Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n4Vffeh1cEkBj3KjCu7XqhaKSgM.roa
File: n4Vffeh1cEkBj3KjCu7XqhaKSgM.roa (raw, json)
Hash identifier: qIYt9moxBMhORErJJ1KIbSZ1sDUVO2PwniUYOmTpokU=
Subject key identifier: 9F:85:5F:7D:E8:75:70:49:01:8F:72:A3:0A:EE:D7:AA:16:8A:4A:03
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018D858003B6B0E1EFB7E336B9EDEC0882DB
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n4Vffeh1cEkBj3KjCu7XqhaKSgM.roa
Signing time: Wed 07 Feb 2024 21:36:15 +0000
ROA not before: Wed 07 Feb 2024 21:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51032
IP address blocks: 31.128.128.0/19 maxlen: 24
62.122.88.0/21 maxlen: 24
89.23.128.0/19 maxlen: 19
89.23.128.0/21 maxlen: 24
89.23.144.0/20 maxlen: 24
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
89.23.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
91.202.204.0/22 maxlen: 22
93.157.160.0/21 maxlen: 21
93.157.162.0/24 maxlen: 24
93.157.163.0/24 maxlen: 24
178.212.80.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
2a13:2c80::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 23:46:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:85:80:03:b6:b0:e1:ef:b7:e3:36:b9:ed:ec:08:82:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Feb 7 21:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f855f7de8757049018f72a30aeed7aa168a4a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:64:f7:8d:2d:e1:28:e0:8f:3f:6b:6f:d9:24:
c5:67:c5:68:88:71:53:ac:20:c8:b3:18:76:d3:59:
95:0d:f1:18:e5:87:d3:2a:2a:69:cb:6a:9d:e7:a2:
15:df:37:69:bc:fa:b2:cb:d6:d2:14:20:9a:6d:86:
e6:b1:d8:dc:fb:9c:22:77:d7:1a:53:86:02:b2:35:
24:e8:c1:ff:4b:a2:30:14:db:d1:ef:80:69:06:01:
4d:a4:ab:da:7a:69:f1:24:d3:34:0e:4f:d1:f4:69:
c5:6f:73:47:af:9e:bb:b8:b3:64:ae:d3:0e:c9:2e:
28:7b:41:70:5e:b9:f0:39:ea:3b:7f:a7:22:fc:6f:
0b:d3:64:de:72:db:0c:3f:af:40:59:3a:b9:c4:58:
cf:fe:a5:01:6a:3f:0b:bb:07:4e:53:63:19:27:43:
a2:bf:8a:50:95:4e:b5:d7:62:b3:74:e2:bd:35:1a:
da:cf:8b:2c:02:6e:e7:84:be:21:83:2d:da:85:70:
b0:55:ec:e6:4e:ea:cd:38:b8:a2:2c:ac:3c:f1:8d:
e9:d3:59:24:c7:b0:ae:68:17:32:8b:6a:8a:66:83:
96:2f:dc:4f:66:57:e3:09:44:97:ff:55:db:fa:e9:
6f:8f:30:5b:04:8f:56:3c:5f:e4:15:0f:ea:5b:29:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:5F:7D:E8:75:70:49:01:8F:72:A3:0A:EE:D7:AA:16:8A:4A:03
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/n4Vffeh1cEkBj3KjCu7XqhaKSgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
93.157.160.0/21
178.212.80.0/21
178.216.176.0/21
IPv6:
2a13:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
61:91:c7:36:f7:ff:36:df:0d:ab:69:23:35:d9:6a:43:9d:36:
2a:e9:0d:8b:bd:18:8c:cc:03:b0:39:b5:54:43:1c:f0:52:98:
c3:60:1a:99:33:c6:c3:f6:13:4e:67:e2:6b:1a:55:df:7b:8e:
e6:1c:1c:17:46:fc:2f:97:68:92:ef:f0:97:e5:dc:4e:95:e4:
5b:75:fd:88:b9:2b:20:95:46:b5:8d:7f:cf:35:8c:c3:65:a6:
ed:46:24:7e:08:5f:e7:0a:61:21:37:6d:72:ff:67:74:65:c1:
b2:13:cf:ea:82:22:a1:0f:e6:4a:38:ea:88:3c:ea:f2:0b:2e:
80:7d:ae:e4:6f:f3:b5:55:3f:d3:67:a7:d4:b7:05:58:b9:5a:
50:fe:fe:13:24:72:64:e3:45:7e:74:09:dd:da:00:0e:b9:5e:
d7:01:e6:7f:25:5f:73:21:20:d7:47:22:91:b4:00:5f:cb:19:
44:29:3c:e8:ea:71:5f:ac:12:d9:24:f1:91:95:29:33:00:78:
09:66:9d:80:8d:fc:65:a7:d2:e6:96:fb:cb:c4:51:bc:ef:9b:
2f:55:c0:e6:4f:dd:7b:96:41:e3:1b:de:8b:b8:65:3c:b0:b3:
7d:a8:c8:06:db:b2:6c:fb:41:35:af:49:c3:06:fe:fa:25:54:
3c:b0:5d:bf
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY2FgAO2sOHvt+M2ue3sCILbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMjA3MjEzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg1NWY3ZGU4NzU3MDQ5MDE4ZjcyYTMwYWVlZDdhYTE2OGE0YTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2T3jS3hKOCPP2tv2STFZ8VoiHFT
rCDIsxh201mVDfEY5YfTKippy2qd56IV3zdpvPqyy9bSFCCabYbmsdjc+5wid9ca
U4YCsjUk6MH/S6IwFNvR74BpBgFNpKvaemnxJNM0Dk/R9GnFb3NHr567uLNkrtMO
yS4oe0FwXrnwOeo7f6ci/G8L02TectsMP69AWTq5xFjP/qUBaj8LuwdOU2MZJ0Oi
v4pQlU6112KzdOK9NRraz4ssAm7nhL4hgy3ahXCwVezmTurNOLiiLKw88Y3p01kk
x7CuaBcyi2qKZoOWL9xPZlfjCUSX/1Xb+ulvjzBbBI9WPF/kFQ/qWylmWwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJ+FX33odXBJAY9yowru16oWikoDMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvbjRWZmZlaDFjRWtCajNLakN1N1hxaGFLU2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQFH4CAAwQD
PnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDXZ2gAwQDstRQAwQDstiwMA0EAgACMAcD
BQMqEyyAMA0GCSqGSIb3DQEBCwUAA4IBAQBhkcc29/823w2raSM12WpDnTYq6Q2L
vRiMzAOwObVUQxzwUpjDYBqZM8bD9hNOZ+JrGlXfe47mHBwXRvwvl2iS7/CX5dxO
leRbdf2IuSsglUa1jX/PNYzDZabtRiR+CF/nCmEhN21y/2d0ZcGyE8/qgiKhD+ZK
OOqIPOryCy6Afa7kb/O1VT/TZ6fUtwVYuVpQ/v4TJHJk40V+dAnd2gAOuV7XAeZ/
JV9zISDXRyKRtABfyxlEKTzo6nFfrBLZJPGRlSkzAHgJZp2Ajfxlp9LmlvvLxFG8
75svVcDmT917lkHjG96LuGU8sLN9qMgG27Js+0E1r0nDBv76JVQ8sF2/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:21 2024 by rpki-client on console-fra.rpki-client.org