Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/opEZffif8XyzWQQnr-caWx90_dM.roa
File: opEZffif8XyzWQQnr-caWx90_dM.roa (raw, json)
Hash identifier: udX4ntG16UFmx/UONrxYuGqPZnHTeN3kNnWcDUS41pU=
Subject key identifier: A2:91:19:7D:F8:9F:F1:7C:B3:59:04:27:AF:E7:1A:5B:1F:74:FD:D3
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018BF630E5FACFB71DDB9BF2C4D41BB754DC
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/opEZffif8XyzWQQnr-caWx90_dM.roa
Signing time: Wed 22 Nov 2023 08:41:21 +0000
ROA not before: Wed 22 Nov 2023 08:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
193.221.216.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
46.21.22.0/24 maxlen: 24
46.21.21.0/24 maxlen: 24
46.21.29.0/24 maxlen: 24
193.222.104.0/23 maxlen: 23
185.155.176.0/22 maxlen: 22
185.155.184.0/23 maxlen: 24
77.220.64.0/19 maxlen: 19
2a00:bd00::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
2a02:210::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 29 Nov 2023 18:18:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:30:e5:fa:cf:b7:1d:db:9b:f2:c4:d4:1b:b7:54:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Nov 22 08:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a291197df89ff17cb3590427afe71a5b1f74fdd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c9:b1:75:b2:f3:8a:bc:fa:76:43:5b:80:4d:
e6:ff:1a:7c:b8:75:f1:cc:d8:66:4a:f8:33:55:18:
d7:3f:6f:e0:b5:cc:b7:f1:24:ea:dc:79:d2:f9:97:
1b:9b:a1:f5:2a:4d:dc:49:ab:4f:c0:78:bf:52:b0:
41:93:a5:c9:a7:d8:48:e3:5e:b0:fa:97:5f:98:12:
97:7d:d9:f3:ea:6d:a8:87:3b:b2:5e:71:e3:16:c9:
b1:f9:bd:fe:a5:88:5a:4a:f9:09:47:9a:83:0e:27:
4d:fd:1d:cb:bd:87:79:d9:fb:e1:e3:eb:4b:a5:71:
77:cb:13:2e:1c:18:61:6d:f3:f8:48:c2:2e:1f:94:
5e:f4:18:b7:d9:bf:b5:82:2e:63:53:5c:55:43:16:
fa:83:39:4e:ca:8b:40:05:6d:90:9f:b3:e9:4a:ef:
ae:70:21:4d:f5:23:45:b1:93:87:cc:7b:65:6c:a0:
d8:8b:f6:15:38:c6:44:8b:77:d7:59:cb:c7:98:7c:
c0:4b:d7:b4:2a:53:55:b3:13:70:22:84:4f:05:5d:
43:68:c9:07:5e:91:1d:88:bd:fb:96:5a:d7:91:09:
e8:3c:5f:c4:2b:74:5e:a9:ce:34:20:18:6c:4c:97:
93:b1:9b:47:5f:4c:42:fa:01:77:24:9f:e8:03:b5:
11:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:91:19:7D:F8:9F:F1:7C:B3:59:04:27:AF:E7:1A:5B:1F:74:FD:D3
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/opEZffif8XyzWQQnr-caWx90_dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.21.0-46.21.22.255
46.21.29.0/24
77.220.64.0/19
185.155.176.0/22
185.155.184.0/23
193.221.216.0/23
193.222.104.0/23
IPv6:
2a00:bd00::/32
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
98:66:fa:d4:40:84:3e:58:49:92:60:a4:47:e7:65:5d:56:3a:
31:a1:43:7c:98:9b:6d:55:77:f1:57:dc:0e:f7:43:07:e3:88:
9b:59:e5:b8:e0:03:2d:e4:b9:90:83:bd:a8:cc:eb:94:46:be:
09:06:89:89:fc:f9:ce:ec:3f:73:b0:7c:f0:5b:3f:32:b0:b6:
7d:1a:07:ec:b9:69:f1:ee:ca:1e:e3:ee:0e:60:89:07:18:af:
e7:6c:fd:b8:4d:2d:c3:72:01:5a:6f:d1:6d:5f:ac:a7:fd:e0:
fe:d3:73:b8:90:57:77:7a:6e:d4:3e:55:f6:23:ce:51:1a:f7:
af:73:ce:07:63:e3:39:fe:f0:87:88:f7:42:4b:2c:d0:96:50:
38:43:8f:d5:2e:c5:8d:3b:5d:8e:c0:7f:f2:04:10:26:b9:a8:
59:1e:47:9b:4a:01:50:9d:d6:b2:05:3a:00:ad:c1:79:47:0d:
dc:7b:2b:05:65:37:61:72:95:b3:c2:86:82:e3:ae:7a:0a:7a:
1a:54:3b:22:87:d3:e4:d6:5e:c4:fd:c0:61:f2:56:a2:27:48:
c6:6d:7e:2f:b3:f6:7b:03:c4:7d:84:e6:a3:52:a6:55:b6:77:
4e:a2:61:dc:c5:37:70:cc:86:2d:4d:da:59:27:1f:11:76:e8:
04:23:61:9c
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYv2MOX6z7cd25vyxNQbt1TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMxMTIyMDg0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjkxMTk3ZGY4OWZmMTdjYjM1OTA0MjdhZmU3MWE1YjFmNzRmZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8mxdbLzirz6dkNbgE3m/xp8uHXx
zNhmSvgzVRjXP2/gtcy38STq3HnS+Zcbm6H1Kk3cSatPwHi/UrBBk6XJp9hI416w
+pdfmBKXfdnz6m2ohzuyXnHjFsmx+b3+pYhaSvkJR5qDDidN/R3LvYd52fvh4+tL
pXF3yxMuHBhhbfP4SMIuH5Re9Bi32b+1gi5jU1xVQxb6gzlOyotABW2Qn7PpSu+u
cCFN9SNFsZOHzHtlbKDYi/YVOMZEi3fXWcvHmHzAS9e0KlNVsxNwIoRPBV1DaMkH
XpEdiL37llrXkQnoPF/EK3Reqc40IBhsTJeTsZtHX0xC+gF3JJ/oA7URkwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFKKRGX34n/F8s1kEJ6/nGlsfdP3TMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvb3BFWmZmaWY4WHl6V1FRbnItY2FXeDkwX2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA+BAIAATA4AwQEHywgMAwD
BAAuFRUDBAAuFRYDBAAuFR0DBAVN3EADBAK5m7ADBAG5m7gDBAHB3dgDBAHB3mgw
GwQCAAIwFQMFACoAvQADBQAqAgIQAwUDKg/ogDANBgkqhkiG9w0BAQsFAAOCAQEA
mGb61ECEPlhJkmCkR+dlXVY6MaFDfJibbVV38VfcDvdDB+OIm1nluOADLeS5kIO9
qMzrlEa+CQaJifz5zuw/c7B88Fs/MrC2fRoH7Llp8e7KHuPuDmCJBxiv52z9uE0t
w3IBWm/RbV+sp/3g/tNzuJBXd3pu1D5V9iPOURr3r3POB2PjOf7wh4j3Qkss0JZQ
OEOP1S7FjTtdjsB/8gQQJrmoWR5Hm0oBUJ3WsgU6AK3BeUcN3HsrBWU3YXKVs8KG
guOuegp6GlQ7IofT5NZexP3AYfJWoidIxm1+L7P2ewPEfYTmo1KmVbZ3TqJh3MU3
cMyGLU3aWScfEXboBCNhnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:45 2024 by rpki-client on console-fra.rpki-client.org