Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/PU7yIvZMwpcHiBDhlr4uaD8qqKs.roa
File: PU7yIvZMwpcHiBDhlr4uaD8qqKs.roa (raw, json)
Hash identifier: 6BI7dVifOALrbLRf/YnD35QBJ0K4GjI+7WeymaXiIgY=
Subject key identifier: 3D:4E:F2:22:F6:4C:C2:97:07:88:10:E1:96:BE:2E:68:3F:2A:A8:AB
Certificate issuer: /CN=e4a9308742e7eb66506219d829d86185899a1e34
Certificate serial: 018DCA5A6D57C00B249A3A4D1858E999912E
Authority key identifier: E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/PU7yIvZMwpcHiBDhlr4uaD8qqKs.roa
Signing time: Wed 21 Feb 2024 06:29:00 +0000
ROA not before: Wed 21 Feb 2024 06:29:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211559
IP address blocks: 31.11.48.0/21 maxlen: 21
37.186.60.0/22 maxlen: 22
37.186.60.0/24 maxlen: 24
80.76.165.0/24 maxlen: 24
80.76.166.0/23 maxlen: 23
80.76.166.0/24 maxlen: 24
80.76.167.0/24 maxlen: 24
80.76.168.0/23 maxlen: 23
103.14.208.0/22 maxlen: 22
103.14.211.0/24 maxlen: 24
103.225.72.0/24 maxlen: 24
103.225.73.0/24 maxlen: 24
103.225.74.0/24 maxlen: 24
185.247.88.0/22 maxlen: 22
212.70.100.0/24 maxlen: 24
212.70.101.0/24 maxlen: 24
212.70.102.0/24 maxlen: 24
212.70.103.0/24 maxlen: 24
212.70.104.0/24 maxlen: 24
212.70.105.0/24 maxlen: 24
212.70.120.0/24 maxlen: 24
212.70.123.0/24 maxlen: 24
212.70.124.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Feb 2024 08:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:5a:6d:57:c0:0b:24:9a:3a:4d:18:58:e9:99:91:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9308742e7eb66506219d829d86185899a1e34
Validity
Not Before: Feb 21 06:29:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d4ef222f64cc297078810e196be2e683f2aa8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dd:46:60:e9:d2:b9:1a:2e:5d:97:e0:97:c1:
64:38:3c:ed:72:49:50:34:da:f5:80:f9:37:16:55:
1f:ab:2a:2b:90:d5:69:2b:09:24:63:42:70:4a:84:
1b:19:fb:6a:70:10:eb:bf:ac:d4:3e:5d:ac:2c:cf:
10:13:54:eb:d4:05:bc:29:1e:24:12:67:ef:ac:73:
e0:f0:21:0e:d2:36:cb:41:d2:d7:26:64:dc:30:d5:
3b:e1:d0:42:20:58:68:4f:10:56:40:6d:05:4d:26:
5d:75:4c:2f:39:a1:9e:1a:61:c1:f6:75:1e:a2:1f:
48:d7:da:f0:92:81:4e:61:98:8c:86:f3:5d:06:36:
63:e6:5f:41:00:eb:eb:3e:21:6e:77:2e:ce:97:d9:
8e:f2:70:d5:64:3c:7e:9c:79:b3:b7:e2:0d:f1:2f:
d7:d0:89:77:6b:10:07:99:84:64:56:47:0c:10:3e:
dc:b2:6a:69:f2:df:69:a5:3c:6a:c5:ab:9c:7f:f0:
4f:c8:93:93:81:48:3d:e2:fb:93:22:d1:53:ee:6b:
db:f9:c5:a2:7c:5f:b1:e2:bf:65:2b:72:56:97:f3:
1d:07:69:6c:80:3e:c8:30:b0:9a:38:33:56:0c:9b:
5d:1a:1c:83:16:00:a5:2f:98:67:7f:25:24:05:ed:
dc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4E:F2:22:F6:4C:C2:97:07:88:10:E1:96:BE:2E:68:3F:2A:A8:AB
X509v3 Authority Key Identifier:
keyid:E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/PU7yIvZMwpcHiBDhlr4uaD8qqKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.48.0/21
