Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/9Zn4pT6sibxXsSgRz2DYk5ruQM8.roa
File: 9Zn4pT6sibxXsSgRz2DYk5ruQM8.roa (raw, json)
Hash identifier: 2PWzNF4gkXoWrqCxIXa7UTg9TjB5m3vFFPPiecOXxBY=
Subject key identifier: F5:99:F8:A5:3E:AC:89:BC:57:B1:28:11:CF:60:D8:93:9A:EE:40:CF
Certificate issuer: /CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Certificate serial: 018CE8522AF95075C102086B0AC7277E29AB
Authority key identifier: 97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/9Zn4pT6sibxXsSgRz2DYk5ruQM8.roa
Signing time: Mon 08 Jan 2024 09:05:48 +0000
ROA not before: Mon 08 Jan 2024 09:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47242
IP address blocks: 81.31.145.0/24 maxlen: 24
81.31.144.0/24 maxlen: 24
185.201.66.0/24 maxlen: 24
185.201.67.0/24 maxlen: 24
185.201.65.0/24 maxlen: 24
81.31.150.0/24 maxlen: 24
81.31.151.0/24 maxlen: 24
81.31.149.0/24 maxlen: 24
81.31.147.0/24 maxlen: 24
81.31.148.0/24 maxlen: 24
81.31.146.0/24 maxlen: 24
81.31.152.0/24 maxlen: 24
81.31.159.0/24 maxlen: 24
81.31.157.0/24 maxlen: 24
81.31.158.0/24 maxlen: 24
81.31.156.0/24 maxlen: 24
81.31.154.0/24 maxlen: 24
81.31.155.0/24 maxlen: 24
81.31.153.0/24 maxlen: 24
149.62.184.0/24 maxlen: 24
149.62.185.0/24 maxlen: 24
149.62.186.0/24 maxlen: 24
185.84.98.0/24 maxlen: 24
185.84.96.0/24 maxlen: 24
185.84.97.0/24 maxlen: 24
185.84.99.0/24 maxlen: 24
185.201.64.0/24 maxlen: 24
149.62.191.0/24 maxlen: 24
149.62.189.0/24 maxlen: 24
149.62.190.0/24 maxlen: 24
149.62.187.0/24 maxlen: 24
149.62.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 15:19:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:52:2a:f9:50:75:c1:02:08:6b:0a:c7:27:7e:29:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971533cb7a6796ac5c382b38dcf459f9176931f4
Validity
Not Before: Jan 8 09:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f599f8a53eac89bc57b12811cf60d8939aee40cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:32:7e:0c:10:25:12:09:56:68:39:be:d8:07:
f6:e4:80:e3:3a:67:0b:d3:9c:92:e0:62:13:b8:8c:
73:4e:e7:7b:ce:cd:04:4c:1c:0e:c1:60:76:26:3a:
f6:69:4d:76:f1:d6:f7:c0:15:e8:02:81:53:c7:2e:
63:b4:d0:96:fd:8b:fa:3a:96:41:95:b7:83:23:16:
d3:f1:19:b2:ac:ba:e3:cd:b5:05:67:10:60:4b:08:
65:5d:9f:56:f0:da:85:31:a0:a8:c7:15:e6:13:ad:
76:56:d3:c7:e6:e6:cd:40:54:63:20:b9:e9:94:d3:
d8:55:59:bd:a4:7c:f3:b6:60:72:7d:05:0e:1b:38:
af:dd:6c:0c:5f:2c:38:97:6d:9b:53:f6:65:d4:38:
af:12:b0:1d:26:aa:ba:0b:84:b4:cc:21:fc:6b:72:
00:ba:87:c4:b2:05:16:ae:db:bd:02:e2:da:aa:f3:
be:20:fc:b2:ea:f2:76:92:c8:f3:00:49:fa:30:6f:
83:11:eb:0f:eb:84:64:97:20:7d:b2:77:64:49:b9:
ab:d1:40:a7:ab:bb:ea:5d:54:b6:06:5b:d9:fc:9b:
6a:38:d6:d9:5a:43:d3:8e:e0:1e:8b:2c:10:62:b0:
22:a0:ee:28:50:5a:e7:9d:2a:ee:dc:64:16:87:5b:
50:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:99:F8:A5:3E:AC:89:BC:57:B1:28:11:CF:60:D8:93:9A:EE:40:CF
