Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k8QlN3Ra3dVttLsUNzbkZX2y5WY.roa
File: k8QlN3Ra3dVttLsUNzbkZX2y5WY.roa (raw, json)
Hash identifier: peagflTVZJbf1VmS55Vbgc1vWqRh9CpPZBeK+bXshxM=
Subject key identifier: 93:C4:25:37:74:5A:DD:D5:6D:B4:BB:14:37:36:E4:65:7D:B2:E5:66
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019328D5F1D76FFD4FD6ED781C46C9E985B3
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k8QlN3Ra3dVttLsUNzbkZX2y5WY.roa
Signing time: Thu 14 Nov 2024 04:02:09 +0000
ROA not before: Thu 14 Nov 2024 04:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 31.14.10.0/24 maxlen: 24
93.115.175.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
193.228.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Dec 2024 09:07:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:28:d5:f1:d7:6f:fd:4f:d6:ed:78:1c:46:c9:e9:85:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 14 04:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93c42537745addd56db4bb143736e4657db2e566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:8a:bf:52:22:d8:69:b8:a2:25:27:7b:e0:
37:fc:34:72:8a:a4:8f:6d:08:e4:98:62:df:a0:f4:
0d:5e:36:06:77:33:a3:c8:40:a6:d7:31:a8:9d:72:
f7:d5:9a:49:03:5e:37:9c:46:2c:34:98:90:85:d5:
2a:44:bd:96:c0:93:2a:a1:cf:14:48:e7:ab:92:09:
0f:0d:82:c4:2d:3a:74:6f:53:cd:7b:9f:21:21:55:
aa:8d:0d:ab:83:b6:83:2b:49:ac:34:7c:a0:7e:3b:
a8:01:de:5f:dc:f6:d1:1f:1d:ce:3d:28:c8:b5:24:
5b:46:a8:79:e6:84:57:3c:11:f2:47:1e:0f:03:d4:
42:7f:9b:bb:83:ce:49:42:cc:9e:18:ac:4e:ed:de:
65:b2:5b:3a:f2:b9:43:ff:c0:db:bc:62:14:00:99:
e2:e6:86:3b:33:f5:1c:3d:cc:22:04:99:aa:b3:bd:
67:d9:19:e4:96:b3:fc:c3:60:49:4c:5e:83:02:5e:
21:4e:27:49:69:e0:b9:8f:ef:05:74:ae:78:18:d7:
7c:bc:0a:f8:73:9b:c2:04:1f:05:40:42:bd:06:73:
9f:7d:25:a4:3c:f3:49:53:28:97:ab:40:03:79:91:
a7:6c:67:06:68:68:bb:d4:e7:ee:64:a3:0e:88:c2:
94:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C4:25:37:74:5A:DD:D5:6D:B4:BB:14:37:36:E4:65:7D:B2:E5:66
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/k8QlN3Ra3dVttLsUNzbkZX2y5WY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.10.0/24
93.115.175.0/24
185.212.119.0/24
193.228.139.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f6:bc:da:5e:02:04:e7:5f:60:a6:cb:2b:e9:14:e1:2d:9a:
7c:c9:aa:92:f8:4b:e0:ca:cc:d1:dd:4c:41:9a:0d:35:30:f9:
28:b7:f7:73:45:eb:d3:79:81:dc:e4:21:f5:45:86:34:58:aa:
aa:e8:5b:0b:4d:32:6a:ed:88:30:b0:83:b7:ec:8c:68:c0:19:
90:54:f2:0f:af:c4:73:dc:53:a3:f9:09:d5:12:3b:bf:0c:24:
ee:c7:35:07:06:6e:1b:34:48:72:55:22:50:71:24:e0:19:2b:
46:c9:b2:c8:92:46:3a:bb:42:71:bd:26:30:f0:5b:bc:dd:9d:
c7:10:bf:bf:b1:0d:e1:70:4d:f5:c7:54:3b:b1:7e:24:00:6b:
c0:46:e8:00:3c:74:af:5e:05:33:91:3a:df:32:34:96:ec:27:
90:be:21:da:b9:57:20:7d:6f:ec:85:f1:b4:35:9c:06:94:3e:
ac:d3:63:8e:37:e0:50:cd:04:d8:78:5c:c8:10:bd:5e:1d:4a:
e7:ed:e4:db:26:35:e7:93:17:68:4d:42:24:c2:79:e2:71:e4:
71:a8:d6:6b:42:59:fa:c1:18:ff:b5:92:d3:b1:45:0f:1b:9b:
91:a1:c9:7f:c4:90:24:c4:2d:24:e7:82:a0:81:86:49:66:8d:
fa:7b:b5:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMo1fHXb/1P1u14HEbJ6YWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTE0MDQwMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2M0MjUzNzc0NWFkZGQ1NmRiNGJiMTQzNzM2ZTQ2NTdkYjJlNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCKv1Ii2Gm4oiUne+A3/DRyiqSP
bQjkmGLfoPQNXjYGdzOjyECm1zGonXL31ZpJA143nEYsNJiQhdUqRL2WwJMqoc8U
SOerkgkPDYLELTp0b1PNe58hIVWqjQ2rg7aDK0msNHygfjuoAd5f3PbRHx3OPSjI
tSRbRqh55oRXPBHyRx4PA9RCf5u7g85JQsyeGKxO7d5lsls68rlD/8DbvGIUAJni
5oY7M/UcPcwiBJmqs71n2RnklrP8w2BJTF6DAl4hTidJaeC5j+8FdK54GNd8vAr4
c5vCBB8FQEK9BnOffSWkPPNJUyiXq0ADeZGnbGcGaGi71OfuZKMOiMKUDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJPEJTd0Wt3VbbS7FDc25GV9suVmMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvazhRbE4zUmEzZFZ0dExzVU56YmtaWDJ5NVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHw4KAwQA
XXOvAwQAudR3AwQAweSLMA0GCSqGSIb3DQEBCwUAA4IBAQBU9rzaXgIE519gpssr
6RThLZp8yaqS+EvgyszR3UxBmg01MPkot/dzRevTeYHc5CH1RYY0WKqq6FsLTTJq
7YgwsIO37IxowBmQVPIPr8Rz3FOj+QnVEju/DCTuxzUHBm4bNEhyVSJQcSTgGStG
ybLIkkY6u0JxvSYw8Fu83Z3HEL+/sQ3hcE31x1Q7sX4kAGvARugAPHSvXgUzkTrf
MjSW7CeQviHauVcgfW/shfG0NZwGlD6s02OON+BQzQTYeFzIEL1eHUrn7eTbJjXn
kxdoTUIkwnniceRxqNZrQln6wRj/tZLTsUUPG5uRocl/xJAkxC0k54KggYZJZo36
e7XA
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:17 2025 by rpki-client