Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nQiVPipLPVcBJiErNTmG_SR0GvI.roa
File: nQiVPipLPVcBJiErNTmG_SR0GvI.roa (raw, json)
Hash identifier: vCPqqLgKyYtAPvC1v9AYLIaYBWbCQXLBIGN9n4bo/HM=
Subject key identifier: 9D:08:95:3E:2A:4B:3D:57:01:26:21:2B:35:39:86:FD:24:74:1A:F2
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018F711473673AD388DA029EDC82D4B18C03
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nQiVPipLPVcBJiErNTmG_SR0GvI.roa
Signing time: Mon 13 May 2024 08:31:56 +0000
ROA not before: Mon 13 May 2024 08:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
94.73.192.0/18 maxlen: 24
109.226.192.0/19 maxlen: 24
109.226.224.0/20 maxlen: 24
109.226.240.0/21 maxlen: 24
109.226.249.0/24 maxlen: 24
109.226.250.0/23 maxlen: 24
109.226.252.0/22 maxlen: 24
171.33.248.0/21 maxlen: 24
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 14 May 2024 04:45:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:14:73:67:3a:d3:88:da:02:9e:dc:82:d4:b1:8c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: May 13 08:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d08953e2a4b3d570126212b353986fd24741af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:a2:82:9b:45:3f:97:b1:8c:d2:c5:ba:68:
d4:31:57:4b:3d:da:fe:46:95:c1:78:7b:5e:9c:e0:
f0:f4:6c:42:0b:33:21:bb:e5:d2:b8:bb:68:4e:30:
6a:4f:07:89:dc:65:97:b7:5e:bb:7e:8e:4d:0c:14:
ca:b0:80:ff:22:f0:ce:6f:6d:14:46:e3:b3:0a:76:
cf:8e:b5:8f:79:83:9b:df:69:8a:d1:24:e9:a2:8c:
45:d9:87:0f:3a:77:15:63:73:9d:0d:85:dd:e6:df:
88:f5:a7:fc:75:57:57:8b:8b:99:db:d5:0e:8a:19:
29:6f:ef:0e:18:0d:19:40:4f:f2:6c:e6:16:7f:fb:
c1:67:23:53:9e:f5:fd:b9:f8:b2:53:6c:f9:e3:40:
dc:5d:19:8d:ad:7e:ac:31:74:1c:d8:0d:26:09:24:
cf:ea:fa:0c:ea:ca:38:6f:1c:69:d4:e8:25:9b:76:
87:c7:5e:bb:be:2c:f7:c1:27:c3:6c:80:89:2a:5f:
2c:31:d3:55:25:48:a3:f1:a5:99:e4:21:ec:a9:76:
71:a2:db:9f:0a:e1:9a:e7:ee:29:0a:52:7a:08:37:
1a:f8:d4:16:a5:54:18:5b:11:4f:78:a9:79:14:37:
45:11:6b:77:fa:bc:47:f2:9e:49:f8:82:64:7a:e5:
18:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:08:95:3E:2A:4B:3D:57:01:26:21:2B:35:39:86:FD:24:74:1A:F2
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/nQiVPipLPVcBJiErNTmG_SR0GvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0-109.226.247.255
109.226.249.0-109.226.255.255
171.33.248.0/21
IPv6:
2a05:7400::/34
Signature Algorithm: sha256WithRSAEncryption
34:d9:58:31:99:01:4f:c4:e1:17:96:02:be:dc:62:e4:31:c0:
0a:8d:9a:e3:1c:15:88:3f:2e:27:0f:4a:92:42:4d:e0:28:f5:
76:1a:0d:69:ce:b4:6d:85:32:5d:d2:ad:4b:27:7d:f2:8a:7c:
90:6b:41:33:3c:b8:5a:25:36:92:23:e9:58:e1:8c:98:44:4f:
19:7b:10:98:78:b6:47:a1:4e:05:76:bf:5d:58:07:58:4f:ca:
18:e5:50:89:41:05:58:6e:43:76:ed:10:67:70:27:f0:f4:13:
1c:d6:d7:87:0d:b3:5d:26:63:aa:48:46:8f:61:13:aa:46:82:
9d:c7:50:4c:2e:fd:f0:81:2d:1f:f2:22:a6:34:c4:4e:ff:b2:
86:37:58:38:94:45:2a:9d:87:6e:3c:f3:2f:1f:08:7a:9a:00:
69:37:96:65:12:e5:1a:f2:97:ab:a6:4c:5b:e8:01:c2:a9:a2:
e0:f0:09:cf:00:01:a9:9f:e8:c6:19:58:26:ab:e2:e0:b9:14:
97:1c:64:ba:3f:17:45:13:32:dc:3e:b4:bc:8e:40:1d:2e:4a:
ad:9c:60:32:b1:a8:fb:4d:a4:e8:e7:cd:0d:a6:0d:00:b3:cf:
46:8f:df:af:07:c3:4e:c3:a7:05:22:b4:5f:eb:2e:56:3a:41:
42:da:07:31
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAY9xFHNnOtOI2gKe3ILUsYwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwNTEzMDgzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDA4OTUzZTJhNGIzZDU3MDEyNjIxMmIzNTM5ODZmZDI0NzQxYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSiigptFP5exjNLFumjUMVdLPdr+
RpXBeHtenODw9GxCCzMhu+XSuLtoTjBqTweJ3GWXt167fo5NDBTKsID/IvDOb20U
RuOzCnbPjrWPeYOb32mK0STpooxF2YcPOncVY3OdDYXd5t+I9af8dVdXi4uZ29UO
ihkpb+8OGA0ZQE/ybOYWf/vBZyNTnvX9ufiyU2z540DcXRmNrX6sMXQc2A0mCSTP
6voM6so4bxxp1Oglm3aHx167viz3wSfDbICJKl8sMdNVJUij8aWZ5CHsqXZxotuf
CuGa5+4pClJ6CDca+NQWpVQYWxFPeKl5FDdFEWt3+rxH8p5J+IJkeuUYfQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJ0IlT4qSz1XASYhKzU5hv0kdBryMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvblFpVlBpcExQVmNCSmlFck5UbUdfU1IwR3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAzBAIAATAtAwQEUEEQAwQG
XknAMAwDBAZt4sADBANt4vAwCwMEAG3i+QMDAG3iAwQDqyH4MA4EAgACMAgDBgYq
BXQAADANBgkqhkiG9w0BAQsFAAOCAQEANNlYMZkBT8ThF5YCvtxi5DHACo2a4xwV
iD8uJw9KkkJN4Cj1dhoNac60bYUyXdKtSyd98op8kGtBMzy4WiU2kiPpWOGMmERP
GXsQmHi2R6FOBXa/XVgHWE/KGOVQiUEFWG5Ddu0QZ3An8PQTHNbXhw2zXSZjqkhG
j2ETqkaCncdQTC798IEtH/IipjTETv+yhjdYOJRFKp2HbjzzLx8IepoAaTeWZRLl
GvKXq6ZMW+gBwqmi4PAJzwABqZ/oxhlYJqvi4LkUlxxkuj8XRRMy3D60vI5AHS5K
rZxgMrGo+02k6OfNDaYNALPPRo/frwfDTsOnBSK0X+suVjpBQtoHMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org