Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/l1ZQ79-zjLbPsTHss45GeRkWdSg.roa
File: l1ZQ79-zjLbPsTHss45GeRkWdSg.roa (raw, json)
Hash identifier: XysL20aXN2JK0lgYHIvsLdekhSc35ygu0aGx7k7RnNg=
Subject key identifier: 97:56:50:EF:DF:B3:8C:B6:CF:B1:31:EC:B3:8E:46:79:19:16:75:28
Certificate issuer: /CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Certificate serial: 018CC7272818BF61A1D9B90124826C876BDC
Authority key identifier: A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/l1ZQ79-zjLbPsTHss45GeRkWdSg.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32708
IP address blocks: 103.91.58.0/24 maxlen: 24
103.91.56.0/24 maxlen: 24
103.91.57.0/24 maxlen: 24
103.91.59.0/24 maxlen: 24
103.108.188.0/24 maxlen: 24
103.108.189.0/24 maxlen: 24
185.211.78.0/24 maxlen: 24
123.253.106.0/24 maxlen: 24
123.253.107.0/24 maxlen: 24
103.115.204.0/24 maxlen: 24
103.115.205.0/24 maxlen: 24
85.92.101.0/24 maxlen: 24
85.92.102.0/24 maxlen: 24
85.92.103.0/24 maxlen: 24
85.92.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 14:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:28:18:bf:61:a1:d9:b9:01:24:82:6c:87:6b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65fbcb4ea308a98b09397625e63866383c16dd0
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=975650efdfb38cb6cfb131ecb38e467919167528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6f:25:c5:2b:52:84:ac:36:98:3d:17:6b:ab:
7c:3b:7e:4c:8d:07:37:e5:20:a7:54:bc:1c:75:21:
50:42:20:a8:29:f3:94:b7:17:d1:7f:c9:a4:1f:aa:
f2:75:65:86:02:77:aa:3a:7c:5f:f5:c9:f8:99:c5:
6c:a8:1a:2e:78:fe:0b:02:28:2b:cb:e4:0d:7b:f2:
82:08:d4:6b:df:60:36:5a:41:83:4b:e8:55:cf:e8:
eb:a5:8c:7a:a8:47:4b:5e:8b:1d:61:d1:e4:7c:c7:
f7:2d:44:61:85:94:b1:90:bd:7c:3f:00:08:79:5c:
89:98:83:05:b9:aa:74:5a:bd:51:53:fb:17:5e:92:
f8:aa:6e:f2:a5:01:0c:ce:67:c3:e0:ac:56:76:a8:
d5:14:cd:48:fa:33:cb:54:7a:34:16:a3:9a:67:cb:
1d:99:e4:4d:5e:54:8e:ff:d5:2d:51:bd:bb:49:9a:
39:55:52:3a:99:45:e6:10:2e:80:8f:f5:5c:4a:41:
ef:16:08:f8:e7:5d:57:5a:ed:50:55:27:1b:79:00:
c5:75:d6:f5:ae:3c:d7:22:ab:c6:17:e5:66:dc:96:
82:3e:82:eb:62:a4:05:12:78:b0:5f:37:1f:78:3d:
44:53:0d:00:8e:da:b2:c8:6c:48:39:87:31:74:73:
71:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:56:50:EF:DF:B3:8C:B6:CF:B1:31:EC:B3:8E:46:79:19:16:75:28
X509v3 Authority Key Identifier:
keyid:A6:5F:BC:B4:EA:30:8A:98:B0:93:97:62:5E:63:86:63:83:C1:6D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pl-8tOowipiwk5diXmOGY4PBbdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/l1ZQ79-zjLbPsTHss45GeRkWdSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/f7231d-c561-4aa2-b80e-62d42fe6fd3c/1/pl-8tOowipiwk5diXmOGY4PBbdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.100.0/22
