Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ITSObCTHUVr3cqGFTTIfqlPPPUE.roa
File: ITSObCTHUVr3cqGFTTIfqlPPPUE.roa (raw, json)
Hash identifier: x7/8fXRDv/ZeoVG/HJo6BwGrIfEbvNlyQJRT409rmto=
Subject key identifier: 21:34:8E:6C:24:C7:51:5A:F7:72:A1:85:4D:32:1F:AA:53:CF:3D:41
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01856E0B10C032E20A9B3348A8CD7425A0A6
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ITSObCTHUVr3cqGFTTIfqlPPPUE.roa
Signing time: Sun 01 Jan 2023 15:54:57 +0000
ROA not before: Sun 01 Jan 2023 15:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56940
IP address blocks: 31.131.40.0/22 maxlen: 22
31.131.46.0/24 maxlen: 24
31.131.47.0/24 maxlen: 24
91.229.14.0/23 maxlen: 23
91.229.12.0/23 maxlen: 23
176.114.56.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0b:10:c0:32:e2:0a:9b:33:48:a8:cd:74:25:a0:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 1 15:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21348e6c24c7515af772a1854d321faa53cf3d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ca:3b:27:6f:de:f3:25:42:a7:da:1b:33:38:
43:b2:49:2f:f7:c5:c6:33:f4:8a:c1:13:e8:1f:68:
54:14:ff:41:3f:77:78:f1:95:d0:81:6a:9a:57:1d:
7a:e9:34:91:47:ab:0c:5a:a7:b7:a1:67:73:d2:62:
ea:5b:08:7f:c2:99:66:c4:16:1f:29:a1:21:98:ff:
1a:03:eb:97:4d:e9:9d:cc:3b:af:9f:52:94:ff:9a:
00:24:9f:13:7c:6b:65:37:a0:0d:a7:38:a7:27:92:
e3:e3:10:bf:54:89:a6:db:ab:65:7a:1c:65:df:7c:
07:99:c9:20:90:a0:d8:1f:46:19:be:43:44:78:da:
50:81:95:59:cc:0c:9e:e1:f3:24:12:52:5d:67:4c:
1e:ed:2a:57:28:16:ec:80:36:55:b1:b9:74:a0:65:
03:cb:d0:48:79:24:9b:3b:94:18:b7:2d:2f:0f:53:
35:97:db:59:61:a1:15:61:f2:ae:ec:25:12:e7:0b:
3a:59:83:82:69:49:51:9f:ef:92:c2:ba:84:b4:5f:
04:31:59:d0:03:2a:df:5b:00:13:25:99:c2:52:6c:
e5:e9:12:35:36:9a:fe:4b:f7:51:07:14:e2:bd:2e:
6e:67:2d:b6:7a:83:c6:d8:1a:06:8a:3c:f4:85:6b:
35:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:34:8E:6C:24:C7:51:5A:F7:72:A1:85:4D:32:1F:AA:53:CF:3D:41
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ITSObCTHUVr3cqGFTTIfqlPPPUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.40.0/22
31.131.46.0/23
91.229.12.0/22
176.114.56.0/21
Signature Algorithm: sha256WithRSAEncryption
42:15:43:2f:7e:c9:12:b8:48:6a:94:3b:63:dd:30:64:80:6c:
6c:d0:f0:02:67:af:c5:50:2a:f1:61:40:b6:1c:5f:0d:dc:96:
a5:11:e9:a8:73:ce:ab:c3:89:35:c7:44:27:ab:57:51:25:41:
8a:82:6f:c7:83:7b:bc:22:32:df:d5:7c:e9:ea:3a:5e:59:53:
5a:ac:71:a0:0a:da:27:ff:f1:02:8d:b8:1d:34:39:ae:8d:5a:
86:8c:18:02:8e:8a:a2:b9:d9:d1:22:d1:9d:31:e2:b8:50:b4:
8d:9f:57:1a:a8:65:9d:a5:f5:5b:cd:2d:36:67:b7:c0:16:23:
2f:7f:a2:ed:47:98:eb:c0:be:c8:32:84:cb:05:cf:5b:70:e4:
ac:9b:c1:a4:e3:6c:d4:28:5c:71:50:9a:7c:11:d2:39:5f:51:
4b:1d:26:07:40:05:ae:b1:24:9c:20:be:43:f3:d9:93:d4:f2:
b3:d6:62:e3:f0:32:f3:ee:b5:c7:1e:c4:cb:f2:71:8d:2b:91:
9b:fe:24:e2:1e:f9:ec:d7:00:cd:d1:ec:8f:d1:fc:ba:99:08:
d3:87:9a:ee:82:de:29:8b:4f:d9:7c:32:7a:9d:ea:3d:ec:30:
16:85:53:f8:2f:fd:98:f2:f2:ce:c8:64:78:7a:97:ff:2a:bf:
ff:58:4b:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuCxDAMuIKmzNIqM10JaCmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwMTAxMTU1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTM0OGU2YzI0Yzc1MTVhZjc3MmExODU0ZDMyMWZhYTUzY2YzZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiso7J2/e8yVCp9obMzhDskkv98XG
M/SKwRPoH2hUFP9BP3d48ZXQgWqaVx166TSRR6sMWqe3oWdz0mLqWwh/wplmxBYf
KaEhmP8aA+uXTemdzDuvn1KU/5oAJJ8TfGtlN6ANpzinJ5Lj4xC/VImm26tlehxl
33wHmckgkKDYH0YZvkNEeNpQgZVZzAye4fMkElJdZ0we7SpXKBbsgDZVsbl0oGUD
y9BIeSSbO5QYty0vD1M1l9tZYaEVYfKu7CUS5ws6WYOCaUlRn++SwrqEtF8EMVnQ
AyrfWwATJZnCUmzl6RI1Npr+S/dRBxTivS5uZy22eoPG2BoGijz0hWs1ZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCE0jmwkx1Fa93KhhU0yH6pTzz1BMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvSVRTT2JDVEhVVnIzY3FHRlRUSWZxbFBQUFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4MoAwQB
H4MuAwQCW+UMAwQDsHI4MA0GCSqGSIb3DQEBCwUAA4IBAQBCFUMvfskSuEhqlDtj
3TBkgGxs0PACZ6/FUCrxYUC2HF8N3JalEemoc86rw4k1x0Qnq1dRJUGKgm/Hg3u8
IjLf1Xzp6jpeWVNarHGgCton//ECjbgdNDmujVqGjBgCjoqiudnRItGdMeK4ULSN
n1caqGWdpfVbzS02Z7fAFiMvf6LtR5jrwL7IMoTLBc9bcOSsm8Gk42zUKFxxUJp8
EdI5X1FLHSYHQAWusSScIL5D89mT1PKz1mLj8DLz7rXHHsTL8nGNK5Gb/iTiHvns
1wDN0eyP0fy6mQjTh5rugt4pi0/ZfDJ6neo97DAWhVP4L/2Y8vLOyGR4epf/Kr//
WEul
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:06 2024 by rpki-client on console-ams.rpki-client.org