Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/X91FZNI9MvDZvuV_nvJ-1QEgmrg.roa
File: X91FZNI9MvDZvuV_nvJ-1QEgmrg.roa (raw, json)
Hash identifier: u0Z/H0fzd41vcvUXfhXZJ5djILaMgsQ+80JjOpMzB5g=
Subject key identifier: 5F:DD:45:64:D2:3D:32:F0:D9:BE:E5:7F:9E:F2:7E:D5:01:20:9A:B8
Certificate issuer: /CN=e4a9308742e7eb66506219d829d86185899a1e34
Certificate serial: 018A21A2044B0BFFB03B313C003D7E14A712
Authority key identifier: E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/X91FZNI9MvDZvuV_nvJ-1QEgmrg.roa
Signing time: Wed 23 Aug 2023 09:03:00 +0000
ROA not before: Wed 23 Aug 2023 09:03:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211559
IP address blocks: 31.11.48.0/21 maxlen: 21
80.76.166.0/24 maxlen: 24
80.76.165.0/24 maxlen: 24
80.76.167.0/24 maxlen: 24
80.76.168.0/23 maxlen: 23
80.76.166.0/23 maxlen: 23
37.186.60.0/22 maxlen: 22
37.186.60.0/24 maxlen: 24
103.225.73.0/24 maxlen: 24
103.225.72.0/24 maxlen: 24
212.70.104.0/24 maxlen: 24
212.70.105.0/24 maxlen: 24
212.70.101.0/24 maxlen: 24
212.70.100.0/24 maxlen: 24
212.70.103.0/24 maxlen: 24
212.70.102.0/24 maxlen: 24
103.14.208.0/22 maxlen: 22
212.70.123.0/24 maxlen: 24
212.70.120.0/24 maxlen: 24
212.70.124.0/24 maxlen: 24
185.247.88.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:a2:04:4b:0b:ff:b0:3b:31:3c:00:3d:7e:14:a7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a9308742e7eb66506219d829d86185899a1e34
Validity
Not Before: Aug 23 09:03:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fdd4564d23d32f0d9bee57f9ef27ed501209ab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e1:ba:c7:87:38:3e:e7:1f:57:96:94:03:3d:
dc:43:b1:69:bf:1e:1c:a9:cd:99:62:9b:c4:67:ed:
79:42:3d:5a:bb:0d:9d:c3:0b:45:84:20:ea:41:76:
53:4a:6f:05:6e:88:db:6c:6c:4e:5b:7a:2b:d3:3b:
89:a9:fc:82:16:c2:49:25:f1:bf:9e:0f:1d:5b:8c:
68:b4:bf:05:40:a7:5e:8e:3c:1e:06:23:a2:01:bf:
be:16:78:8d:d8:e1:63:04:76:ec:1a:4d:4f:35:46:
51:ce:6c:96:c6:57:31:bb:c2:68:d5:e5:44:20:fe:
d6:bc:54:ca:58:90:f4:6a:11:1d:ee:42:ab:a6:34:
2d:ca:71:39:30:96:b9:be:9c:35:2d:13:e6:bf:dc:
92:f1:58:23:b6:1f:ac:37:fd:74:6e:7e:b3:99:bf:
ac:26:ad:eb:69:21:bb:4d:d1:e1:ba:6d:c6:63:0a:
36:49:6b:4b:42:59:aa:9b:d9:6d:a2:cb:b8:e1:81:
a6:48:3d:1a:19:1c:20:69:ad:c2:0e:2c:a6:de:04:
8c:25:17:0e:36:26:4b:28:b7:22:e3:42:1a:08:0d:
51:de:0c:62:4e:36:fc:fa:63:af:5e:77:96:a4:25:
eb:81:fa:f7:11:8c:a2:97:14:7c:18:fd:93:be:02:
ab:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DD:45:64:D2:3D:32:F0:D9:BE:E5:7F:9E:F2:7E:D5:01:20:9A:B8
X509v3 Authority Key Identifier:
keyid:E4:A9:30:87:42:E7:EB:66:50:62:19:D8:29:D8:61:85:89:9A:1E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/X91FZNI9MvDZvuV_nvJ-1QEgmrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/1c9dbb-052c-4eea-ade6-ec5b88d0138a/1/5Kkwh0Ln62ZQYhnYKdhhhYmaHjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.48.0/21
