Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jVx88Vh_xgNQl3VRHnAT2VP9qZg.roa
File: jVx88Vh_xgNQl3VRHnAT2VP9qZg.roa (raw, json)
Hash identifier: Q6Hryl1T4pPgZsKGUaVcfOXXLWWhUPTXCUYi/k1omfU=
Subject key identifier: 8D:5C:7C:F1:58:7F:C6:03:50:97:75:51:1E:70:13:D9:53:FD:A9:98
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01928A95E3E31690B55F3D867A5BC7CEF093
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jVx88Vh_xgNQl3VRHnAT2VP9qZg.roa
Signing time: Mon 14 Oct 2024 10:32:11 +0000
ROA not before: Mon 14 Oct 2024 10:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 31.129.22.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
89.191.232.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
194.28.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 09:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:95:e3:e3:16:90:b5:5f:3d:86:7a:5b:c7:ce:f0:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Oct 14 10:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5c7cf1587fc603509775511e7013d953fda998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:6c:64:77:b6:87:d1:4d:b4:94:80:fc:39:
64:2d:0c:03:16:22:68:c9:54:61:34:71:fa:e9:38:
bd:68:28:c7:43:12:d0:a5:73:39:1b:1f:ab:7e:87:
f8:ea:2b:13:28:31:29:e1:73:14:32:64:22:14:c8:
d5:86:80:cb:5c:95:3f:20:d0:f1:ec:bb:61:82:e6:
9c:59:f3:f2:20:8c:1b:28:9b:3d:cb:99:19:92:2f:
c7:9e:c7:57:95:e7:3a:1e:88:22:cc:21:f1:0d:3f:
16:a8:0a:b6:2f:e2:01:06:44:87:00:c7:21:99:1a:
26:84:a1:83:5f:c1:73:27:c5:1a:a4:62:37:ec:31:
8e:df:15:85:25:bf:7b:a2:74:8f:c8:8a:29:2f:b2:
1d:48:26:4f:1e:6f:c2:88:07:94:25:b6:8d:72:eb:
3b:7b:8a:b0:90:61:c6:02:3b:18:83:b5:69:15:3b:
ab:7d:e7:a1:81:f7:8d:91:8f:1c:47:60:bb:1c:0e:
40:3d:1d:e4:a8:eb:59:a5:50:32:00:75:61:01:55:
02:b6:b8:1f:a6:d7:6c:21:05:71:84:2d:74:08:0d:
aa:64:8b:de:1d:33:2c:a6:d6:21:c8:02:47:5a:71:
bf:19:4b:28:53:d0:3f:4d:d2:d8:37:ac:4f:cf:f9:
19:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5C:7C:F1:58:7F:C6:03:50:97:75:51:1E:70:13:D9:53:FD:A9:98
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/jVx88Vh_xgNQl3VRHnAT2VP9qZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.22.0/24
45.95.232.0/23
89.191.232.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.247.184.0/24
194.28.192.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f4:f4:57:23:5d:1d:f5:b4:1c:ed:34:b1:02:9b:80:0d:48:
30:e6:10:56:2d:1d:d2:f8:bd:9b:e9:01:63:ca:4d:80:1d:a4:
f4:bf:5d:a1:f8:3d:43:3e:af:e6:f9:66:9b:7f:91:48:20:fe:
8c:8b:d6:68:92:31:ff:7d:37:c4:24:88:cc:fa:06:26:d4:d9:
56:f0:36:9e:07:b0:d2:e6:aa:0c:7f:5e:00:3d:4e:03:77:b1:
e8:14:fb:53:07:55:6a:58:5a:c2:cd:07:20:35:6f:14:fd:7f:
01:42:b5:f9:b7:17:2f:7e:33:08:19:02:53:5f:ca:b5:13:f2:
17:bf:06:84:49:32:5b:b8:c4:42:0b:b0:8f:27:67:71:e3:a4:
93:80:22:10:0a:1a:cd:5c:ac:85:ee:9c:13:ab:72:36:f3:04:
64:13:f9:96:0e:4c:34:75:a9:2e:3b:f1:eb:f9:0b:7a:a8:a0:
db:38:9a:c0:1b:ce:7b:bf:59:cf:f1:d7:6a:c0:31:46:0b:ff:
7c:c0:f6:e4:96:62:14:bd:e6:c9:a2:a5:e7:43:5e:b5:71:d6:
d2:8f:d5:a3:54:0b:76:82:5f:3b:ee:b9:54:fe:e0:f6:b5:a4:
cd:10:a5:59:85:17:69:7a:a0:a7:40:05:eb:d5:70:7e:5b:2b:
15:c4:b7:42
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZKKlePjFpC1Xz2GelvHzvCTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQxMDE0MTAzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDVjN2NmMTU4N2ZjNjAzNTA5Nzc1NTExZTcwMTNkOTUzZmRhOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMFsZHe2h9FNtJSA/DlkLQwDFiJo
yVRhNHH66Ti9aCjHQxLQpXM5Gx+rfof46isTKDEp4XMUMmQiFMjVhoDLXJU/INDx
7LthguacWfPyIIwbKJs9y5kZki/HnsdXlec6HogizCHxDT8WqAq2L+IBBkSHAMch
mRomhKGDX8FzJ8UapGI37DGO3xWFJb97onSPyIopL7IdSCZPHm/CiAeUJbaNcus7
e4qwkGHGAjsYg7VpFTurfeehgfeNkY8cR2C7HA5APR3kqOtZpVAyAHVhAVUCtrgf
ptdsIQVxhC10CA2qZIveHTMsptYhyAJHWnG/GUsoU9A/TdLYN6xPz/kZwwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFI1cfPFYf8YDUJd1UR5wE9lT/amYMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvalZ4ODhWaF94Z05RbDNWUkhuQVQyVlA5cVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAH4EWAwQB
LV/oAwQAWb/oAwQAXHZwMAwDBACNYukDBACNYuoDBAC597gDBADCHMAwDQYJKoZI
hvcNAQELBQADggEBABL09FcjXR31tBztNLECm4ANSDDmEFYtHdL4vZvpAWPKTYAd
pPS/XaH4PUM+r+b5Zpt/kUgg/oyL1miSMf99N8QkiMz6BibU2VbwNp4HsNLmqgx/
XgA9TgN3segU+1MHVWpYWsLNByA1bxT9fwFCtfm3Fy9+MwgZAlNfyrUT8he/BoRJ
Mlu4xEILsI8nZ3HjpJOAIhAKGs1crIXunBOrcjbzBGQT+ZYOTDR1qS478ev5C3qo
oNs4msAbznu/Wc/x12rAMUYL/3zA9uSWYhS95smipedDXrVx1tKP1aNUC3aCXzvu
uVT+4Pa1pM0QpVmFF2l6oKdABevVcH5bKxXEt0I=
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:23:57 2024 by rpki-client on console-ams.rpki-client.org