Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Dn70KmDJfQeuhDbYP5CAL5_QAQY.roa
File: Dn70KmDJfQeuhDbYP5CAL5_QAQY.roa (raw, json)
Hash identifier: 5fLICvTAoEnNXF2MZI1MEoyrPDNwWPMoUDQhKvz+1JE=
Subject key identifier: 0E:7E:F4:2A:60:C9:7D:07:AE:84:36:D8:3F:90:80:2F:9F:D0:01:06
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EBDAE7D7BA168CB95CA92B48F80243482
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Dn70KmDJfQeuhDbYP5CAL5_QAQY.roa
Signing time: Mon 08 Apr 2024 12:28:32 +0000
ROA not before: Mon 08 Apr 2024 12:28:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 19:55:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:ae:7d:7b:a1:68:cb:95:ca:92:b4:8f:80:24:34:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 8 12:28:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e7ef42a60c97d07ae8436d83f90802f9fd00106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:33:c6:9f:9c:49:7a:8b:8c:7b:63:f3:4c:
b1:db:5b:92:a0:36:f7:37:c7:61:3d:39:48:95:56:
a0:f6:df:ac:01:b1:97:73:1e:ae:9f:bd:07:f8:00:
13:c1:0a:64:01:22:44:45:6e:9a:60:39:ae:fd:b5:
ae:5e:78:68:7f:6f:dd:5c:9e:40:f5:49:c2:60:37:
a0:aa:df:13:55:60:60:23:4e:2e:be:02:4b:9f:f7:
53:48:e6:b6:86:ba:37:09:81:4d:af:90:5a:13:b3:
0e:8c:96:7c:2c:46:7d:fb:c0:56:42:0a:2c:aa:37:
be:1e:dc:3a:ae:d4:8f:dc:c5:3a:b8:84:29:c0:cd:
59:21:46:c8:b4:b9:cc:db:e0:eb:85:f6:2f:e7:f2:
49:8e:a2:ef:83:a2:8c:38:99:76:08:d6:e4:43:fa:
5b:97:c8:f4:28:58:0c:b4:34:bc:b4:fb:cd:39:d5:
66:2d:6b:69:f2:78:52:45:9f:37:c5:ae:32:84:e6:
76:cd:de:71:11:9a:aa:ae:93:e3:db:1f:67:d7:e5:
b8:e9:af:a2:49:b4:56:26:2a:e2:9a:92:3d:bd:50:
9d:8b:9c:5b:e0:d3:9c:b2:c0:bf:72:e0:6a:f1:b4:
30:48:93:ec:5e:27:98:95:e7:34:47:8d:6f:86:bb:
59:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7E:F4:2A:60:C9:7D:07:AE:84:36:D8:3F:90:80:2F:9F:D0:01:06
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/Dn70KmDJfQeuhDbYP5CAL5_QAQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
62.3.31.0/24
77.72.84.0/24
84.252.69.0/24
88.218.184.0/22
91.190.158.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.126.102.0/24
185.128.224.0/24
185.211.171.0/24
185.214.164.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.64.103.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5b:77:77:a1:05:c7:6e:ff:c4:a2:96:b6:40:c1:ec:da:c9:
98:2f:1a:c6:be:86:ee:11:20:af:2e:57:e0:22:17:9a:44:54:
5a:bc:8b:6e:fa:f6:20:36:59:86:d9:51:0d:26:26:7b:da:87:
f1:03:ce:d3:d4:11:6c:83:88:45:66:9a:c5:9b:6e:a3:c5:aa:
af:8a:23:c1:c0:43:f2:53:4a:6b:fa:1d:09:db:7a:11:92:60:
19:52:32:f5:67:01:d9:b5:b2:c0:e2:7c:ee:84:a8:4c:05:e9:
81:55:84:2e:90:e6:54:f1:8e:c3:c0:31:33:15:98:10:8f:81:
0d:a2:09:26:2e:ce:db:09:0d:4d:c5:8a:76:06:68:b2:58:1a:
5d:a9:6a:bd:02:e7:20:f1:e9:eb:cd:fb:f9:e2:fe:b7:74:8d:
37:9f:d8:1a:7a:a3:0f:c4:35:07:3d:1a:fb:db:0a:d9:94:ea:
dc:95:ce:59:b1:90:26:89:1f:8f:8b:39:7c:c8:f0:e9:bf:6e:
f9:20:0c:46:50:c0:fa:01:d8:bb:b7:72:62:2e:59:db:84:38:
c7:24:83:af:5f:bf:57:d4:68:6f:56:7d:9c:88:b5:3b:77:4e:
fe:40:86:9a:c6:d9:da:7b:2d:73:27:bc:13:17:d0:86:d4:16:
6d:14:53:ce
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY69rn17oWjLlcqStI+AJDSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA4MTIyODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTdlZjQyYTYwYzk3ZDA3YWU4NDM2ZDgzZjkwODAyZjlmZDAwMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk0zxp+cSXqLjHtj80yx21uSoDb3
N8dhPTlIlVag9t+sAbGXcx6un70H+AATwQpkASJERW6aYDmu/bWuXnhof2/dXJ5A
9UnCYDegqt8TVWBgI04uvgJLn/dTSOa2hro3CYFNr5BaE7MOjJZ8LEZ9+8BWQgos
qje+Htw6rtSP3MU6uIQpwM1ZIUbItLnM2+DrhfYv5/JJjqLvg6KMOJl2CNbkQ/pb
l8j0KFgMtDS8tPvNOdVmLWtp8nhSRZ83xa4yhOZ2zd5xEZqqrpPj2x9n1+W46a+i
SbRWJirimpI9vVCdi5xb4NOcssC/cuBq8bQwSJPsXieYlec0R41vhrtZuQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFA5+9CpgyX0HroQ22D+QgC+f0AEGMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRG43MEttREpmUWV1aERiWVA1Q0FMNV9RQVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAA+Ax8DBABNSFQDBABU/EUDBAJY
2rgDBABbvp4DBAFb79QDBACSE3gDBACS/7oDBACwfmYDBAC5gOADBAC506sDBAC5
1qQDBADB5IEDBADCO94DBADCPEwDBADDQGcDBADUaxkwDQYJKoZIhvcNAQELBQAD
ggEBAA1bd3ehBcdu/8SilrZAwezayZgvGsa+hu4RIK8uV+AiF5pEVFq8i2769iA2
WYbZUQ0mJnvah/EDztPUEWyDiEVmmsWbbqPFqq+KI8HAQ/JTSmv6HQnbehGSYBlS
MvVnAdm1ssDifO6EqEwF6YFVhC6Q5lTxjsPAMTMVmBCPgQ2iCSYuztsJDU3FinYG
aLJYGl2par0C5yDx6evN+/ni/rd0jTef2Bp6ow/ENQc9GvvbCtmU6tyVzlmxkCaJ
H4+LOXzI8Om/bvkgDEZQwPoB2Lu3cmIuWduEOMckg69fv1fUaG9WfZyItTt3Tv5A
hprG2dp7LXMnvBMX0IbUFm0UU84=
-----END CERTIFICATE-----
Generated at Tue Apr 9 21:27:02 2024 by rpki-client on console-fra.rpki-client.org