Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/J0f6tJk6iJ8VVvDG8QKacrz3aDs.roa
File: J0f6tJk6iJ8VVvDG8QKacrz3aDs.roa (raw, json)
Hash identifier: SEn4ms2kWkT+QcL1XzJHtRjDEPwmjeeD1zUW4TBBLRk=
Subject key identifier: 27:47:FA:B4:99:3A:88:9F:15:56:F0:C6:F1:02:9A:72:BC:F7:68:3B
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 0186F262CF44F542B509C8C824633D42D082
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/J0f6tJk6iJ8VVvDG8QKacrz3aDs.roa
Signing time: Sat 18 Mar 2023 01:43:27 +0000
ROA not before: Sat 18 Mar 2023 01:43:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
185.170.65.0/24 maxlen: 24
31.214.137.0/24 maxlen: 24
93.115.39.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
86.106.22.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 13 Oct 2023 07:24:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f2:62:cf:44:f5:42:b5:09:c8:c8:24:63:3d:42:d0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Mar 18 01:43:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2747fab4993a889f1556f0c6f1029a72bcf7683b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:00:ca:62:a8:1a:45:06:0f:d1:63:49:3a:ef:
95:88:40:12:81:e4:b5:99:92:e7:20:92:b7:a8:64:
61:1d:12:b8:66:13:4d:43:11:20:d2:e1:9c:8b:89:
02:dd:3b:18:22:6c:85:f9:d4:d7:95:1b:11:91:5a:
b4:88:02:b4:24:d2:56:c8:b4:d2:53:b0:3b:51:82:
09:90:18:9b:78:6b:70:ca:46:bc:77:3e:f8:9e:99:
cc:76:d6:50:ec:37:bc:d1:20:92:47:1c:cc:98:ed:
32:8d:8d:6a:05:8c:64:1b:6e:11:13:f5:da:eb:2c:
b9:d2:c2:73:e3:95:b6:3b:d7:7d:7e:14:bb:6c:0e:
56:ea:0c:cb:2c:d4:7b:a5:a2:18:bd:0e:55:ac:ab:
2c:66:51:47:56:d5:3b:08:3e:00:48:c8:72:f7:1c:
43:51:78:42:d4:20:61:4e:59:5a:17:79:29:6e:18:
a2:47:b4:e7:ad:16:4a:52:93:14:a4:bb:5a:f5:a6:
a7:e7:d8:7a:e4:e6:47:af:50:97:bb:05:a8:1d:02:
d1:17:37:fd:19:70:58:95:7a:2a:7f:f8:69:c8:2a:
6f:46:07:52:4d:67:49:ef:ae:e5:88:58:24:9e:02:
94:cc:91:e6:f9:fc:c7:f3:e6:a0:6e:38:49:c7:dc:
29:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:47:FA:B4:99:3A:88:9F:15:56:F0:C6:F1:02:9A:72:BC:F7:68:3B
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/J0f6tJk6iJ8VVvDG8QKacrz3aDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
86.106.22.0/24
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.170.65.0/24
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
04:ef:7a:55:8f:a0:20:19:07:45:23:75:ac:56:37:1c:45:1e:
78:b5:50:5e:3b:12:b7:e2:2c:17:18:12:8d:95:a8:ae:16:ab:
a5:40:7e:99:37:fd:6e:5c:1a:87:76:63:91:bf:10:27:fb:0b:
18:64:d1:65:d2:0d:fe:2f:64:e5:69:11:a5:7c:a9:f7:80:5c:
74:22:75:dd:d8:d5:10:d9:5c:af:56:93:22:1f:7b:c5:b8:33:
db:53:60:ce:ab:e1:9a:fb:e3:71:3b:92:36:c3:7a:d7:8a:39:
61:36:70:9a:7d:3a:60:19:99:39:24:f1:a6:69:6e:30:d1:54:
b6:14:6e:10:3a:03:a6:01:c0:89:5d:36:e8:31:49:13:45:2b:
0b:ba:12:f1:b8:38:1c:43:ba:61:e6:9d:9b:8a:a3:cf:e3:c1:
f2:42:f3:32:fc:56:94:e8:eb:49:59:bd:e2:56:73:76:45:21:
d3:bd:fd:d1:76:70:6e:21:d6:f5:50:ab:07:4f:2a:6b:50:94:
d1:a2:40:d1:aa:f9:0a:0f:8b:75:bb:6f:00:1b:41:4c:9f:a2:
ab:13:67:f0:db:43:f4:86:2e:1e:05:ba:24:84:ce:da:00:77:
e9:af:9e:25:df:ff:11:56:fd:15:f2:92:03:b9:fe:ab:00:b9:
91:82:75:e0
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYbyYs9E9UK1CcjIJGM9QtCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjMwMzE4MDE0MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQ3ZmFiNDk5M2E4ODlmMTU1NmYwYzZmMTAyOWE3MmJjZjc2ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgDKYqgaRQYP0WNJOu+ViEASgeS1
mZLnIJK3qGRhHRK4ZhNNQxEg0uGci4kC3TsYImyF+dTXlRsRkVq0iAK0JNJWyLTS
U7A7UYIJkBibeGtwyka8dz74npnMdtZQ7De80SCSRxzMmO0yjY1qBYxkG24RE/Xa
6yy50sJz45W2O9d9fhS7bA5W6gzLLNR7paIYvQ5VrKssZlFHVtU7CD4ASMhy9xxD
UXhC1CBhTllaF3kpbhiiR7TnrRZKUpMUpLta9aan59h65OZHr1CXuwWoHQLRFzf9
GXBYlXoqf/hpyCpvRgdSTWdJ767liFgkngKUzJHm+fzH8+agbjhJx9wpfQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCdH+rSZOoifFVbwxvECmnK892g7MB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvSjBmNnRKazZpSjhWVnZERzhRS2FjcnozYURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDB0BAIAATBuMAwDBAAf
1okDBAAf1ooDBAAf1owDBAAf1pEDBAMlncgDBABWahYDBARZ+sADBAFbhHADBABd
cycDBAOf/fADBAK5NYQDBAK5gJwDBAC5qkEDBAK5wtQDBAO8QSgDBADBWwQDBAHB
WwwDBADCBbQwFAQCAAIwDgMFACoBuOADBQAqAkyAMA0GCSqGSIb3DQEBCwUAA4IB
AQAE73pVj6AgGQdFI3WsVjccRR54tVBeOxK34iwXGBKNlaiuFqulQH6ZN/1uXBqH
dmORvxAn+wsYZNFl0g3+L2TlaRGlfKn3gFx0InXd2NUQ2VyvVpMiH3vFuDPbU2DO
q+Ga++NxO5I2w3rXijlhNnCafTpgGZk5JPGmaW4w0VS2FG4QOgOmAcCJXTboMUkT
RSsLuhLxuDgcQ7ph5p2biqPP48HyQvMy/FaU6OtJWb3iVnN2RSHTvf3RdnBuIdb1
UKsHTyprUJTRokDRqvkKD4t1u28AG0FMn6KrE2fw20P0hi4eBbokhM7aAHfpr54l
3/8RVv0V8pIDuf6rALmRgnXg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:01 2024 by rpki-client on console-ams.rpki-client.org