103.91.56.0/22
103.108.188.0/23
103.115.204.0/23
123.253.106.0/23
185.211.78.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:43:16:83:06:0f:49:dd:4f:b5:60:33:ce:68:31:6e:24:d5:
63:06:41:79:ce:d9:59:60:2b:27:48:fd:43:01:0e:d1:ca:b8:
24:ec:9e:ab:ae:36:8b:28:73:91:c2:8e:d5:98:74:47:b7:0b:
21:ab:b1:b9:7a:b7:00:0a:b9:62:d1:80:90:e3:5f:e1:3d:49:
d9:2f:6a:6d:f3:ab:38:d8:1d:28:8e:eb:f9:3e:a6:64:56:87:
b1:58:87:95:c0:42:dd:76:e7:cc:b5:ce:cb:0c:96:32:0c:7b:
e7:3b:ae:f2:85:b3:df:8d:40:58:5d:76:ca:a2:5b:e3:8e:44:
f4:fa:36:73:f6:63:0c:2c:13:4d:2c:6b:e5:e9:2f:a9:a1:71:
dd:c3:69:39:71:d4:a7:97:d8:e3:9a:4e:65:3a:c7:d7:d5:92:
8b:22:f2:5c:e2:bb:b9:8c:4b:22:b1:a7:d0:c8:dc:ba:98:76:
2a:9b:03:e5:23:aa:7c:e2:20:07:7c:ff:a6:81:a2:81:f6:c9:
02:1e:c1:e7:a8:bd:88:87:75:90:b3:83:7e:66:e9:be:16:17:
4a:92:bc:fc:b5:53:ed:98:00:a6:7e:4e:38:27:13:a5:f9:c9:
ea:91:de:1e:35:ec:14:b8:9f:fe:29:8e:77:a4:00:9b:d0:16:
42:40:64:58
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHJygYv2Gh2bkBJIJsh2vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NWZiY2I0ZWEzMDhhOThiMDkzOTc2MjVlNjM4NjYzODNj
MTZkZDAwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzU2NTBlZmRmYjM4Y2I2Y2ZiMTMxZWNiMzhlNDY3OTE5MTY3NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt28lxStShKw2mD0Xa6t8O35MjQc3
5SCnVLwcdSFQQiCoKfOUtxfRf8mkH6rydWWGAneqOnxf9cn4mcVsqBoueP4LAigr
y+QNe/KCCNRr32A2WkGDS+hVz+jrpYx6qEdLXosdYdHkfMf3LURhhZSxkL18PwAI
eVyJmIMFuap0Wr1RU/sXXpL4qm7ypQEMzmfD4KxWdqjVFM1I+jPLVHo0FqOaZ8sd
meRNXlSO/9UtUb27SZo5VVI6mUXmEC6Aj/VcSkHvFgj4511XWu1QVScbeQDFddb1
rjzXIqvGF+Vm3JaCPoLrYqQFEniwXzcfeD1EUw0AjtqyyGxIOYcxdHNxFwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJdWUO/fs4y2z7Ex7LOORnkZFnUoMB8GA1UdIwQY
MBaAFKZfvLTqMIqYsJOXYl5jhmODwW3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUt
NjJkNDJmZTZmZDNjLzEvbDFaUTc5LXpqTGJQc1RIc3M0NUdlUmtXZFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9mNzIzMWQtYzU2MS00YWEyLWI4MGUtNjJkNDJmZTZmZDNj
LzEvcGwtOHRPb3dpcGl3azVkaVhtT0dZNFBCYmRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCVVxkAwQC
Z1s4AwQBZ2y8AwQBZ3PMAwQBe/1qAwQAudNOMA0GCSqGSIb3DQEBCwUAA4IBAQC8
QxaDBg9J3U+1YDPOaDFuJNVjBkF5ztlZYCsnSP1DAQ7Ryrgk7J6rrjaLKHORwo7V
mHRHtwshq7G5ercACrli0YCQ41/hPUnZL2pt86s42B0ojuv5PqZkVoexWIeVwELd
dufMtc7LDJYyDHvnO67yhbPfjUBYXXbKolvjjkT0+jZz9mMMLBNNLGvl6S+poXHd
w2k5cdSnl9jjmk5lOsfX1ZKLIvJc4ru5jEsisafQyNy6mHYqmwPlI6p84iAHfP+m
gaKB9skCHsHnqL2Ih3WQs4N+Zum+FhdKkrz8tVPtmACmfk44JxOl+cnqkd4eNewU
uJ/+KY53pACb0BZCQGRY
-----END CERTIFICATE-----
Generated at Tue Jul 9 17:39:18 2024 by rpki-client on console-ams.rpki-client.org