X509v3 Authority Key Identifier:
keyid:97:15:33:CB:7A:67:96:AC:5C:38:2B:38:DC:F4:59:F9:17:69:31:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/9Zn4pT6sibxXsSgRz2DYk5ruQM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d6577d-f2d2-4530-b9d2-39eca472668b/1/lxUzy3pnlqxcOCs43PRZ-RdpMfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.144.0/20
149.62.184.0/21
185.84.96.0/22
185.201.64.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:41:18:ae:5c:f5:7c:01:86:05:8f:41:8d:64:d8:e4:f1:7c:
54:6e:6c:9a:f5:67:22:f5:b4:51:31:85:b6:c2:19:08:97:e6:
94:d5:fc:f9:c4:41:d2:dc:24:bc:8b:25:7e:c5:53:50:c6:fc:
f2:2e:97:80:78:e0:7c:f5:36:6e:dd:fa:30:54:cf:9c:c1:b3:
fb:9d:26:19:d2:8e:9d:09:9d:99:95:b3:73:a2:92:d6:e0:35:
15:4a:58:40:4c:95:ec:84:4d:a0:e1:b5:6a:0a:08:21:90:f2:
6c:f0:5f:27:08:ea:57:32:2b:61:7c:0a:40:b5:38:a7:b6:e3:
dd:62:23:85:68:cf:08:44:c6:88:e2:c2:09:b1:b8:e3:55:18:
f6:d5:95:01:d5:0d:c3:97:26:1a:f1:ae:d2:9a:79:4b:9a:5d:
8d:83:b8:38:0d:c5:68:e2:9b:82:a7:81:cd:4b:5c:2b:8c:c2:
33:f1:0d:84:cb:6f:35:3b:00:dc:1a:e6:48:ad:76:cb:7b:47:
c4:60:35:71:e6:61:17:03:b6:21:a1:e9:69:59:27:f7:b5:7e:
e7:9e:ce:b7:8c:24:b2:08:c4:40:aa:05:84:a8:86:40:4a:0a:
f9:ad:28:22:b5:f3:ff:65:5c:ab:f6:d1:2e:2a:f6:e8:ad:4d:
6d:8b:b1:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzoUir5UHXBAghrCscnfimrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MTUzM2NiN2E2Nzk2YWM1YzM4MmIzOGRjZjQ1OWY5MTc2
OTMxZjQwHhcNMjQwMTA4MDkwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk5ZjhhNTNlYWM4OWJjNTdiMTI4MTFjZjYwZDg5MzlhZWU0MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTJ+DBAlEglWaDm+2Af25IDjOmcL
05yS4GITuIxzTud7zs0ETBwOwWB2Jjr2aU128db3wBXoAoFTxy5jtNCW/Yv6OpZB
lbeDIxbT8RmyrLrjzbUFZxBgSwhlXZ9W8NqFMaCoxxXmE612VtPH5ubNQFRjILnp
lNPYVVm9pHzztmByfQUOGziv3WwMXyw4l22bU/Zl1DivErAdJqq6C4S0zCH8a3IA
uofEsgUWrtu9AuLaqvO+IPyy6vJ2ksjzAEn6MG+DEesP64RklyB9sndkSbmr0UCn
q7vqXVS2BlvZ/JtqONbZWkPTjuAeiywQYrAioO4oUFrnnSru3GQWh1tQSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPWZ+KU+rIm8V7EoEc9g2JOa7kDPMB8GA1UdIwQY
MBaAFJcVM8t6Z5asXDgrONz0WfkXaTH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDIt
MzllY2E0NzI2NjhiLzEvOVpuNHBUNnNpYnhYc1NnUnoyRFlrNXJ1UU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjU3N2QtZjJkMi00NTMwLWI5ZDItMzllY2E0NzI2Njhi
LzEvbHhVenkzcG5scXhjT0NzNDNQUlotUmRwTWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR+QAwQD
lT64AwQCuVRgAwQCuclAMA0GCSqGSIb3DQEBCwUAA4IBAQAeQRiuXPV8AYYFj0GN
ZNjk8XxUbmya9Wci9bRRMYW2whkIl+aU1fz5xEHS3CS8iyV+xVNQxvzyLpeAeOB8
9TZu3fowVM+cwbP7nSYZ0o6dCZ2ZlbNzopLW4DUVSlhATJXshE2g4bVqCgghkPJs
8F8nCOpXMithfApAtTintuPdYiOFaM8IRMaI4sIJsbjjVRj21ZUB1Q3DlyYa8a7S
mnlLml2Ng7g4DcVo4puCp4HNS1wrjMIz8Q2Ey281OwDcGuZIrXbLe0fEYDVx5mEX
A7YhoelpWSf3tX7nns63jCSyCMRAqgWEqIZASgr5rSgitfP/ZVyr9tEuKvborU1t
i7H1
-----END CERTIFICATE-----
Generated at Fri Mar 22 18:51:31 2024 by rpki-client on console-ams.rpki-client.org