Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/x7xrT-sLZ9Scjiu3Xx5YXatza_I.roa
File: x7xrT-sLZ9Scjiu3Xx5YXatza_I.roa (raw, json)
Hash identifier: w5CzPy6HuSLqVNoVQgp+p2eGYHCUpohTj+ywrKss2D0=
Subject key identifier: C7:BC:6B:4F:EB:0B:67:D4:9C:8E:2B:B7:5F:1E:58:5D:AB:73:6B:F2
Certificate issuer: /CN=668e9b2eefb205342382b6072a903f9d9837071a
Certificate serial: 018F764D911961995B180BA8E7475DB6C883
Authority key identifier: 66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/x7xrT-sLZ9Scjiu3Xx5YXatza_I.roa
Signing time: Tue 14 May 2024 08:52:25 +0000
ROA not before: Tue 14 May 2024 08:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44056
IP address blocks: 31.135.224.0/20 maxlen: 20
31.135.226.0/23 maxlen: 23
31.135.228.0/22 maxlen: 22
31.135.232.0/22 maxlen: 22
31.135.236.0/23 maxlen: 23
46.148.128.0/20 maxlen: 20
46.148.128.0/22 maxlen: 22
46.148.143.0/24 maxlen: 24
83.97.104.0/21 maxlen: 21
91.195.130.0/23 maxlen: 23
91.230.146.0/24 maxlen: 24
91.237.186.0/23 maxlen: 23
91.237.186.0/24 maxlen: 24
91.237.187.0/24 maxlen: 24
109.196.64.0/20 maxlen: 24
109.196.64.0/22 maxlen: 22
109.196.68.0/22 maxlen: 22
176.125.192.0/19 maxlen: 19
195.2.238.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 May 2024 07:41:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:4d:91:19:61:99:5b:18:0b:a8:e7:47:5d:b6:c8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668e9b2eefb205342382b6072a903f9d9837071a
Validity
Not Before: May 14 08:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7bc6b4feb0b67d49c8e2bb75f1e585dab736bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e6:28:cf:2a:d5:3f:f5:eb:77:f3:01:a6:04:
8e:51:39:c3:ab:7c:f3:1c:51:f7:91:8e:43:e6:6a:
f7:e7:2b:ca:6f:c5:83:03:a3:24:94:09:ee:2b:55:
cb:a1:f2:49:68:f4:ec:68:88:94:63:bd:73:f3:95:
6a:f5:ff:da:c4:83:aa:37:f1:14:ca:54:92:60:2f:
dc:e1:b2:04:bc:1e:ca:6d:c9:29:35:2a:e9:67:dc:
3b:10:2c:40:58:1f:5b:c1:46:48:3c:d6:85:90:44:
d3:dd:5e:23:0d:a7:35:c1:85:0c:c3:14:d9:6d:e1:
5a:7b:81:c7:d8:b1:8b:1a:aa:15:2d:72:8f:41:e4:
d6:a5:eb:39:9e:ae:35:62:ae:aa:ba:2f:bb:4f:76:
71:55:d6:c0:67:ff:37:b0:5f:fd:17:94:a7:36:d4:
d0:48:dc:d4:f8:25:f4:27:85:cb:eb:55:c2:f6:f1:
f2:a1:03:2a:42:99:15:7a:52:2f:81:a3:f8:7b:0e:
e9:b7:1e:98:69:32:04:09:ba:7d:3e:d5:67:bd:83:
94:36:5e:cd:b5:c4:b5:19:21:59:2e:be:a0:7a:c1:
b6:6b:9e:d2:b6:3c:f6:a7:af:67:02:4f:41:b8:1c:
ac:4d:b2:83:52:35:e4:37:04:3e:87:13:5a:3a:c0:
2c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BC:6B:4F:EB:0B:67:D4:9C:8E:2B:B7:5F:1E:58:5D:AB:73:6B:F2
X509v3 Authority Key Identifier:
keyid:66:8E:9B:2E:EF:B2:05:34:23:82:B6:07:2A:90:3F:9D:98:37:07:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/x7xrT-sLZ9Scjiu3Xx5YXatza_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4a1305-391c-446c-9a33-4c08ffe10076/1/Zo6bLu-yBTQjgrYHKpA_nZg3Bxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.224.0/20