37.186.60.0/22
80.76.165.0-80.76.169.255
103.14.208.0/22
103.225.72.0/23
185.247.88.0/22
212.70.100.0-212.70.105.255
212.70.120.0/24
212.70.123.0-212.70.124.255
Signature Algorithm: sha256WithRSAEncryption
8e:10:88:27:28:79:43:45:0d:b1:7d:a8:db:a4:67:73:d2:70:
91:73:58:7c:c0:e9:d8:1b:0b:75:4c:fa:8d:f5:c6:64:ec:0b:
4c:34:fa:9a:b6:cb:e8:f9:83:2f:6b:7a:b8:3e:96:e4:92:dd:
70:56:61:30:9a:e1:cb:9d:0b:72:b4:12:7c:8e:e2:3e:34:1a:
f2:fb:06:04:e5:23:6e:99:6a:ff:4a:ac:35:6f:1b:77:dc:38:
86:54:4e:8a:8a:6f:09:9a:18:f0:55:da:15:4e:ae:16:f9:53:
d1:08:f1:0a:34:c6:a9:a7:03:f1:28:29:31:f7:61:d0:5b:32:
42:6f:d6:42:9c:16:ad:ab:5c:65:23:ff:74:2b:9f:1f:0b:6e:
83:56:fa:09:a8:14:1f:81:61:1f:70:3a:7d:06:4b:0a:af:77:
b6:9d:46:c2:97:91:99:83:32:c9:55:1a:b6:42:fe:91:a8:2c:
ea:e3:5a:e8:36:8a:b7:b4:99:ac:3e:a9:e3:1d:d9:fd:c8:f3:
b8:40:af:02:ea:c4:88:fa:1f:d5:ed:90:c6:2c:1d:9d:e5:4b:
90:fb:d6:65:54:f3:04:2d:9c:6c:cc:d9:94:1d:03:2e:d6:2f:
94:67:0f:6e:d1:2c:4a:8a:57:02:ae:1d:a4:0d:db:79:b7:39:
fc:61:91:ff
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYohogRLC/+wOzE8AD1+FKcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTkzMDg3NDJlN2ViNjY1MDYyMTlkODI5ZDg2MTg1ODk5
YTFlMzQwHhcNMjMwODIzMDkwMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRkNDU2NGQyM2QzMmYwZDliZWU1N2Y5ZWYyN2VkNTAxMjA5YWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOG6x4c4PucfV5aUAz3cQ7Fpvx4c
qc2ZYpvEZ+15Qj1auw2dwwtFhCDqQXZTSm8FbojbbGxOW3or0zuJqfyCFsJJJfG/
ng8dW4xotL8FQKdejjweBiOiAb++FniN2OFjBHbsGk1PNUZRzmyWxlcxu8Jo1eVE
IP7WvFTKWJD0ahEd7kKrpjQtynE5MJa5vpw1LRPmv9yS8Vgjth+sN/10bn6zmb+s
Jq3raSG7TdHhum3GYwo2SWtLQlmqm9ltosu44YGmSD0aGRwgaa3CDiym3gSMJRcO
NiZLKLci40IaCA1R3gxiTjb8+mOvXneWpCXrgfr3EYyilxR8GP2TvgKr4wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFF/dRWTSPTLw2b7lf57yftUBIJq4MB8GA1UdIwQY
MBaAFOSpMIdC5+tmUGIZ2CnYYYWJmh40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYt
ZWM1Yjg4ZDAxMzhhLzEvWDkxRlpOSTlNdkRadnVWX252Si0xUUVnbXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8xYzlkYmItMDUyYy00ZWVhLWFkZTYtZWM1Yjg4ZDAxMzhh
LzEvNUtrd2gwTG42MlpRWWhuWUtkaGhoWW1hSGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQDHwswAwQC
Jbo8MAwDBABQTKUDBAFQTKgDBAJnDtADBAFn4UgDBAK591gwDAMEAtRGZAMEAdRG
aAMEANRGeDAMAwQA1EZ7AwQA1EZ8MA0GCSqGSIb3DQEBCwUAA4IBAQCOEIgnKHlD
RQ2xfajbpGdz0nCRc1h8wOnYGwt1TPqN9cZk7AtMNPqatsvo+YMva3q4Ppbkkt1w
VmEwmuHLnQtytBJ8juI+NBry+wYE5SNumWr/Sqw1bxt33DiGVE6Kim8JmhjwVdoV
Tq4W+VPRCPEKNMappwPxKCkx92HQWzJCb9ZCnBatq1xlI/90K58fC26DVvoJqBQf
gWEfcDp9BksKr3e2nUbCl5GZgzLJVRq2Qv6RqCzq41roNoq3tJmsPqnjHdn9yPO4
QK8C6sSI+h/V7ZDGLB2d5UuQ+9ZlVPMELZxszNmUHQMu1i+UZw9u0SxKilcCrh2k
Ddt5tzn8YZH/
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:26 2024 by rpki-client on console-ams.rpki-client.org