Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Cs-iJOWxat9ap8RCIgCZK_8evko.roa
File: Cs-iJOWxat9ap8RCIgCZK_8evko.roa (raw, json)
Hash identifier: QkWKHSkFwUrBO5KMViSWSLGEa/REVpKVmnN9HKVpr5M=
Subject key identifier: 0A:CF:A2:24:E5:B1:6A:DF:5A:A7:C4:42:22:00:99:2B:FF:1E:BE:4A
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0191646E18F25B166A63CEC4F43F172CF912
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Cs-iJOWxat9ap8RCIgCZK_8evko.roa
Signing time: Sun 18 Aug 2024 07:40:22 +0000
ROA not before: Sun 18 Aug 2024 07:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
45.143.158.0/23 maxlen: 24
46.21.29.0/24 maxlen: 24
77.220.64.0/19 maxlen: 19
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
2a02:210::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 22 Nov 2024 20:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:6e:18:f2:5b:16:6a:63:ce:c4:f4:3f:17:2c:f9:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Aug 18 07:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0acfa224e5b16adf5aa7c4422200992bff1ebe4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ee:7d:21:6a:e0:a4:15:ea:92:08:84:25:4d:
4f:54:03:e2:ef:0c:c9:3c:56:55:7a:14:b7:3d:84:
be:aa:56:c3:5b:9f:13:0e:21:26:0f:96:a0:cf:f5:
7c:0d:11:1d:c9:82:6b:1b:a0:af:97:21:e0:ba:56:
03:5e:e4:de:6c:12:d6:b6:e6:9a:a3:b4:c8:25:79:
c3:2b:9e:56:99:87:31:ad:b7:27:eb:01:eb:d7:3c:
58:55:ca:b0:90:c3:02:0a:02:f8:28:22:ca:2d:cb:
44:30:2f:e1:49:77:41:82:47:f3:4d:6e:17:2c:4f:
f9:e4:44:03:8e:bd:53:6c:28:0b:47:f5:11:64:a9:
c0:c7:f1:cb:3e:d1:e9:65:a3:2d:2b:0a:72:06:6b:
e5:8e:8f:b9:34:3b:45:ab:1c:70:77:39:c8:85:90:
cc:e3:18:40:20:7e:2c:fc:9a:2a:99:e8:0b:37:d1:
be:74:d9:4e:10:87:3c:de:d2:c1:5e:f5:4a:e8:2f:
7c:b2:75:9a:3a:05:e2:5b:9c:1e:31:52:dd:9c:ac:
e3:07:7f:c6:51:fb:4b:ef:d5:13:bd:52:dc:54:c9:
39:b5:7e:6d:d3:7c:33:15:5e:86:17:92:13:bf:ec:
82:61:f6:9d:4d:5a:64:3a:ab:0b:62:a7:fd:89:50:
11:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CF:A2:24:E5:B1:6A:DF:5A:A7:C4:42:22:00:99:2B:FF:1E:BE:4A
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/Cs-iJOWxat9ap8RCIgCZK_8evko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
45.143.158.0/23
46.21.29.0/24
77.220.64.0/19
193.221.216.0/23
193.222.104.0/23
IPv6:
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
90:2b:0b:df:83:ef:6d:5e:8a:11:d6:39:bc:8d:04:c6:41:f5:
4b:66:cb:5c:a1:83:4d:b4:94:05:e1:82:0c:a6:da:0a:4e:79:
3d:8b:62:5f:11:c1:46:1c:fa:78:c2:f7:d0:75:d6:61:5f:bf:
2f:bc:a9:29:d7:be:cf:66:54:e1:b6:94:4d:95:88:8f:72:96:
35:71:14:a5:bc:d4:0c:e0:8c:b8:3a:61:cd:34:4c:c1:a9:33:
d5:19:e3:df:02:84:84:3e:c1:4a:c1:ee:4c:b1:81:45:79:75:
57:67:82:32:92:fa:f8:de:e0:fa:01:98:53:b6:27:93:e0:d5:
bd:6a:a2:58:49:c8:31:f2:e8:4f:ae:8c:8f:81:cc:7f:4a:12:
9e:8c:25:b2:1d:7e:86:1a:0e:1b:5a:f9:10:f0:2a:93:8c:4a:
65:25:53:c5:8b:a8:d4:3d:f1:fd:ee:82:74:51:1e:25:f5:da:
d0:f0:e5:40:9f:a2:7b:be:50:19:5b:c1:b0:07:a5:f4:4c:dd:
31:cc:ef:ef:49:39:5f:9c:c1:27:1f:30:2b:2e:13:6f:e7:32:
55:a8:13:13:29:9c:52:ea:df:43:2e:6b:36:2d:0a:12:f2:b5:
1c:34:2d:5c:ca:30:d1:b4:e1:cc:71:52:6c:cc:d5:5b:6e:22:
ae:dd:df:99
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZFkbhjyWxZqY87E9D8XLPkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwODE4MDc0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNmYTIyNGU1YjE2YWRmNWFhN2M0NDIyMjAwOTkyYmZmMWViZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme59IWrgpBXqkgiEJU1PVAPi7wzJ
PFZVehS3PYS+qlbDW58TDiEmD5agz/V8DREdyYJrG6CvlyHgulYDXuTebBLWtuaa
o7TIJXnDK55WmYcxrbcn6wHr1zxYVcqwkMMCCgL4KCLKLctEMC/hSXdBgkfzTW4X
LE/55EQDjr1TbCgLR/URZKnAx/HLPtHpZaMtKwpyBmvljo+5NDtFqxxwdznIhZDM
4xhAIH4s/JoqmegLN9G+dNlOEIc83tLBXvVK6C98snWaOgXiW5weMVLdnKzjB3/G
UftL79UTvVLcVMk5tX5t03wzFV6GF5ITv+yCYfadTVpkOqsLYqf9iVARLQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFArPoiTlsWrfWqfEQiIAmSv/Hr5KMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvQ3MtaUpPV3hhdDlhcDhSQ0lnQ1pLXzhldmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEHywgAwQB
LY+eAwQALhUdAwQFTdxAAwQBwd3YAwQBwd5oMBQEAgACMA4DBQAqAgIQAwUDKg/o
gDANBgkqhkiG9w0BAQsFAAOCAQEAkCsL34PvbV6KEdY5vI0ExkH1S2bLXKGDTbSU
BeGCDKbaCk55PYtiXxHBRhz6eML30HXWYV+/L7ypKde+z2ZU4baUTZWIj3KWNXEU
pbzUDOCMuDphzTRMwakz1Rnj3wKEhD7BSsHuTLGBRXl1V2eCMpL6+N7g+gGYU7Yn
k+DVvWqiWEnIMfLoT66Mj4HMf0oSnowlsh1+hhoOG1r5EPAqk4xKZSVTxYuo1D3x
/e6CdFEeJfXa0PDlQJ+ie75QGVvBsAel9EzdMczv70k5X5zBJx8wKy4Tb+cyVagT
EymcUurfQy5rNi0KEvK1HDQtXMow0bThzHFSbMzVW24irt3fmQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:25 2024 by rpki-client on console-fra.rpki-client.org