Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/ULrNlBs8n5lEEsCWdktvFatc7NI.roa
File: ULrNlBs8n5lEEsCWdktvFatc7NI.roa (raw, json)
Hash identifier: EoBQf1yonnd6t9gi17jlhbfiTHr/rx1QYpintbeyJ0k=
Subject key identifier: 50:BA:CD:94:1B:3C:9F:99:44:12:C0:96:76:4B:6F:15:AB:5C:EC:D2
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 018F8FE13955898670823D2A412D735324EF
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/ULrNlBs8n5lEEsCWdktvFatc7NI.roa
Signing time: Sun 19 May 2024 08:04:13 +0000
ROA not before: Sun 19 May 2024 08:04:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42925
IP address blocks: 31.44.128.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.136.0/21 maxlen: 24
37.60.40.0/21 maxlen: 24
37.60.40.0/22 maxlen: 24
37.60.44.0/22 maxlen: 24
95.86.64.0/18 maxlen: 24
95.86.64.0/19 maxlen: 24
95.86.96.0/19 maxlen: 24
147.236.102.0/23 maxlen: 24
147.236.212.0/22 maxlen: 24
147.236.224.0/22 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.120.0/21 maxlen: 24
185.10.64.0/22 maxlen: 24
185.139.229.0/24 maxlen: 24
212.76.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.112.0/20 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
213.151.48.0/20 maxlen: 24
2a01:6500::/29 maxlen: 29
2a01:6500::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a040::/46 maxlen: 46
2a01:6500:a044::/46 maxlen: 46
2a01:6500:a048::/46 maxlen: 46
2a01:6500:a050::/46 maxlen: 46
2a01:6500:a054::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6502:a58::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6504::/32 maxlen: 32
2a01:6505::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6507::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 May 2024 12:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8f:e1:39:55:89:86:70:82:3d:2a:41:2d:73:53:24:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: May 19 08:04:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50bacd941b3c9f994412c096764b6f15ab5cecd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:97:05:e0:04:19:5e:5e:f3:6f:60:cf:77:91:
24:83:ab:3f:48:b5:5b:8c:a7:06:be:59:76:e6:5b:
c5:e3:5f:1c:3d:ec:dc:a6:c5:f6:20:2c:83:79:38:
cc:34:33:29:55:6e:a9:49:53:fd:20:fb:a2:5f:d9:
94:d3:9f:45:92:65:eb:08:b7:bf:58:9f:63:b7:bf:
3c:32:5b:21:20:19:31:16:7d:d5:a4:f6:e5:c5:82:
33:d0:f1:8d:a3:ed:72:4b:58:77:ca:3c:b9:08:f2:
2f:72:47:10:97:9b:75:e2:3b:ee:e2:b8:7d:72:64:
70:b3:38:e5:98:cc:eb:8f:bb:5e:b0:99:fc:db:32:
b0:f3:b4:ec:e6:fb:a3:e3:90:94:f1:81:3a:56:25:
b1:64:b3:d2:d9:ed:78:6b:97:7e:89:3d:d6:6b:9d:
82:74:ba:b6:b2:10:b2:e7:95:4d:c7:f6:b9:5f:b8:
c4:64:89:49:8d:2a:bf:14:89:d6:08:89:97:47:89:
db:a7:35:d8:ab:86:ac:21:c0:54:ca:ad:df:17:51:
1f:c1:6e:31:43:38:dc:a6:42:15:be:bd:9e:5e:b4:
04:99:4c:09:d3:5d:68:17:fc:71:9a:27:cd:b0:4a:
d7:a0:16:75:13:bc:69:da:78:91:9d:29:15:24:4d:
10:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BA:CD:94:1B:3C:9F:99:44:12:C0:96:76:4B:6F:15:AB:5C:EC:D2
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/ULrNlBs8n5lEEsCWdktvFatc7NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.102.0/23
147.236.212.0/22
147.236.224.0/22
164.138.112.0/20
185.10.64.0/22
185.139.229.0/24
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
03:99:41:09:1b:11:67:c8:fe:15:bf:03:58:2d:aa:6c:39:04:
35:d0:2e:75:db:28:23:fb:b3:09:27:1d:33:fc:04:2c:87:6d:
c3:67:94:03:99:bc:20:97:67:17:5a:8a:65:4c:42:71:1f:28:
3e:55:a4:0f:77:fa:ec:48:2b:07:3d:d0:42:5d:17:da:79:2b:
90:4f:e7:0c:25:c4:a2:40:65:66:71:3f:8d:e2:b6:a5:55:ac:
a7:ec:eb:3a:fe:e5:dc:ac:a0:c1:78:99:7e:17:37:11:0e:1f:
d4:14:a7:3e:3f:ff:0d:56:1e:20:77:ca:76:f7:b6:0d:3c:ea:
ae:b2:81:a0:6a:4c:7e:4b:cd:1d:18:25:53:5f:c7:49:b6:cc:
01:b7:24:0f:f8:55:e9:58:5b:26:99:79:37:54:4a:0c:55:f0:
9b:24:74:10:6d:4f:d5:5e:2b:4c:74:d1:30:5e:fb:bc:4e:a6:
dd:8f:2f:1d:e3:72:a5:27:9e:a9:d4:ba:b8:b0:af:b1:c3:85:
c2:55:11:2a:03:75:70:59:30:86:9c:7f:a1:05:24:81:e3:ca:
d3:87:57:e3:fc:1d:a0:c3:f7:5b:5d:df:48:5b:ec:1e:33:67:
64:06:64:ca:1f:47:f0:3b:09:a4:ba:f4:b6:97:17:ae:18:c8:
39:e7:5b:c1
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY+P4TlViYZwgj0qQS1zUyTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjQwNTE5MDgwNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJhY2Q5NDFiM2M5Zjk5NDQxMmMwOTY3NjRiNmYxNWFiNWNlY2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpcF4AQZXl7zb2DPd5Ekg6s/SLVb
jKcGvll25lvF418cPezcpsX2ICyDeTjMNDMpVW6pSVP9IPuiX9mU059FkmXrCLe/
WJ9jt788MlshIBkxFn3VpPblxYIz0PGNo+1yS1h3yjy5CPIvckcQl5t14jvu4rh9
cmRwszjlmMzrj7tesJn82zKw87Ts5vuj45CU8YE6ViWxZLPS2e14a5d+iT3Wa52C
dLq2shCy55VNx/a5X7jEZIlJjSq/FInWCImXR4nbpzXYq4asIcBUyq3fF1EfwW4x
QzjcpkIVvr2eXrQEmUwJ011oF/xxmifNsErXoBZ1E7xp2niRnSkVJE0QNQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFFC6zZQbPJ+ZRBLAlnZLbxWrXOzSMB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvVUxyTmxCczhuNWxFRXNDV2RrdHZGYXRjN05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEHyyAAwQD
JTwoAwQGX1ZAAwQBk+xmAwQCk+zUAwQCk+zgAwQEpIpwAwQCuQpAAwQAuYvlAwQF
1ExgAwQF1ZcgMA0EAgACMAcDBQMqAWUAMA0GCSqGSIb3DQEBCwUAA4IBAQADmUEJ
GxFnyP4VvwNYLapsOQQ10C512ygj+7MJJx0z/AQsh23DZ5QDmbwgl2cXWoplTEJx
Hyg+VaQPd/rsSCsHPdBCXRfaeSuQT+cMJcSiQGVmcT+N4ralVayn7Os6/uXcrKDB
eJl+FzcRDh/UFKc+P/8NVh4gd8p297YNPOqusoGgakx+S80dGCVTX8dJtswBtyQP
+FXpWFsmmXk3VEoMVfCbJHQQbU/VXitMdNEwXvu8Tqbdjy8d43KlJ56p1Lq4sK+x
w4XCVREqA3VwWTCGnH+hBSSB48rTh1fj/B2gw/dbXd9IW+weM2dkBmTKH0fwOwmk
uvS2lxeuGMg551vB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:34 2025 by rpki-client