Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/0ihtWAX6WjYl7TbF1OL81aYaUEU.roa
File: 0ihtWAX6WjYl7TbF1OL81aYaUEU.roa (raw, json)
Hash identifier: qejwE4LOs650/OQK+sIPTLXkrzCMWVrYO5s0CvJFu50=
Subject key identifier: D2:28:6D:58:05:FA:5A:36:25:ED:36:C5:D4:E2:FC:D5:A6:1A:50:45
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 01856F024C2E5A16EDFD96FF09BFD4374BE0
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/0ihtWAX6WjYl7TbF1OL81aYaUEU.roa
Signing time: Sun 01 Jan 2023 20:24:59 +0000
ROA not before: Sun 01 Jan 2023 20:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.36.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.32.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4c:2e:5a:16:ed:fd:96:ff:09:bf:d4:37:4b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jan 1 20:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2286d5805fa5a3625ed36c5d4e2fcd5a61a5045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8f:a6:e0:50:cf:5d:9a:6c:d6:20:34:35:8a:
bc:94:42:c2:86:09:dd:4f:73:6a:30:85:20:b1:d0:
4f:8d:46:25:e8:f4:59:29:e6:56:d5:8b:ba:63:34:
50:70:1e:a7:52:8a:19:58:d2:95:92:c3:bf:c6:d8:
f2:48:19:e0:08:e8:55:6d:6e:f2:46:25:23:27:3f:
cb:df:57:62:4e:93:72:65:3e:78:13:b0:ff:73:df:
9d:a1:f2:f1:ee:bc:7d:d5:91:92:1e:3c:a7:6d:5d:
1f:e8:1b:2a:82:24:01:77:3a:d3:f5:63:a5:8d:a8:
f1:51:62:f3:26:a6:04:85:16:9c:64:ca:f9:5b:f8:
b9:c1:c7:8f:4e:12:ee:33:b6:7a:92:fa:53:91:d9:
a5:01:eb:f8:1a:c4:6c:d1:bc:29:7a:63:2b:32:11:
e0:99:b8:05:9e:9a:3a:01:f0:3a:dc:97:dd:58:31:
12:e3:07:58:d1:c9:c3:5a:9f:3d:b2:86:f0:65:ff:
3a:d7:d2:54:9c:d4:8f:41:85:ef:97:d6:24:e5:24:
dc:2a:03:1b:0a:ca:c8:83:bd:ab:26:e1:cb:3d:6d:
2b:ba:7a:11:6a:de:3c:ba:65:3a:13:13:17:77:4e:
5f:35:23:28:d5:7f:32:38:15:88:04:ec:86:de:99:
e2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:28:6D:58:05:FA:5A:36:25:ED:36:C5:D4:E2:FC:D5:A6:1A:50:45
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/0ihtWAX6WjYl7TbF1OL81aYaUEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
09:c5:7a:1b:5c:8b:77:f7:4d:a9:52:16:da:2c:89:4e:0e:6b:
db:f1:c6:fe:2d:f9:b6:f5:f0:53:1f:ca:13:fa:50:85:ab:dc:
06:c8:62:39:f8:25:ef:80:e0:da:73:54:bd:fb:96:18:4f:7e:
f3:16:f0:bb:34:d8:71:96:9f:4d:d7:13:87:6d:c0:4a:a0:2f:
d7:48:a7:5c:8d:c6:76:49:46:e2:91:69:b8:63:bd:a0:ce:87:
d0:4c:b5:18:bb:4b:5e:b0:ed:ab:10:32:81:7a:5a:ac:0d:46:
0d:91:51:f7:37:f1:c7:4c:9d:85:1a:12:8d:f0:58:b0:23:a1:
3e:ba:f6:c7:89:03:18:07:71:20:b4:52:08:5c:36:10:db:b8:
12:25:10:e2:71:fc:da:06:f1:40:6a:ab:a4:ca:7d:25:cd:a9:
61:23:f2:f8:02:2f:4d:14:04:a3:78:8e:6e:10:ba:d3:1a:66:
68:3a:d3:d5:e4:7a:8b:d8:4e:1d:9f:38:51:a7:f1:1f:ea:39:
44:f7:1a:81:e1:28:31:b9:20:f6:28:2d:fc:d5:dd:1f:38:14:
00:8d:b7:c1:ca:72:3d:f0:cc:0d:b6:6a:6a:e2:c9:2c:bb:e4:
dc:c2:46:24:30:df:eb:6a:37:34:e9:54:e8:00:10:e6:b6:9c:
f8:4b:44:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvAkwuWhbt/Zb/Cb/UN0vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjMwMTAxMjAyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI4NmQ1ODA1ZmE1YTM2MjVlZDM2YzVkNGUyZmNkNWE2MWE1MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6I+m4FDPXZps1iA0NYq8lELChgnd
T3NqMIUgsdBPjUYl6PRZKeZW1Yu6YzRQcB6nUooZWNKVksO/xtjySBngCOhVbW7y
RiUjJz/L31diTpNyZT54E7D/c9+dofLx7rx91ZGSHjynbV0f6BsqgiQBdzrT9WOl
jajxUWLzJqYEhRacZMr5W/i5wcePThLuM7Z6kvpTkdmlAev4GsRs0bwpemMrMhHg
mbgFnpo6AfA63JfdWDES4wdY0cnDWp89sobwZf8619JUnNSPQYXvl9Yk5STcKgMb
CsrIg72rJuHLPW0runoRat48umU6ExMXd05fNSMo1X8yOBWIBOyG3pniNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNIobVgF+lo2Je02xdTi/NWmGlBFMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvMGlodFdBWDZXallsN1RiRjFPTDgxYVlhVUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcgAwQC
uYx8MA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQAJxXobXIt3902p
UhbaLIlODmvb8cb+Lfm29fBTH8oT+lCFq9wGyGI5+CXvgODac1S9+5YYT37zFvC7
NNhxlp9N1xOHbcBKoC/XSKdcjcZ2SUbikWm4Y72gzofQTLUYu0tesO2rEDKBelqs
DUYNkVH3N/HHTJ2FGhKN8FiwI6E+uvbHiQMYB3EgtFIIXDYQ27gSJRDicfzaBvFA
aqukyn0lzalhI/L4Ai9NFASjeI5uELrTGmZoOtPV5HqL2E4dnzhRp/Ef6jlE9xqB
4SgxuSD2KC381d0fOBQAjbfBynI98MwNtmpq4sksu+TcwkYkMN/rajc06VToABDm
tpz4S0TV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:46 2024 by rpki-client on console-fra.rpki-client.org