Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/70DTM8lDpKWx_VihNVznZWWznnY.roa
File: 70DTM8lDpKWx_VihNVznZWWznnY.roa (raw, json)
Hash identifier: idqsiJDCij6sY86t77Xdh9KMsQD6SLoC0jjPANhltro=
Subject key identifier: EF:40:D3:33:C9:43:A4:A5:B1:FD:58:A1:35:5C:E7:65:65:B3:9E:76
Certificate issuer: /CN=72b88675247ce1865a353f4cef5b2ac288a39698
Certificate serial: 018EC3247EC1F793327FFD8CE44D6804CC3D
Authority key identifier: 72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/70DTM8lDpKWx_VihNVznZWWznnY.roa
Signing time: Tue 09 Apr 2024 13:55:32 +0000
ROA not before: Tue 09 Apr 2024 13:55:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 31.42.188.0/23 maxlen: 23
46.175.144.0/21 maxlen: 21
91.219.62.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:24:7e:c1:f7:93:32:7f:fd:8c:e4:4d:68:04:cc:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b88675247ce1865a353f4cef5b2ac288a39698
Validity
Not Before: Apr 9 13:55:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef40d333c943a4a5b1fd58a1355ce76565b39e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1f:66:1e:bf:d6:3e:cb:76:4d:63:36:a5:8f:
e5:89:bd:1c:1b:7f:4c:58:b5:a3:fc:d9:23:3e:ed:
3a:0c:fa:72:21:08:f7:46:93:6a:cc:c9:4a:5a:8c:
d2:51:5c:9d:d4:ae:b8:9c:1f:6b:8b:b9:fd:7a:c4:
d7:b0:fa:01:74:34:c1:61:5e:bf:5f:9d:15:cc:fe:
b3:6d:28:3e:b6:9c:ff:b0:01:ff:14:c4:db:09:86:
01:28:90:85:cf:40:cd:91:ed:59:56:eb:ea:8f:d2:
a8:81:e9:6f:67:5d:6e:36:26:98:98:71:46:6b:76:
66:9f:ab:da:d9:74:65:85:66:db:0d:5a:09:aa:06:
56:e3:2e:6e:26:e1:fd:af:18:88:30:12:90:68:9f:
6a:d2:4e:db:a1:6d:bb:d0:78:9b:87:19:62:ba:e2:
39:40:de:7a:3d:44:b7:e3:3d:cb:19:72:0e:21:06:
74:77:7d:d0:46:73:73:e3:bb:17:f9:7e:70:63:bb:
3d:36:f3:1a:a9:46:2d:b9:48:49:11:4a:d7:43:cb:
b3:9a:8b:c6:9a:12:ff:bc:d8:7b:6b:a9:31:e9:a5:
63:d9:96:76:a9:9b:01:10:ee:c5:90:fe:61:73:cd:
c7:c3:d7:dd:bb:0d:f9:d6:0b:bb:a5:90:d7:6c:ad:
0b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:40:D3:33:C9:43:A4:A5:B1:FD:58:A1:35:5C:E7:65:65:B3:9E:76
X509v3 Authority Key Identifier:
keyid:72:B8:86:75:24:7C:E1:86:5A:35:3F:4C:EF:5B:2A:C2:88:A3:96:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/criGdSR84YZaNT9M71sqwoijlpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/70DTM8lDpKWx_VihNVznZWWznnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/14dd6e-6773-47ff-8e3b-1137073fa8f6/1/criGdSR84YZaNT9M71sqwoijlpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.188.0/23
46.175.144.0/21