37.186.60.0/22
80.76.165.0-80.76.169.255
103.14.208.0/22
103.225.72.0-103.225.74.255
185.247.88.0/22
212.70.100.0-212.70.105.255
212.70.120.0/24
212.70.123.0-212.70.124.255
Signature Algorithm: sha256WithRSAEncryption
35:b1:29:33:8b:33:c3:73:bf:2c:db:65:70:56:8e:b9:09:0b:
14:69:29:e6:c5:23:e9:be:b1:9b:cd:b3:9b:cd:62:a2:51:d9:
da:05:14:9e:14:05:3e:91:b1:45:92:94:b9:00:06:79:77:f0:
fe:06:5f:d0:f8:ad:38:06:e7:91:4e:63:87:72:b9:34:a8:9d:
72:99:e7:83:26:c2:64:c0:14:32:84:b9:8c:90:91:16:11:0e:
59:d9:eb:57:b7:e6:eb:e9:db:ff:68:09:91:ee:88:ff:99:ca:
6f:71:b2:c4:04:e3:7d:a4:15:61:f0:e7:ab:cc:15:93:76:f9:
e6:e0:3f:c6:83:f1:62:9f:25:1d:61:b9:2d:79:7f:f9:98:f6:
ff:80:e7:2d:b0:82:20:97:75:62:b8:fa:13:e4:60:87:98:1b:
13:93:0f:10:bc:c7:1a:94:dd:ab:a2:b0:ab:08:c5:6b:ee:60:
a8:b2:ed:10:b0:3c:a9:b9:75:38:c0:27:c1:01:e7:2a:7c:76:
41:9c:32:25:89:bb:46:7c:9b:ca:4f:fc:81:f1:e7:a8:cc:18:
c1:86:41:77:b9:fe:f5:9c:29:a0:60:98:90:5a:8a:cc:1e:e6:
04:12:66:1b:dc:66:c6:e6:f4:01:92:21:85:5a:2e:5e:9e:27:
ec:92:f8:c7
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY3KWm1XwAskmjpNGFjpmZEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTkzMDg3NDJlN2ViNjY1MDYyMTlkODI5ZDg2MTg1ODk5
YTFlMzQwHhcNMjQwMjIxMDYyOTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRlZjIyMmY2NGNjMjk3MDc4ODEwZTE5NmJlMmU2ODNmMmFhOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd1GYOnSuRouXZfgl8FkODztcklQ
NNr1gPk3FlUfqyorkNVpKwkkY0JwSoQbGftqcBDrv6zUPl2sLM8QE1Tr1AW8KR4k
EmfvrHPg8CEO0jbLQdLXJmTcMNU74dBCIFhoTxBWQG0FTSZddUwvOaGeGmHB9nUe
oh9I19rwkoFOYZiMhvNdBjZj5l9BAOvrPiFudy7Ol9mO8nDVZDx+nHmzt+IN8S/X
0Il3axAHmYRkVkcMED7csmpp8t9ppTxqxaucf/BPyJOTgUg94vuTItFT7mvb+cWi
fF+x4r9lK3JWl/MdB2lsgD7IMLCaODNWDJtdGhyDFgClL5hnfyUkBe3c8wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFD1O8iL2TMKXB4gQ4Za+Lmg/KqirMB8GA1UdIwQY
MBaAFOSpMIdC5+tmUGIZ2CnYYYWJmh40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYt
ZWM1Yjg4ZDAxMzhhLzEvUFU3eUl2Wk13cGNIaUJEaGxyNHVhRDhxcUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYtZWM1Yjg4ZDAxMzhh
LzEvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQDHwswAwQC
Jbo8MAwDBABQTKUDBAFQTKgDBAJnDtAwDAMEA2fhSAMEAGfhSgMEArn3WDAMAwQC
1EZkAwQB1EZoAwQA1EZ4MAwDBADURnsDBADURnwwDQYJKoZIhvcNAQELBQADggEB
ADWxKTOLM8NzvyzbZXBWjrkJCxRpKebFI+m+sZvNs5vNYqJR2doFFJ4UBT6RsUWS
lLkABnl38P4GX9D4rTgG55FOY4dyuTSonXKZ54MmwmTAFDKEuYyQkRYRDlnZ61e3
5uvp2/9oCZHuiP+Zym9xssQE432kFWHw56vMFZN2+ebgP8aD8WKfJR1huS15f/mY
9v+A5y2wgiCXdWK4+hPkYIeYGxOTDxC8xxqU3auisKsIxWvuYKiy7RCwPKm5dTjA
J8EB5yp8dkGcMiWJu0Z8m8pP/IHx56jMGMGGQXe5/vWcKaBgmJBaiswe5gQSZhvc
Zsbm9AGSIYVaLl6eJ+yS+Mc=
Generated at Sun Feb 25 08:59:29 2024 by rpki-client on console-fra.rpki-client.org