Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/I2qi5g5xrvYpQySji9d_HeLlRUc.roa
File: I2qi5g5xrvYpQySji9d_HeLlRUc.roa (raw, json)
Hash identifier: daI0bwkoSoi2uFRU2sGyx9nx+rmtyIjj9nILs533JxQ=
Subject key identifier: 23:6A:A2:E6:0E:71:AE:F6:29:43:24:A3:8B:D7:7F:1D:E2:E5:45:47
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018C162264C003D53A4BBEF2438591F07D1A
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/I2qi5g5xrvYpQySji9d_HeLlRUc.roa
Signing time: Tue 28 Nov 2023 13:33:21 +0000
ROA not before: Tue 28 Nov 2023 13:33:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43395
IP address blocks: 31.58.238.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
94.182.57.0/24 maxlen: 24
151.247.232.0/22 maxlen: 22
94.182.56.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
94.182.56.0/24 maxlen: 24
94.182.58.0/24 maxlen: 24
94.182.59.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
94.182.61.0/24 maxlen: 24
94.182.63.0/24 maxlen: 24
94.182.62.0/24 maxlen: 24
151.247.236.0/22 maxlen: 22
151.247.240.0/24 maxlen: 24
94.182.60.0/22 maxlen: 22
94.182.60.0/24 maxlen: 24
151.247.236.0/24 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.58.254.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:22:64:c0:03:d5:3a:4b:be:f2:43:85:91:f0:7d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Nov 28 13:33:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=236aa2e60e71aef6294324a38bd77f1de2e54547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b3:5a:fa:c9:3b:d7:b0:eb:1b:25:84:8b:1c:
29:a9:4f:2e:12:b0:2e:fa:92:36:a7:a2:22:00:e7:
c6:7e:fd:4b:4d:24:bd:f3:15:e9:8b:a0:ec:1c:fb:
01:1c:7c:7b:d8:27:e3:10:f9:d9:3f:2a:ec:9e:1b:
d6:a6:73:63:b1:d8:aa:c4:40:bd:32:e9:38:4b:9a:
0e:5f:21:b6:81:88:f5:cc:d5:02:bf:0c:e2:b2:25:
28:a2:06:01:d6:05:1c:75:6c:80:5f:fb:ab:bc:be:
7b:8e:74:94:d2:8e:f9:5a:5a:3f:e3:44:09:2a:00:
89:a9:2f:d4:8a:eb:6f:10:7e:cd:50:6e:51:5a:d0:
d8:e0:54:64:86:7c:22:bd:ad:0c:c0:03:15:14:d3:
85:bd:91:21:59:00:95:b1:5a:7d:14:4b:7a:b1:91:
83:81:b3:e0:17:f9:50:01:cc:d2:f3:dd:8d:54:17:
96:19:dd:d0:b0:3a:30:d2:30:c5:e8:e0:57:6f:df:
42:57:0a:b1:ad:15:c7:ed:cb:8c:70:24:29:1f:94:
7f:f3:81:27:c6:a6:31:60:d1:19:cd:a2:63:0c:68:
ae:71:b8:80:c1:6f:67:8f:c3:c1:cd:55:ca:51:86:
90:64:63:46:b3:be:10:19:0b:29:1b:6d:79:1e:73:
41:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6A:A2:E6:0E:71:AE:F6:29:43:24:A3:8B:D7:7F:1D:E2:E5:45:47
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/I2qi5g5xrvYpQySji9d_HeLlRUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.1.255
31.59.12.0/22
94.182.56.0/21
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
75:da:eb:57:62:a0:7d:68:89:11:d3:2a:98:83:d8:ad:73:5e:
b3:3b:19:8f:d0:79:25:71:09:81:f8:03:bf:99:df:c4:13:54:
b9:2a:67:26:91:f7:25:6a:26:25:ab:be:c1:f6:16:33:55:f2:
7e:b6:04:aa:21:d2:71:12:57:0d:d1:f0:31:21:fa:58:8b:16:
10:5b:51:d5:e3:f6:73:75:dd:98:b6:b8:cf:15:3d:4f:43:b5:
e8:6e:f4:e5:07:4c:0e:f0:59:5b:f4:56:0e:98:1b:e8:10:7c:
c5:86:7d:f6:d7:3a:32:9c:ac:12:5b:3c:76:69:0b:07:5f:a3:
a6:a3:60:be:0f:5c:6c:90:95:b8:17:af:2b:1e:7b:ff:d2:46:
41:bc:ad:38:f5:f6:b5:f8:8a:ec:b1:2c:8d:80:17:62:a6:8c:
89:8d:7c:da:28:2f:f8:7d:6e:93:ca:0c:a2:0e:87:06:03:60:
50:af:ad:34:7e:53:de:e7:f5:09:b8:d1:f9:cf:a6:64:d0:ad:
8d:34:30:fd:98:83:b3:e8:ac:9c:13:41:ce:29:99:34:a8:77:
d5:7a:09:1c:b8:39:6c:52:fb:0d:21:13:a8:88:bd:2d:3e:ab:
0f:8b:2d:23:3a:42:60:13:36:1f:c9:c9:b5:51:79:ac:b7:21:
5e:31:0d:52
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYwWImTAA9U6S77yQ4WR8H0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMTI4MTMzMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzZhYTJlNjBlNzFhZWY2Mjk0MzI0YTM4YmQ3N2YxZGUyZTU0NTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbNa+sk717DrGyWEixwpqU8uErAu
+pI2p6IiAOfGfv1LTSS98xXpi6DsHPsBHHx72CfjEPnZPyrsnhvWpnNjsdiqxEC9
Muk4S5oOXyG2gYj1zNUCvwzisiUoogYB1gUcdWyAX/urvL57jnSU0o75Wlo/40QJ
KgCJqS/UiutvEH7NUG5RWtDY4FRkhnwiva0MwAMVFNOFvZEhWQCVsVp9FEt6sZGD
gbPgF/lQAczS892NVBeWGd3QsDow0jDF6OBXb99CVwqxrRXH7cuMcCQpH5R/84En
xqYxYNEZzaJjDGiucbiAwW9nj8PBzVXKUYaQZGNGs74QGQspG215HnNBgwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCNqouYOca72KUMko4vXfx3i5UVHMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvSTJxaTVnNXhydllwUXlTamk5ZF9IZUxsUlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAIfOuwD
BAEfOwADBAIfOwwDBANetjgwDAMEApf35AMEAZf38DANBgkqhkiG9w0BAQsFAAOC
AQEAddrrV2KgfWiJEdMqmIPYrXNeszsZj9B5JXEJgfgDv5nfxBNUuSpnJpH3JWom
Jau+wfYWM1XyfrYEqiHScRJXDdHwMSH6WIsWEFtR1eP2c3XdmLa4zxU9T0O16G70
5QdMDvBZW/RWDpgb6BB8xYZ99tc6MpysEls8dmkLB1+jpqNgvg9cbJCVuBevKx57
/9JGQbytOPX2tfiK7LEsjYAXYqaMiY182igv+H1uk8oMog6HBgNgUK+tNH5T3uf1
CbjR+c+mZNCtjTQw/ZiDs+isnBNBzimZNKh31XoJHLg5bFL7DSETqIi9LT6rD4st
IzpCYBM2H8nJtVF5rLchXjENUg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:22 2024 by rpki-client on console-ams.rpki-client.org