUgBxjI5sgX//0i7bhCIgZOcKvz3dbAXg1/+Mwqtwjt4NQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHRonzc62JkErGPlkNMTEPfbsTS7MB8GA1UdIwQY
MBaAFOoPdigt9TIJpYwDAudPipfKOv8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgt
YmU3YzgxOTQ4MzI0LzEvZEdpZk56clltUVNzWS1XUTB4TVE5OXV4TkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgtYmU3YzgxOTQ4MzI0
LzEvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQCHyuoAwQC
Hyu0AwQAW9BBAwQCW+F4AwQCwW5MAwQAwm5+MA8EAgACMAkDBwAgAQZ8CigwDQYJ
KoZIhvcNAQELBQADggEBAMObkvGiXUO4TWIV+Pa/EAaMa4vYIOlx273rPlznIovo
AyiNFZkiSyBu8yzRdQmsUVgK+alnZqNEd22YkvycOmzBGisPms5U1bRJmc/aFQaP
x0VabigpZ3CGCbRuUw8J0BRNWrkJ+T2DJTF4n+KBvO5/JbAz6RJUg14e9tR+Rc8T
tpLD9j0VlOyIfXY4OLMwTDHe56X+54X+yGRQdr+6dB0nxT8uStFYXp07CIifMbfJ
VwsVh1ilJ6l6WKb/4P8nruQw8+5Jj7NPMgYustUPluKAyAEde10Fcp5LYBNn9nf/
XoTgnFKHoZtDBhqtiEQVGbHFZ9ejSbRxJoe/cFssMwk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:11 2024 by rpki-client on console-fra.rpki-client.org