Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/tDF8r5SXKWxn9xWfZ3ByQxpC2PU.roa
File: tDF8r5SXKWxn9xWfZ3ByQxpC2PU.roa (raw, json)
Hash identifier: So8OUMkkWTvyApCrJRS0HFgL7p31yXzDhJ9NHqRAiWI=
Subject key identifier: B4:31:7C:AF:94:97:29:6C:67:F7:15:9F:67:70:72:43:1A:42:D8:F5
Certificate issuer: /CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Certificate serial: 018ACE71C5D4B671DADED839D510F188A107
Authority key identifier: 9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/tDF8r5SXKWxn9xWfZ3ByQxpC2PU.roa
Signing time: Mon 25 Sep 2023 22:24:37 +0000
ROA not before: Mon 25 Sep 2023 22:24:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206075
IP address blocks: 31.41.249.0/24 maxlen: 24
193.36.132.0/24 maxlen: 24
185.153.55.0/24 maxlen: 24
91.218.20.0/24 maxlen: 24
188.239.191.0/24 maxlen: 24
2a07:e040::/32 maxlen: 32
2a07:e041::/32 maxlen: 32
2a07:e042::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:71:c5:d4:b6:71:da:de:d8:39:d5:10:f1:88:a1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c28a6ed0f5cfce772d5ce5b03bb42932c8a64d0
Validity
Not Before: Sep 25 22:24:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4317caf9497296c67f7159f677072431a42d8f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:2c:63:4b:3e:b1:ca:c4:1a:b9:d2:18:b1:
cd:92:99:81:0d:f8:ef:d7:27:c7:7e:26:39:6a:02:
d0:49:35:4a:6f:38:99:30:8f:7f:fa:89:a6:dd:81:
3a:8c:0b:dc:92:16:f6:ab:20:4d:78:a1:ac:71:40:
fb:be:56:ab:be:d3:6b:50:80:d6:fd:19:15:98:57:
87:26:72:f6:02:9a:0c:84:7e:41:83:75:5d:17:9c:
e8:ca:9d:c9:1c:f2:ac:17:26:bf:1c:d2:b6:a2:68:
65:46:2f:01:20:63:97:f6:c4:bb:36:f2:54:20:12:
6e:c9:57:76:e1:5d:82:b7:d7:b1:a5:af:da:05:3a:
24:2b:70:01:55:49:04:aa:01:18:44:19:e4:58:78:
24:6c:32:94:ff:ff:85:99:71:8c:bb:c8:96:0b:af:
f2:b1:7d:9d:30:83:bd:6c:27:30:fe:22:8b:c2:7d:
65:d3:f0:e9:d6:37:d9:66:17:8b:4c:2d:7e:50:6e:
ec:18:7f:c7:78:ef:8d:79:e2:d9:0b:93:25:db:f2:
31:75:ef:41:db:1c:ce:9e:f8:d4:5b:d5:92:c5:76:
ef:00:07:b0:ee:2e:f9:1e:2a:06:61:5c:3b:c3:66:
e5:01:28:27:e6:28:38:24:9c:44:b2:f5:3f:a5:e2:
0b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:31:7C:AF:94:97:29:6C:67:F7:15:9F:67:70:72:43:1A:42:D8:F5
X509v3 Authority Key Identifier:
keyid:9C:28:A6:ED:0F:5C:FC:E7:72:D5:CE:5B:03:BB:42:93:2C:8A:64:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCim7Q9c_Ody1c5bA7tCkyyKZNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/tDF8r5SXKWxn9xWfZ3ByQxpC2PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/73e52f-42e3-4a31-9736-a6b7600871a6/1/nCim7Q9c_Ody1c5bA7tCkyyKZNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.249.0/24
91.218.20.0/24
