Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31GMuFt-raC5T_OrNVClr4UZXLU.roa
File: 31GMuFt-raC5T_OrNVClr4UZXLU.roa (raw, json)
Hash identifier: F/viJtNKDEzeW/1/Mzb9TXdmcSSQERu0KFH0D27g05A=
Subject key identifier: DF:51:8C:B8:5B:7E:AD:A0:B9:4F:F3:AB:35:50:A5:AF:85:19:5C:B5
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 01909BF83914A8EFD58C6EE6BD0467E57BEF
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31GMuFt-raC5T_OrNVClr4UZXLU.roa
Signing time: Wed 10 Jul 2024 09:27:34 +0000
ROA not before: Wed 10 Jul 2024 09:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/22 maxlen: 22
45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jul 2024 11:26:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:f8:39:14:a8:ef:d5:8c:6e:e6:bd:04:67:e5:7b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jul 10 09:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df518cb85b7eada0b94ff3ab3550a5af85195cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:98:53:7b:f8:86:7c:57:7f:a7:90:c6:37:b9:
b2:65:56:16:0e:a0:4d:22:51:d7:81:d8:64:1e:54:
be:c0:0f:d8:26:df:73:4a:46:3e:13:4a:f7:d4:ed:
0a:68:bf:bd:57:af:40:3a:4c:8c:60:fb:dc:aa:4c:
73:d8:8f:7d:37:e7:00:58:74:3a:99:85:95:72:83:
8a:4c:bd:ff:e9:1c:57:ca:0d:15:a0:57:32:89:79:
c3:38:cc:79:6a:aa:27:e1:b2:33:7b:e2:17:e3:ba:
4f:16:74:27:f7:03:c1:d0:8c:fd:50:98:c8:f1:da:
7f:7a:3e:f4:57:13:23:f2:33:ae:4c:a3:ff:6d:24:
28:7e:65:40:e2:27:9b:f5:3d:48:db:2a:9d:6e:53:
e2:00:5c:97:2f:8e:66:2f:6c:b5:50:7a:16:d9:4c:
c9:74:90:15:48:12:db:cc:2d:e6:b9:33:56:89:2b:
8a:10:54:58:cb:88:09:1f:64:e6:16:d6:b6:99:bc:
b2:70:bd:90:01:1b:f5:b8:ec:f9:10:a9:b0:a2:8f:
e2:6a:e9:0f:8d:45:c4:16:52:09:b7:a4:32:a5:af:
4d:63:9e:36:f8:7e:27:d3:18:08:af:10:a8:dd:f9:
89:a8:fa:c9:e8:81:c6:5d:fa:b5:e2:15:ea:87:05:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:51:8C:B8:5B:7E:AD:A0:B9:4F:F3:AB:35:50:A5:AF:85:19:5C:B5
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/31GMuFt-raC5T_OrNVClr4UZXLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0/22
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
36:4a:29:59:29:ee:d3:9a:64:50:fc:28:10:fb:e5:2f:12:42:
6c:f8:5e:6a:12:0c:d3:1c:8c:be:fa:1e:58:5d:21:68:7c:fb:
18:17:dd:96:ec:e5:70:5d:53:19:37:36:36:bf:1d:ed:be:1f:
4b:7c:73:eb:a4:84:ac:d0:0b:73:d0:82:91:cc:30:6d:58:42:
02:18:e1:ac:08:32:29:07:31:69:86:9a:9f:9e:6f:5f:b9:f9:
4f:85:3a:ca:9f:84:4e:19:7b:fc:19:d2:fb:a8:bf:6c:6d:9a:
23:46:b7:77:5c:2c:4e:43:f8:77:77:2e:6c:65:06:94:47:ed:
d8:0a:b9:02:f9:81:5e:81:c7:33:a7:ca:b6:74:cc:41:70:66:
96:c0:f9:65:19:1b:b1:aa:13:a8:d6:62:69:02:f8:1e:ae:dc:
85:2f:c7:df:ac:8e:37:47:e4:59:9b:2d:6b:0c:fd:84:11:90:
da:ac:ea:16:d6:57:a3:bf:70:c3:f1:9c:15:51:74:97:5b:5b:
d1:42:48:79:46:b6:5a:08:d6:20:ac:8c:f7:b4:fc:88:3d:82:
d6:bb:74:b4:3b:5a:f8:01:01:45:2e:5a:9d:cb:5d:25:ff:2b:
21:29:9c:c6:d2:89:30:32:be:f0:f7:13:0d:ff:1e:5a:78:84:
02:8d:ce:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZCb+DkUqO/VjG7mvQRn5XvvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjQwNzEwMDkyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjUxOGNiODViN2VhZGEwYjk0ZmYzYWIzNTUwYTVhZjg1MTk1Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJhTe/iGfFd/p5DGN7myZVYWDqBN
IlHXgdhkHlS+wA/YJt9zSkY+E0r31O0KaL+9V69AOkyMYPvcqkxz2I99N+cAWHQ6
mYWVcoOKTL3/6RxXyg0VoFcyiXnDOMx5aqon4bIze+IX47pPFnQn9wPB0Iz9UJjI
8dp/ej70VxMj8jOuTKP/bSQofmVA4ieb9T1I2yqdblPiAFyXL45mL2y1UHoW2UzJ
dJAVSBLbzC3muTNWiSuKEFRYy4gJH2TmFta2mbyycL2QARv1uOz5EKmwoo/iaukP
jUXEFlIJt6Qypa9NY542+H4n0xgIrxCo3fmJqPrJ6IHGXfq14hXqhwVQKwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFN9RjLhbfq2guU/zqzVQpa+FGVy1MB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvMzFHTXVGdC1yYUM1VF9Pck5WQ2xyNFVaWExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQCLQrgMAwD
BAItXnwDBAItXoADBAVVdiADBARbbbADBASAzOADBASN/5ADBAOyFDADBAK5dgAD
BAK5exgDBAK5sbQDBAW8eeADBATUVZAwFAQCAAIwDgMFACoAG4gDBQMqAiF4MA0G
CSqGSIb3DQEBCwUAA4IBAQA2SilZKe7TmmRQ/CgQ++UvEkJs+F5qEgzTHIy++h5Y
XSFofPsYF92W7OVwXVMZNzY2vx3tvh9LfHPrpISs0Atz0IKRzDBtWEICGOGsCDIp
BzFphpqfnm9fuflPhTrKn4ROGXv8GdL7qL9sbZojRrd3XCxOQ/h3dy5sZQaUR+3Y
CrkC+YFegcczp8q2dMxBcGaWwPllGRuxqhOo1mJpAvgertyFL8ffrI43R+RZmy1r
DP2EEZDarOoW1lejv3DD8ZwVUXSXW1vRQkh5RrZaCNYgrIz3tPyIPYLWu3S0O1r4
AQFFLlqdy10l/yshKZzG0okwMr7w9xMN/x5aeIQCjc6b
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:27:19 2025 by rpki-client