Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UtV1YQLdrWrCciSd6iT0JM50yFE.roa
File: UtV1YQLdrWrCciSd6iT0JM50yFE.roa (raw, json)
Hash identifier: iUHqqDhAA76dtNN/b2lb48YUlTb5U74cc18FuUQLY6E=
Subject key identifier: 52:D5:75:61:02:DD:AD:6A:C2:72:24:9D:EA:24:F4:24:CE:74:C8:51
Certificate issuer: /CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Certificate serial: 01921E68AAB4A169FE0B28137F175220DE05
Authority key identifier: DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UtV1YQLdrWrCciSd6iT0JM50yFE.roa
Signing time: Mon 23 Sep 2024 10:23:48 +0000
ROA not before: Mon 23 Sep 2024 10:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59675
IP address blocks: 31.220.150.0/24 maxlen: 24
128.0.144.0/23 maxlen: 23
128.0.146.0/23 maxlen: 23
128.0.148.0/23 maxlen: 23
128.0.150.0/24 maxlen: 24
128.0.151.0/24 maxlen: 24
128.0.152.0/24 maxlen: 24
128.0.153.0/24 maxlen: 24
128.0.154.0/24 maxlen: 24
185.5.8.0/23 maxlen: 23
185.5.10.0/23 maxlen: 23
213.185.78.0/23 maxlen: 23
213.185.80.0/22 maxlen: 22
213.185.80.0/24 maxlen: 24
213.185.84.0/23 maxlen: 23
2a02:45c0:1::/48 maxlen: 48
2a02:45c0:3::/48 maxlen: 48
2a02:45c0:7::/48 maxlen: 48
2a02:45c0:8::/48 maxlen: 48
2a02:45c0:9::/48 maxlen: 48
2a02:45c0:10::/48 maxlen: 48
2a02:45c0:13::/48 maxlen: 48
2a02:45c0:18::/48 maxlen: 48
2a02:45c0:19::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 11:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:68:aa:b4:a1:69:fe:0b:28:13:7f:17:52:20:de:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd4f8e4762377f86b07a8753f6e98f6f4b6b792
Validity
Not Before: Sep 23 10:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52d5756102ddad6ac272249dea24f424ce74c851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:44:ef:2e:70:7c:68:e3:5c:d7:b2:70:8b:53:
88:76:96:2d:7f:8f:99:b2:7a:9e:3c:a7:90:58:bd:
ab:f3:db:45:45:81:91:3e:49:ac:e1:1d:25:d1:30:
2c:d5:a0:4d:95:ff:44:81:b5:67:0f:23:bb:9a:ee:
b1:aa:61:a9:94:8d:f2:db:49:30:35:bd:c7:72:fd:
30:96:cb:a6:2e:bd:8a:e9:a3:57:1c:2d:bb:c8:6c:
68:10:e9:0f:20:49:be:73:a4:ef:59:d1:0d:c6:43:
c0:05:2a:ca:0b:82:6c:36:d8:98:8b:77:d0:0e:5b:
c4:2f:f2:28:af:64:a2:29:17:62:91:96:18:fe:50:
5c:fc:0e:4e:8d:7a:8d:64:ff:d7:89:4d:42:df:93:
4b:66:23:95:a7:41:20:58:79:28:8d:f1:ef:79:0f:
52:1f:40:50:fb:cf:68:60:e5:b6:13:b8:a3:03:1a:
d7:28:ab:e5:8d:71:d7:0c:95:ab:58:13:a6:0f:e5:
31:46:7a:2a:e6:75:0f:61:fb:d8:11:58:36:05:6a:
4b:13:b0:0a:f6:e8:68:34:a1:8c:8f:00:c0:bc:2b:
08:9e:fc:b3:53:3d:98:e6:63:7c:dd:9d:fc:b3:19:
f8:5f:53:7a:50:65:a3:f5:42:36:a4:b6:ed:e8:e9:
c0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D5:75:61:02:DD:AD:6A:C2:72:24:9D:EA:24:F4:24:CE:74:C8:51
X509v3 Authority Key Identifier:
keyid:DB:D4:F8:E4:76:23:77:F8:6B:07:A8:75:3F:6E:98:F6:F4:B6:B7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29T45HYjd_hrB6h1P26Y9vS2t5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/UtV1YQLdrWrCciSd6iT0JM50yFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/d3f65d-afab-4d28-b46e-620a79cf792b/1/29T45HYjd_hrB6h1P26Y9vS2t5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.150.0/24