91.219.62.0/23
Signature Algorithm: sha256WithRSAEncryption
92:3a:ab:70:a6:6d:87:a5:4b:15:41:76:3a:77:09:6d:08:6b:
a2:10:3c:4a:08:95:c1:e0:fc:b3:f0:b8:a7:f3:09:48:1a:e0:
d0:fe:12:4c:5c:88:ee:48:ec:0e:99:a7:b0:ff:cf:64:76:09:
ee:15:62:ca:fc:88:49:35:f2:e4:96:6b:ab:11:ae:63:e7:aa:
0b:eb:5f:12:eb:37:38:93:6d:e1:45:fa:c9:58:a7:6d:46:38:
53:d9:88:35:d9:a7:ae:a3:e8:b1:50:b6:18:95:82:61:fd:f3:
8a:8c:5d:8f:b4:9c:1f:e9:18:a4:d7:24:be:14:7f:fe:3f:a6:
4f:86:b1:1b:2e:2e:99:56:7f:47:c0:f9:65:28:72:71:22:15:
be:27:52:b6:24:f6:41:0e:7b:1d:4b:ef:cd:33:5a:1a:c0:aa:
7e:5d:8d:90:5a:a1:8b:68:ee:a1:0e:f9:a2:74:c0:c1:ce:c0:
03:1e:10:56:1f:aa:b4:4b:1a:b5:d8:30:b0:27:12:ce:91:ce:
61:a6:08:c5:4d:dc:be:da:bd:8d:d8:00:45:da:d4:c3:51:3b:
68:51:9b:62:27:68:e5:c0:b2:17:52:b2:f5:1f:c1:2e:9a:b0:
d7:23:13:eb:a1:54:ca:0a:d2:04:87:6d:90:24:df:96:71:1e:
be:09:e1:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7DJH7B95Myf/2M5E1oBMw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjg4Njc1MjQ3Y2UxODY1YTM1M2Y0Y2VmNWIyYWMyODhh
Mzk2OTgwHhcNMjQwNDA5MTM1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQwZDMzM2M5NDNhNGE1YjFmZDU4YTEzNTVjZTc2NTY1YjM5ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR9mHr/WPst2TWM2pY/lib0cG39M
WLWj/NkjPu06DPpyIQj3RpNqzMlKWozSUVyd1K64nB9ri7n9esTXsPoBdDTBYV6/
X50VzP6zbSg+tpz/sAH/FMTbCYYBKJCFz0DNke1ZVuvqj9KogelvZ11uNiaYmHFG
a3Zmn6va2XRlhWbbDVoJqgZW4y5uJuH9rxiIMBKQaJ9q0k7boW270HibhxliuuI5
QN56PUS34z3LGXIOIQZ0d33QRnNz47sX+X5wY7s9NvMaqUYtuUhJEUrXQ8uzmovG
mhL/vNh7a6kx6aVj2ZZ2qZsBEO7FkP5hc83Hw9fduw351gu7pZDXbK0LjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO9A0zPJQ6Slsf1YoTVc52Vls552MB8GA1UdIwQY
MBaAFHK4hnUkfOGGWjU/TO9bKsKIo5aYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2It
MTEzNzA3M2ZhOGY2LzEvNzBEVE04bERwS1d4X1ZpaE5Wem5aV1d6bm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xNGRkNmUtNjc3My00N2ZmLThlM2ItMTEzNzA3M2ZhOGY2
LzEvY3JpR2RTUjg0WVphTlQ5TTcxc3F3b2lqbHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBHyq8AwQD
Lq+QAwQBW9s+MA0GCSqGSIb3DQEBCwUAA4IBAQCSOqtwpm2HpUsVQXY6dwltCGui
EDxKCJXB4Pyz8Lin8wlIGuDQ/hJMXIjuSOwOmaew/89kdgnuFWLK/IhJNfLklmur
Ea5j56oL618S6zc4k23hRfrJWKdtRjhT2Yg12aeuo+ixULYYlYJh/fOKjF2PtJwf
6Rik1yS+FH/+P6ZPhrEbLi6ZVn9HwPllKHJxIhW+J1K2JPZBDnsdS+/NM1oawKp+
XY2QWqGLaO6hDvmidMDBzsADHhBWH6q0Sxq12DCwJxLOkc5hpgjFTdy+2r2N2ABF
2tTDUTtoUZtiJ2jlwLIXUrL1H8EumrDXIxProVTKCtIEh22QJN+WcR6+CeEa
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:42 2025 by rpki-client