46.148.128.0/20
83.97.104.0/21
91.195.130.0/23
91.230.146.0/24
91.237.186.0/23
109.196.64.0/20
176.125.192.0/19
195.2.238.0/23
Signature Algorithm: sha256WithRSAEncryption
92:1b:58:0e:17:d8:e5:80:c0:78:08:92:da:42:c0:52:05:06:
69:1a:a5:ec:fe:d0:3a:24:53:4d:a5:a4:ce:4b:db:38:06:ea:
b2:31:63:d1:10:1e:30:cb:b3:47:67:ed:b0:38:1e:ae:bd:d9:
51:ca:cd:1c:06:2d:ab:c2:6d:bd:79:0c:bb:8b:49:5b:65:56:
32:4e:09:7c:c1:b1:12:7f:9c:8c:ce:41:8b:81:38:9f:1a:15:
a9:a2:f2:83:62:4d:58:53:cb:b8:fb:76:80:58:1e:4d:a0:7a:
a7:22:ea:79:9d:e7:f8:fe:dd:32:dd:c9:4d:c2:88:8b:c0:52:
a8:61:92:23:14:b5:c3:61:dd:a5:b0:17:50:9e:a7:4a:b7:dc:
e6:a9:bc:2f:df:62:5a:61:58:9e:b5:d4:cd:a0:61:ef:02:26:
ed:c2:9b:99:90:6e:8d:b5:ba:54:ed:1c:80:7e:f2:7c:2e:fa:
38:5a:26:0b:37:6b:72:7e:ea:66:0e:2a:9d:2f:87:15:48:91:
06:21:18:37:b9:01:2b:02:1d:6c:16:f8:c0:e3:c1:d4:fd:70:
7b:26:2f:06:d6:19:76:8d:42:e2:9a:d5:c7:6e:fb:28:d6:5e:
11:c9:5d:54:4a:87:cd:6d:1e:3c:75:d1:c1:93:23:85:43:b4:
93:10:58:6e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY92TZEZYZlbGAuo50ddtsiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGU5YjJlZWZiMjA1MzQyMzgyYjYwNzJhOTAzZjlkOTgz
NzA3MWEwHhcNMjQwNTE0MDg1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JjNmI0ZmViMGI2N2Q0OWM4ZTJiYjc1ZjFlNTg1ZGFiNzM2YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uYozyrVP/Xrd/MBpgSOUTnDq3zz
HFH3kY5D5mr35yvKb8WDA6MklAnuK1XLofJJaPTsaIiUY71z85Vq9f/axIOqN/EU
ylSSYC/c4bIEvB7KbckpNSrpZ9w7ECxAWB9bwUZIPNaFkETT3V4jDac1wYUMwxTZ
beFae4HH2LGLGqoVLXKPQeTWpes5nq41Yq6qui+7T3ZxVdbAZ/83sF/9F5SnNtTQ
SNzU+CX0J4XL61XC9vHyoQMqQpkVelIvgaP4ew7ptx6YaTIECbp9PtVnvYOUNl7N
tcS1GSFZLr6gesG2a57Stjz2p69nAk9BuBysTbKDUjXkNwQ+hxNaOsAsTQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFMe8a0/rC2fUnI4rt18eWF2rc2vyMB8GA1UdIwQY
MBaAFGaOmy7vsgU0I4K2ByqQP52YNwcaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMt
NGMwOGZmZTEwMDc2LzEveDd4clQtc0xaOVNjaml1M1h4NVlYYXR6YV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80YTEzMDUtMzkxYy00NDZjLTlhMzMtNGMwOGZmZTEwMDc2
LzEvWm82Ykx1LXlCVFFqZ3JZSEtwQV9uWmczQnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEH4fgAwQE
LpSAAwQDU2FoAwQBW8OCAwQAW+aSAwQBW+26AwQEbcRAAwQFsH3AAwQBwwLuMA0G
CSqGSIb3DQEBCwUAA4IBAQCSG1gOF9jlgMB4CJLaQsBSBQZpGqXs/tA6JFNNpaTO
S9s4BuqyMWPREB4wy7NHZ+2wOB6uvdlRys0cBi2rwm29eQy7i0lbZVYyTgl8wbES
f5yMzkGLgTifGhWpovKDYk1YU8u4+3aAWB5NoHqnIup5nef4/t0y3clNwoiLwFKo
YZIjFLXDYd2lsBdQnqdKt9zmqbwv32JaYVietdTNoGHvAibtwpuZkG6NtbpU7RyA
fvJ8Lvo4WiYLN2tyfupmDiqdL4cVSJEGIRg3uQErAh1sFvjA48HU/XB7Ji8G1hl2
jULimtXHbvso1l4RyV1USofNbR48ddHBkyOFQ7STEFhu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:34 2024 by rpki-client on console-fra.rpki-client.org