128.0.144.0-128.0.154.255
185.5.8.0/22
213.185.78.0-213.185.85.255
IPv6:
2a02:45c0:1::/48
2a02:45c0:3::/48
2a02:45c0:7::-2a02:45c0:9:ffff:ffff:ffff:ffff:ffff
2a02:45c0:10::/48
2a02:45c0:13::/48
2a02:45c0:18::/47
Signature Algorithm: sha256WithRSAEncryption
17:63:46:d5:f3:1b:18:dc:52:ca:4c:95:37:8c:26:f2:81:9c:
40:ff:15:87:f1:60:29:7e:30:80:13:d0:d2:83:88:59:d0:50:
e3:f9:33:57:ed:1e:44:00:85:99:62:14:c1:de:71:5e:6c:fa:
45:67:67:41:3a:c6:23:e2:07:3b:23:1a:ee:5d:c2:4b:5f:90:
36:59:43:ed:b9:27:15:ec:3d:a0:7d:9d:b1:2b:2c:f8:19:ce:
49:80:7c:93:77:e2:f1:04:51:86:1e:7e:71:c5:b2:0e:b8:22:
2a:1b:48:04:42:b6:85:52:80:2a:21:c8:05:52:18:2b:71:17:
b9:5d:d6:c5:d8:c9:2b:5f:09:d0:48:14:f5:0a:a6:38:07:bc:
ef:8c:06:9c:2d:23:10:32:3c:24:b5:70:8e:bb:ef:d7:69:10:
46:40:3d:c5:71:bf:a6:84:0f:8a:27:57:40:8d:e5:4f:e7:1f:
64:02:05:08:ad:b0:8b:b8:5b:aa:e3:c6:b0:a4:79:3c:98:fe:
6c:17:02:32:2a:bc:e6:36:e0:4b:12:b6:62:04:83:4a:59:5e:
e5:d0:21:8d:fc:4c:cf:ee:17:9a:b6:2c:e4:cf:f9:71:7a:3f:
e7:c8:f8:a5:b9:ec:f4:a4:1e:f8:7f:95:3b:91:95:e9:cd:1a:
07:c2:26:6f
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZIeaKq0oWn+CygTfxdSIN4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDRmOGU0NzYyMzc3Zjg2YjA3YTg3NTNmNmU5OGY2ZjRi
NmI3OTIwHhcNMjQwOTIzMTAyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ1NzU2MTAyZGRhZDZhYzI3MjI0OWRlYTI0ZjQyNGNlNzRjODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxETvLnB8aONc17Jwi1OIdpYtf4+Z
snqePKeQWL2r89tFRYGRPkms4R0l0TAs1aBNlf9EgbVnDyO7mu6xqmGplI3y20kw
Nb3Hcv0wlsumLr2K6aNXHC27yGxoEOkPIEm+c6TvWdENxkPABSrKC4JsNtiYi3fQ
DlvEL/Ior2SiKRdikZYY/lBc/A5OjXqNZP/XiU1C35NLZiOVp0EgWHkojfHveQ9S
H0BQ+89oYOW2E7ijAxrXKKvljXHXDJWrWBOmD+UxRnoq5nUPYfvYEVg2BWpLE7AK
9uhoNKGMjwDAvCsInvyzUz2Y5mN83Z38sxn4X1N6UGWj9UI2pLbt6OnAFwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFFLVdWEC3a1qwnIkneok9CTOdMhRMB8GA1UdIwQY
MBaAFNvU+OR2I3f4aweodT9umPb0treSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUt
NjIwYTc5Y2Y3OTJiLzEvVXRWMVlRTGRyV3JDY2lTZDZpVDBKTTUweUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kM2Y2NWQtYWZhYi00ZDI4LWI0NmUtNjIwYTc5Y2Y3OTJi
LzEvMjlUNDVIWWpkX2hyQjZoMVAyNlk5dlMydDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwLgQCAAEwKAMEAB/cljAM
AwQEgACQAwQAgACaAwQCuQUIMAwDBAHVuU4DBAHVuVQwRwQCAAIwQQMHACoCRcAA
AQMHACoCRcAAAzASAwcAKgJFwAAHAwcBKgJFwAAIAwcAKgJFwAAQAwcAKgJFwAAT
AwcBKgJFwAAYMA0GCSqGSIb3DQEBCwUAA4IBAQAXY0bV8xsY3FLKTJU3jCbygZxA
/xWH8WApfjCAE9DSg4hZ0FDj+TNX7R5EAIWZYhTB3nFebPpFZ2dBOsYj4gc7Ixru
XcJLX5A2WUPtuScV7D2gfZ2xKyz4Gc5JgHyTd+LxBFGGHn5xxbIOuCIqG0gEQraF
UoAqIcgFUhgrcRe5XdbF2MkrXwnQSBT1CqY4B7zvjAacLSMQMjwktXCOu+/XaRBG
QD3Fcb+mhA+KJ1dAjeVP5x9kAgUIrbCLuFuq48awpHk8mP5sFwIyKrzmNuBLErZi
BINKWV7l0CGN/EzP7heatizkz/lxej/nyPiluez0pB74f5U7kZXpzRoHwiZv
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:04:06 2024 by rpki-client on console-ams.rpki-client.org