185.153.55.0/24
188.239.191.0/24
193.36.132.0/24
IPv6:
2a07:e040::-2a07:e042:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
24:35:bd:2a:6c:4b:09:84:24:52:72:e2:23:b0:03:2f:a7:9b:
15:48:4b:a5:08:2d:2d:ca:c3:f1:1b:20:dd:a0:f6:51:05:81:
a7:59:ad:21:6c:22:75:58:ae:79:8b:4c:ea:9b:14:b8:b2:a4:
8d:f5:70:20:94:3f:24:f2:c0:9a:da:ac:67:3a:24:a3:1a:2d:
fc:a3:b8:e9:4d:9a:22:13:d6:ba:93:b5:e0:8d:26:34:09:30:
8a:85:9c:70:a0:f7:ca:62:83:10:47:4e:9d:67:c4:00:bd:d6:
8a:2c:43:c3:11:d6:96:22:6f:06:a1:81:93:ed:12:73:dc:09:
a2:ad:37:61:cc:c3:98:98:43:67:ed:bc:35:18:35:91:92:c5:
fd:d0:f6:40:c3:f3:38:6e:73:ad:e8:df:05:2d:1c:48:3e:83:
c2:bd:26:d1:96:78:24:79:e1:f2:5b:df:05:de:b6:0e:26:48:
1d:e3:f2:f0:d9:8c:68:5e:e3:4b:5e:de:42:1c:33:5e:6a:a4:
a0:a5:eb:69:60:1f:61:af:4f:92:3d:76:88:6d:f3:6a:e2:32:
67:1a:07:93:e2:c4:7c:11:98:89:07:eb:9d:29:7d:01:e6:ff:
8d:3c:20:b8:c0:98:12:b0:7a:b9:28:e5:fd:1a:c2:e7:96:70:
51:42:4c:35
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrOccXUtnHa3tg51RDxiKEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjhhNmVkMGY1Y2ZjZTc3MmQ1Y2U1YjAzYmI0MjkzMmM4
YTY0ZDAwHhcNMjMwOTI1MjIyNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMxN2NhZjk0OTcyOTZjNjdmNzE1OWY2NzcwNzI0MzFhNDJkOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdgsY0s+scrEGrnSGLHNkpmBDfjv
1yfHfiY5agLQSTVKbziZMI9/+omm3YE6jAvckhb2qyBNeKGscUD7vlarvtNrUIDW
/RkVmFeHJnL2ApoMhH5Bg3VdF5zoyp3JHPKsFya/HNK2omhlRi8BIGOX9sS7NvJU
IBJuyVd24V2Ct9expa/aBTokK3ABVUkEqgEYRBnkWHgkbDKU//+FmXGMu8iWC6/y
sX2dMIO9bCcw/iKLwn1l0/Dp1jfZZheLTC1+UG7sGH/HeO+NeeLZC5Ml2/Ixde9B
2xzOnvjUW9WSxXbvAAew7i75HioGYVw7w2blASgn5ig4JJxEsvU/peILBwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLQxfK+UlylsZ/cVn2dwckMaQtj1MB8GA1UdIwQY
MBaAFJwopu0PXPznctXOWwO7QpMsimTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYt
YTZiNzYwMDg3MWE2LzEvdERGOHI1U1hLV3huOXhXZlozQnlReHBDMlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83M2U1MmYtNDJlMy00YTMxLTk3MzYtYTZiNzYwMDg3MWE2
LzEvbkNpbTdROWNfT2R5MWM1YkE3dENreXlLWk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQAHyn5AwQA
W9oUAwQAuZk3AwQAvO+/AwQAwSSEMBYEAgACMBAwDgMFBioH4EADBQAqB+BCMA0G
CSqGSIb3DQEBCwUAA4IBAQAkNb0qbEsJhCRScuIjsAMvp5sVSEulCC0tysPxGyDd
oPZRBYGnWa0hbCJ1WK55i0zqmxS4sqSN9XAglD8k8sCa2qxnOiSjGi38o7jpTZoi
E9a6k7XgjSY0CTCKhZxwoPfKYoMQR06dZ8QAvdaKLEPDEdaWIm8GoYGT7RJz3Ami
rTdhzMOYmENn7bw1GDWRksX90PZAw/M4bnOt6N8FLRxIPoPCvSbRlngkeeHyW98F
3rYOJkgd4/Lw2YxoXuNLXt5CHDNeaqSgpetpYB9hr0+SPXaIbfNq4jJnGgeT4sR8
EZiJB+udKX0B5v+NPCC4wJgSsHq5KOX9GsLnlnBRQkw1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:33 2024 by rpki-client on console-fra.rpki-client.org