Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/xmAotTyQBXD_jil1XiBWVc3oGjk.roa
File: xmAotTyQBXD_jil1XiBWVc3oGjk.roa (raw, json)
Hash identifier: +AFf6fUGkDEpJKNGYlAP9DqgAhx3aCkAS4YPZRMecFU=
Subject key identifier: C6:60:28:B5:3C:90:05:70:FF:8E:29:75:5E:20:56:55:CD:E8:1A:39
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 018D3F947A6E15B7A08819680D537BF7A126
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/xmAotTyQBXD_jil1XiBWVc3oGjk.roa
Signing time: Thu 25 Jan 2024 07:45:11 +0000
ROA not before: Thu 25 Jan 2024 07:45:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 31.207.8.0/21 maxlen: 24
31.207.16.0/20 maxlen: 24
37.251.176.0/20 maxlen: 24
37.251.200.0/21 maxlen: 24
37.251.240.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
46.102.148.0/22 maxlen: 24
46.231.104.0/21 maxlen: 24
62.122.40.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
93.95.248.0/21 maxlen: 24
94.24.64.0/21 maxlen: 24
109.94.144.0/20 maxlen: 24
141.136.16.0/20 maxlen: 24
144.178.64.0/19 maxlen: 24
144.178.96.0/21 maxlen: 24
144.178.108.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
144.178.120.0/21 maxlen: 24
144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
144.178.240.0/21 maxlen: 24
144.178.248.0/22 maxlen: 24
151.236.144.0/20 maxlen: 24
161.51.64.0/19 maxlen: 24
185.184.204.0/22 maxlen: 24
188.214.40.0/21 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 Apr 2024 07:57:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:94:7a:6e:15:b7:a0:88:19:68:0d:53:7b:f7:a1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 25 07:45:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c66028b53c900570ff8e29755e205655cde81a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:95:3b:36:b9:93:37:2d:59:0a:fe:50:96:78:
bc:61:0d:9a:4e:2b:f9:a6:bb:7e:0f:9d:69:8e:ea:
98:18:b8:61:9d:10:46:08:1f:77:8e:14:14:f6:9b:
f4:8d:6c:1b:df:45:5b:9f:f9:55:cc:b5:87:79:9f:
22:60:c0:3a:a3:96:b9:1b:29:21:31:82:e0:b0:b8:
41:24:88:69:d3:3a:18:26:ab:e9:9c:96:a9:39:fe:
13:95:a6:af:be:c9:47:ce:28:99:b1:e4:6a:ca:c3:
a0:32:11:a0:1d:91:bf:bb:23:a9:96:8b:ec:00:8f:
0f:9a:8b:c8:20:56:a2:64:28:1b:3b:72:74:e3:f8:
4a:9f:c5:c7:aa:49:60:28:62:e8:3e:98:cc:5d:19:
d7:f3:85:f3:ed:d7:9f:27:83:26:00:2c:5b:0c:be:
69:a1:48:82:63:6c:08:6f:ab:7d:69:03:a5:9f:29:
e4:18:01:f1:1a:3a:ac:b7:99:db:40:e3:db:7e:6c:
0f:ae:56:db:11:c0:d5:52:1a:6d:e2:a9:f8:24:13:
7f:d6:2e:14:c1:6b:51:97:94:da:96:1d:8f:c9:4a:
06:a9:76:d5:30:f9:06:e7:74:09:92:a8:a8:88:f7:
c7:8e:08:04:a6:82:76:8f:8f:bc:9b:d4:70:b6:c8:
17:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:60:28:B5:3C:90:05:70:FF:8E:29:75:5E:20:56:55:CD:E8:1A:39
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/xmAotTyQBXD_jil1XiBWVc3oGjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.8.0-31.207.31.255
