Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/SltWPjJHc5Dq3HJkkVxWgL_BI1s.roa
File: SltWPjJHc5Dq3HJkkVxWgL_BI1s.roa (raw, json)
Hash identifier: dam/zAow3XtulEjds8td1NZ/wo7D1rLMBHglLBS6WMw=
Subject key identifier: 4A:5B:56:3E:32:47:73:90:EA:DC:72:64:91:5C:56:80:BF:C1:23:5B
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01914C16AC71490AA6F77DA5031FCCA5644C
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/SltWPjJHc5Dq3HJkkVxWgL_BI1s.roa
Signing time: Tue 13 Aug 2024 14:13:59 +0000
ROA not before: Tue 13 Aug 2024 14:13:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
31.44.46.0/23 maxlen: 23
46.21.29.0/24 maxlen: 24
77.220.64.0/19 maxlen: 19
193.221.216.0/23 maxlen: 23
193.222.104.0/23 maxlen: 24
2a02:210::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Aug 2024 07:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:16:ac:71:49:0a:a6:f7:7d:a5:03:1f:cc:a5:64:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Aug 13 14:13:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a5b563e32477390eadc7264915c5680bfc1235b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0e:81:70:9d:63:71:fd:7a:fc:12:d3:77:60:
f3:96:78:12:e4:92:c9:60:fb:51:44:ed:95:d6:64:
e3:da:02:a6:13:04:45:3d:a5:f1:d7:1b:16:e5:58:
ea:06:35:67:4a:df:24:9b:66:49:e0:11:1d:f1:52:
4f:1d:3d:fa:8b:63:a8:c9:77:84:7a:47:43:d3:40:
17:7d:85:37:ec:ed:b0:22:45:95:19:2c:f4:21:aa:
5c:d7:70:e9:e0:af:80:97:ce:52:13:69:2a:29:3b:
04:2d:ed:cd:de:8a:ae:b3:d6:33:db:c2:58:54:96:
d0:48:dd:52:a2:14:59:2f:14:25:de:75:08:21:9a:
31:af:11:5c:2f:bf:75:a2:5c:6a:fb:dc:29:aa:4b:
46:df:ae:f1:b7:9a:24:d8:3d:35:c1:c1:68:8e:02:
76:da:92:f5:bd:ac:a4:38:26:9c:dd:77:00:ad:cf:
cf:ff:9a:d6:ee:97:b4:fc:ff:3e:61:d4:ce:e8:ee:
60:d3:5e:b5:9a:ba:29:f1:f0:2f:c6:3e:3e:7b:61:
6b:c2:01:6e:c8:46:36:63:db:11:11:9c:73:35:29:
ad:ab:62:e2:d1:0d:22:3c:cb:dd:bd:a2:39:b5:44:
f0:42:ce:1a:1f:c6:bd:80:a0:c4:35:0d:b3:81:47:
c4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5B:56:3E:32:47:73:90:EA:DC:72:64:91:5C:56:80:BF:C1:23:5B
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/SltWPjJHc5Dq3HJkkVxWgL_BI1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.29.0/24
77.220.64.0/19
193.221.216.0/23
193.222.104.0/23
IPv6:
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
5c:5e:2c:18:10:ec:44:bf:46:84:f6:48:73:49:c7:f2:94:87:
f0:53:d2:10:ef:00:5e:6f:9f:fe:e5:c4:74:ce:8a:67:57:ea:
70:cf:60:82:53:6a:f0:e2:77:8e:59:33:81:7f:84:49:21:47:
fa:26:69:b7:a9:89:77:dc:5f:b7:74:64:30:29:7c:32:79:c8:
a4:20:ea:ad:58:70:aa:56:9a:10:0f:1c:3a:e5:20:94:4e:7b:
c0:25:fe:8f:ce:33:67:13:f5:b3:a6:5c:90:d6:e9:6a:3f:24:
4f:a6:7c:9b:6d:88:cb:f8:75:39:04:9a:30:33:f4:82:0c:92:
1c:30:54:f5:13:53:26:5c:f2:0a:ba:e0:d9:3b:8d:d4:3f:50:
28:d2:75:bc:22:9b:ed:75:5c:fe:57:4f:b6:4d:07:87:a0:5e:
e9:c4:a9:15:89:14:4b:8a:b9:d4:58:7c:ec:c8:e9:c5:1f:54:
8c:aa:cc:80:21:97:dc:8d:16:ad:9f:69:51:10:96:4a:7e:3a:
7c:b5:cc:57:ce:a8:14:1a:83:81:d9:0c:46:28:0c:6d:8d:9d:
79:73:e3:37:1e:e9:69:ec:09:28:cd:dc:7e:af:09:63:96:66:
fa:9f:30:fe:98:3c:cc:7e:dd:50:f4:1b:df:4a:95:70:a8:82:
e6:1d:0f:af
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZFMFqxxSQqm932lAx/MpWRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwODEzMTQxMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTViNTYzZTMyNDc3MzkwZWFkYzcyNjQ5MTVjNTY4MGJmYzEyMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ6BcJ1jcf16/BLTd2DzlngS5JLJ
YPtRRO2V1mTj2gKmEwRFPaXx1xsW5VjqBjVnSt8km2ZJ4BEd8VJPHT36i2OoyXeE
ekdD00AXfYU37O2wIkWVGSz0Iapc13Dp4K+Al85SE2kqKTsELe3N3oqus9Yz28JY
VJbQSN1SohRZLxQl3nUIIZoxrxFcL791olxq+9wpqktG367xt5ok2D01wcFojgJ2
2pL1vaykOCac3XcArc/P/5rW7pe0/P8+YdTO6O5g0161mrop8fAvxj4+e2FrwgFu
yEY2Y9sREZxzNSmtq2Li0Q0iPMvdvaI5tUTwQs4aH8a9gKDENQ2zgUfEHwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEpbVj4yR3OQ6txyZJFcVoC/wSNbMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvU2x0V1BqSkhjNURxM0hKa2tWeFdnTF9CSTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEHywgAwQA
LhUdAwQFTdxAAwQBwd3YAwQBwd5oMBQEAgACMA4DBQAqAgIQAwUDKg/ogDANBgkq
hkiG9w0BAQsFAAOCAQEAXF4sGBDsRL9GhPZIc0nH8pSH8FPSEO8AXm+f/uXEdM6K
Z1fqcM9gglNq8OJ3jlkzgX+ESSFH+iZpt6mJd9xft3RkMCl8MnnIpCDqrVhwqlaa
EA8cOuUglE57wCX+j84zZxP1s6ZckNbpaj8kT6Z8m22Iy/h1OQSaMDP0ggySHDBU
9RNTJlzyCrrg2TuN1D9QKNJ1vCKb7XVc/ldPtk0Hh6Be6cSpFYkUS4q51Fh87Mjp
xR9UjKrMgCGX3I0WrZ9pURCWSn46fLXMV86oFBqDgdkMRigMbY2deXPjNx7paewJ
KM3cfq8JY5Zm+p8w/pg8zH7dUPQb30qVcKiC5h0Prw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:19 2025 by rpki-client