Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/G0T19j2zeSNOlMAbHy9S-7zVNyw.roa
File: G0T19j2zeSNOlMAbHy9S-7zVNyw.roa (raw, json)
Hash identifier: TmolmNnu/buqAUWFCUEJXljRbpJNZ5W8EUTKoo35U4k=
Subject key identifier: 1B:44:F5:F6:3D:B3:79:23:4E:94:C0:1B:1F:2F:52:FB:BC:D5:37:2C
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 018CC79500E23AC82F51C0B9E5F790AA6A6F
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/G0T19j2zeSNOlMAbHy9S-7zVNyw.roa
Signing time: Tue 02 Jan 2024 00:31:20 +0000
ROA not before: Tue 02 Jan 2024 00:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
185.170.65.0/24 maxlen: 24
31.214.137.0/24 maxlen: 24
93.115.39.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
89.35.60.0/23 maxlen: 23
86.106.22.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
103.248.24.0/24 maxlen: 24
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jul 2024 14:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:00:e2:3a:c8:2f:51:c0:b9:e5:f7:90:aa:6a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Jan 2 00:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b44f5f63db379234e94c01b1f2f52fbbcd5372c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b7:90:21:40:b3:80:94:39:1c:99:7c:e5:70:
2c:0f:4a:f4:f4:07:30:a0:d8:4f:2d:1a:81:ac:7b:
99:c0:94:f7:c2:08:f4:61:7e:01:55:08:5f:da:c0:
6a:51:32:b9:ff:43:59:b3:ae:d9:63:04:96:a7:17:
47:7c:b1:a5:39:6b:e0:74:41:a9:14:15:05:c2:f8:
db:13:ac:e1:64:e2:56:7c:f5:bd:f8:31:b2:31:51:
53:56:59:c9:a4:36:45:3f:03:fa:6e:1d:99:25:cf:
d5:fb:52:e4:01:23:f7:fc:60:01:d3:65:92:f1:9d:
94:6e:73:bf:43:16:f2:76:57:51:b4:ae:34:97:60:
2f:b7:0f:1b:56:a1:36:c0:c4:1b:5f:85:c6:36:a2:
aa:fc:78:0a:5f:03:e0:9a:67:81:85:75:da:6e:d2:
e8:f3:8a:a6:15:df:0a:7a:4b:72:3f:d8:b0:35:57:
e4:73:a6:80:a2:03:6f:aa:a8:1f:32:54:d8:ee:a2:
8e:6d:ad:9e:f0:90:6b:9c:80:65:63:36:2c:0e:89:
db:b3:9e:f1:7e:cc:f9:cb:d5:85:37:4b:b4:9e:5e:
b9:d5:fc:18:7e:e1:e3:27:6b:14:ca:37:e1:dc:dd:
03:77:08:00:68:16:32:ae:36:96:10:b5:8b:99:50:
58:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:44:F5:F6:3D:B3:79:23:4E:94:C0:1B:1F:2F:52:FB:BC:D5:37:2C
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/G0T19j2zeSNOlMAbHy9S-7zVNyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
86.106.22.0/24
89.35.60.0/23
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
103.248.24.0/24
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.170.65.0/24
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
a0:db:0b:98:3a:95:1a:3b:6c:48:68:f3:11:5b:37:ad:30:4a:
37:ab:e8:30:fb:7e:f4:84:eb:45:28:7a:7e:9b:d2:b1:dd:35:
cf:0a:9d:f9:fa:5a:e0:35:3e:5c:26:69:2f:45:f8:5f:35:01:
cb:54:af:fb:72:87:8a:79:aa:21:10:01:4e:1b:ff:a0:35:81:
61:08:ed:d3:9b:b6:80:8d:11:f1:7c:7a:8d:83:69:74:84:97:
64:0f:2c:ed:c2:24:b5:fb:77:39:a6:2c:ec:4d:01:85:32:20:
45:c6:23:da:2a:84:53:f5:03:8c:eb:db:ff:b9:b5:39:e7:61:
13:76:1c:5c:9c:8a:0f:29:cf:6a:91:43:ea:cd:a2:6b:e3:93:
e1:80:6d:c6:ef:44:b7:03:5e:aa:34:ed:04:22:62:82:9d:7c:
67:b6:5e:e2:12:04:c2:43:26:9f:e4:54:dd:f3:66:47:c5:9a:
97:2b:7b:21:13:75:70:68:a1:eb:7d:61:f5:d0:7b:99:7d:e4:
a0:b1:5f:37:5a:b9:1b:49:d5:15:80:c1:c7:4b:da:0d:b6:0e:
38:78:cf:ed:48:a6:71:f2:2a:38:38:54:01:57:05:f6:ca:8a:
bb:66:67:7f:24:5f:c3:c8:0d:13:cb:14:0d:f2:56:33:42:12:
3d:6d:56:1a
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYzHlQDiOsgvUcC55feQqmpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjQwMTAyMDAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjQ0ZjVmNjNkYjM3OTIzNGU5NGMwMWIxZjJmNTJmYmJjZDUzNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbeQIUCzgJQ5HJl85XAsD0r09Acw
oNhPLRqBrHuZwJT3wgj0YX4BVQhf2sBqUTK5/0NZs67ZYwSWpxdHfLGlOWvgdEGp
FBUFwvjbE6zhZOJWfPW9+DGyMVFTVlnJpDZFPwP6bh2ZJc/V+1LkASP3/GAB02WS
8Z2UbnO/QxbydldRtK40l2Avtw8bVqE2wMQbX4XGNqKq/HgKXwPgmmeBhXXabtLo
84qmFd8KektyP9iwNVfkc6aAogNvqqgfMlTY7qKOba2e8JBrnIBlYzYsDonbs57x
fsz5y9WFN0u0nl651fwYfuHjJ2sUyjfh3N0DdwgAaBYyrjaWELWLmVBYyQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFBtE9fY9s3kjTpTAGx8vUvu81TcsMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvRzBUMTlqMnplU05PbE1BYkh5OVMtN3pWTnl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwejAMAwQA
H9aJAwQAH9aKAwQAH9aMAwQAH9aRAwQDJZ3IAwQAVmoWAwQBWSM8AwQEWfrAAwQB
W4RwAwQAXXMnAwQAZ/gYAwQDn/3wAwQCuTWEAwQCuYCcAwQAuapBAwQCucLUAwQD
vEEoAwQAwVsEAwQBwVsMAwQAwgW0MBQEAgACMA4DBQAqAbjgAwUAKgJMgDANBgkq
hkiG9w0BAQsFAAOCAQEAoNsLmDqVGjtsSGjzEVs3rTBKN6voMPt+9ITrRSh6fpvS
sd01zwqd+fpa4DU+XCZpL0X4XzUBy1Sv+3KHinmqIRABThv/oDWBYQjt05u2gI0R
8Xx6jYNpdISXZA8s7cIktft3OaYs7E0BhTIgRcYj2iqEU/UDjOvb/7m1OedhE3Yc
XJyKDynPapFD6s2ia+OT4YBtxu9EtwNeqjTtBCJigp18Z7Ze4hIEwkMmn+RU3fNm
R8Walyt7IRN1cGih631h9dB7mX3koLFfN1q5G0nVFYDBx0vaDbYOOHjP7UimcfIq
ODhUAVcF9sqKu2ZnfyRfw8gNE8sUDfJWM0ISPW1WGg==
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:11:28 2024 by rpki-client on console-fra.rpki-client.org