Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/iTtppub2BGjGkYUOKBKxFbjoOJI.roa
File: iTtppub2BGjGkYUOKBKxFbjoOJI.roa (raw, json)
Hash identifier: Wkp38yNxttxFKpUI3uElseZz9KhZp6LolNTy0EW6Hxc=
Subject key identifier: 89:3B:69:A6:E6:F6:04:68:C6:91:85:0E:28:12:B1:15:B8:E8:38:92
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018987C7CAFBBCF56882CE1878CD7E140F90
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/iTtppub2BGjGkYUOKBKxFbjoOJI.roa
Signing time: Mon 24 Jul 2023 12:02:45 +0000
ROA not before: Mon 24 Jul 2023 12:02:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30282
IP address blocks: 77.242.204.0/22 maxlen: 22
31.186.224.0/24 maxlen: 24
31.186.230.0/24 maxlen: 24
31.186.240.0/23 maxlen: 23
31.186.246.0/23 maxlen: 23
31.186.242.0/23 maxlen: 23
31.186.252.0/22 maxlen: 22
95.172.78.0/23 maxlen: 23
95.172.90.0/23 maxlen: 23
95.172.88.0/23 maxlen: 23
2a02:b50:4000::/34 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:87:c7:ca:fb:bc:f5:68:82:ce:18:78:cd:7e:14:0f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jul 24 12:02:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=893b69a6e6f60468c691850e2812b115b8e83892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c8:61:cd:2c:70:2c:23:eb:a3:e8:21:4f:da:
a1:14:59:f2:1b:91:3b:f3:00:0c:ed:0d:f0:fd:43:
dd:1a:30:4b:b6:cc:31:1c:5a:68:d6:5a:bf:8a:df:
d9:c0:96:3c:66:95:d1:c2:ef:93:e3:4f:1f:d8:10:
e7:a3:01:54:14:a9:3d:5a:f8:a3:f7:a7:bf:85:48:
9f:9c:c7:0d:2c:1c:65:55:8d:d5:a0:54:b4:43:02:
2f:d6:42:6e:5b:19:45:82:24:b0:5f:d8:01:2d:8b:
17:be:97:cc:7a:d4:c0:50:c0:4c:8c:b1:2c:a1:02:
89:f2:13:ad:20:17:ea:61:52:03:b4:a6:43:bd:8a:
98:a9:7f:eb:4f:5b:5b:54:38:73:f0:0d:c4:ca:f8:
74:f1:b4:5b:99:84:b6:b3:7b:4f:14:00:9f:09:48:
0d:09:b0:28:d2:3c:94:f7:63:71:3d:cd:20:5d:5f:
ac:45:37:9b:6f:2e:a3:7b:ad:63:81:14:7c:36:16:
11:dd:2a:90:74:0a:c4:19:fa:8f:2b:59:7b:19:47:
98:d5:00:4a:d9:9b:ac:65:87:3d:29:33:80:4c:9f:
09:6b:3c:67:63:83:85:d7:59:62:aa:af:a3:9c:47:
28:c4:7d:c5:a2:01:27:2e:94:8c:f9:0e:f8:da:ba:
8e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3B:69:A6:E6:F6:04:68:C6:91:85:0E:28:12:B1:15:B8:E8:38:92
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/iTtppub2BGjGkYUOKBKxFbjoOJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.224.0/24
31.186.230.0/24
31.186.240.0/22
31.186.246.0/23
31.186.252.0/22
77.242.204.0/22
95.172.78.0/23
95.172.88.0/22
IPv6:
2a02:b50:4000::/34
Signature Algorithm: sha256WithRSAEncryption
c8:d0:bc:64:17:e9:df:f1:38:eb:6e:df:c7:cf:a2:9d:b9:75:
50:7c:3d:7e:1e:36:74:e6:96:db:a1:74:37:a2:4c:57:fa:ac:
32:7a:3d:16:bc:2a:7f:37:32:66:f0:f4:7b:5e:18:a6:b8:00:
48:08:6d:a2:9f:4c:52:77:50:75:e4:ec:31:5b:fe:32:a4:58:
7e:78:b1:3e:b6:52:d8:36:7c:4e:cf:bb:83:f2:25:3b:26:6d:
d8:15:84:9b:6e:5b:24:a7:89:8d:12:d7:23:53:89:8e:e0:24:
b4:ac:10:39:c7:8b:19:28:5f:5e:21:48:71:69:c2:75:fd:8d:
79:bc:9f:87:59:ec:23:a0:61:18:54:f5:4e:cb:46:e5:0a:65:
43:6a:94:63:c3:da:7c:fb:08:fd:35:8b:74:e8:c3:57:69:94:
e3:a6:22:f3:80:4a:70:a0:04:08:dc:ca:95:f6:73:64:dc:44:
1a:57:a7:98:4d:7f:89:52:0f:20:70:43:48:99:75:b4:39:a1:
1d:44:03:20:a3:b6:c0:4f:f2:28:d1:a2:4a:46:f4:6e:ce:c3:
f4:f2:97:b3:85:ed:6c:aa:3e:64:2a:e2:63:5a:3f:26:06:68:
64:39:04:bd:c2:b5:64:1e:28:10:34:68:07:0d:c9:8e:7f:8f:
9f:1e:78:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYmHx8r7vPVogs4YeM1+FA+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjMwNzI0MTIwMjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNiNjlhNmU2ZjYwNDY4YzY5MTg1MGUyODEyYjExNWI4ZTgzODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8hhzSxwLCPro+ghT9qhFFnyG5E7
8wAM7Q3w/UPdGjBLtswxHFpo1lq/it/ZwJY8ZpXRwu+T408f2BDnowFUFKk9Wvij
96e/hUifnMcNLBxlVY3VoFS0QwIv1kJuWxlFgiSwX9gBLYsXvpfMetTAUMBMjLEs
oQKJ8hOtIBfqYVIDtKZDvYqYqX/rT1tbVDhz8A3Eyvh08bRbmYS2s3tPFACfCUgN
CbAo0jyU92NxPc0gXV+sRTebby6je61jgRR8NhYR3SqQdArEGfqPK1l7GUeY1QBK
2ZusZYc9KTOATJ8JazxnY4OF11liqq+jnEcoxH3FogEnLpSM+Q742rqOCQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIk7aabm9gRoxpGFDigSsRW46DiSMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvaVR0cHB1YjJCR2pHa1lVT0tCS3hGYmpvT0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA2BAIAATAwAwQAH7rgAwQA
H7rmAwQCH7rwAwQBH7r2AwQCH7r8AwQCTfLMAwQBX6xOAwQCX6xYMA4EAgACMAgD
BgYqAgtQQDANBgkqhkiG9w0BAQsFAAOCAQEAyNC8ZBfp3/E4627fx8+inbl1UHw9
fh42dOaW26F0N6JMV/qsMno9FrwqfzcyZvD0e14YprgASAhtop9MUndQdeTsMVv+
MqRYfnixPrZS2DZ8Ts+7g/IlOyZt2BWEm25bJKeJjRLXI1OJjuAktKwQOceLGShf
XiFIcWnCdf2Nebyfh1nsI6BhGFT1TstG5QplQ2qUY8PafPsI/TWLdOjDV2mU46Yi
84BKcKAECNzKlfZzZNxEGlenmE1/iVIPIHBDSJl1tDmhHUQDIKO2wE/yKNGiSkb0
bs7D9PKXs4XtbKo+ZCriY1o/JgZoZDkEvcK1ZB4oEDRoBw3Jjn+Pnx54Tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org