37.251.176.0/20
37.251.200.0/21
37.251.240.0/21
45.11.164.0/22
46.102.148.0/22
46.231.104.0/21
62.122.40.0/21
89.20.160.0/19
93.95.248.0/21
94.24.64.0/21
109.94.144.0/20
141.136.16.0/20
144.178.64.0-144.178.103.255
144.178.108.0-144.178.115.255
144.178.120.0/21
144.178.192.0-144.178.251.255
151.236.144.0/20
161.51.64.0/19
185.184.204.0/22
188.214.40.0/21
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
76:62:73:f9:6b:cc:fa:d0:5c:b5:79:07:5b:69:b4:fa:48:96:
e5:aa:3a:8f:ab:62:90:07:19:2c:40:86:70:9e:8f:6a:d6:ff:
05:d6:41:cf:84:0f:93:97:f4:1d:14:36:8d:66:6e:ad:71:9a:
1d:84:24:45:e6:27:cf:06:be:4e:6f:03:40:5c:2e:e2:79:68:
8a:de:b4:19:a9:44:b0:4d:da:e0:99:68:06:92:40:a1:85:98:
a2:40:79:43:e4:17:f8:60:1f:68:87:f4:7e:b4:0b:af:de:de:
16:44:0d:94:43:50:2f:e5:9c:16:3a:2b:ad:2e:dd:6d:48:b0:
7a:e6:4f:13:6e:44:cd:8b:0b:05:42:ad:8a:ab:5e:88:16:1f:
9b:9b:bf:f9:aa:76:cc:99:7a:03:b5:48:53:5a:03:50:01:58:
86:76:c3:ed:f8:7b:ce:06:02:67:10:6a:03:3a:9c:09:48:eb:
f4:6c:a2:5a:8c:87:b0:8a:2e:96:2f:2e:ae:13:e6:c0:ba:9b:
c6:4b:6b:f4:03:f1:f3:31:e5:31:56:55:2b:e3:f0:37:c7:94:
97:65:8e:c4:99:4d:99:b2:72:fc:08:10:44:cf:42:64:9b:01:
10:4f:75:70:b3:eb:2f:8d:4d:fc:f8:c7:e0:32:73:a2:54:9c:
2e:3e:dc:3f
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY0/lHpuFbegiBloDVN796EmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjQwMTI1MDc0NTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjYwMjhiNTNjOTAwNTcwZmY4ZTI5NzU1ZTIwNTY1NWNkZTgxYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZU7NrmTNy1ZCv5Qlni8YQ2aTiv5
prt+D51pjuqYGLhhnRBGCB93jhQU9pv0jWwb30Vbn/lVzLWHeZ8iYMA6o5a5Gykh
MYLgsLhBJIhp0zoYJqvpnJapOf4TlaavvslHziiZseRqysOgMhGgHZG/uyOplovs
AI8PmovIIFaiZCgbO3J04/hKn8XHqklgKGLoPpjMXRnX84Xz7defJ4MmACxbDL5p
oUiCY2wIb6t9aQOlnynkGAHxGjqst5nbQOPbfmwPrlbbEcDVUhpt4qn4JBN/1i4U
wWtRl5Talh2PyUoGqXbVMPkG53QJkqioiPfHjggEpoJ2j4+8m9RwtsgXqQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFMZgKLU8kAVw/44pdV4gVlXN6Bo5MB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEveG1Bb3RUeVFCWERfamlsMVhpQldWYzNvR2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4wDAME
Ax/PCAMEBR/PAAMEBCX7sAMEAyX7yAMEAyX78AMEAi0LpAMEAi5mlAMEAy7naAME
Az56KAMEBVkUoAMEA11f+AMEA14YQAMEBG1ekAMEBI2IEDAMAwQGkLJAAwQDkLJg
MAwDBAKQsmwDBAKQsnADBAOQsngwDAMEBpCywAMEApCy+AMEBJfskAMEBaEzQAME
Arm4zAMEA7zWKDAUBAIAAjAOAwUDKgGbwAMFASoCD+gwDQYJKoZIhvcNAQELBQAD
ggEBAHZic/lrzPrQXLV5B1tptPpIluWqOo+rYpAHGSxAhnCej2rW/wXWQc+ED5OX
9B0UNo1mbq1xmh2EJEXmJ88Gvk5vA0BcLuJ5aIretBmpRLBN2uCZaAaSQKGFmKJA
eUPkF/hgH2iH9H60C6/e3hZEDZRDUC/lnBY6K60u3W1IsHrmTxNuRM2LCwVCrYqr
XogWH5ubv/mqdsyZegO1SFNaA1ABWIZ2w+34e84GAmcQagM6nAlI6/RsolqMh7CK
LpYvLq4T5sC6m8ZLa/QD8fMx5TFWVSvj8DfHlJdljsSZTZmycvwIEETPQmSbARBP
dXCz6y+NTfz4x+Ayc6JUnC4+3D8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:31 2025 by rpki-client