Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/Iyoydx7zlQ-C2GNiCLOAo7P-QZA.roa
File: Iyoydx7zlQ-C2GNiCLOAo7P-QZA.roa (raw, json)
Hash identifier: NEkyYN5KWhwbEsMGhpdXWJNZasOhyM8A4xMZ/ZVvtrg=
Subject key identifier: 23:2A:32:77:1E:F3:95:0F:82:D8:63:62:08:B3:80:A3:B3:FE:41:90
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018A4038CFA1B383FE202C23DE4A6F93FD36
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/Iyoydx7zlQ-C2GNiCLOAo7P-QZA.roa
Signing time: Tue 29 Aug 2023 07:36:19 +0000
ROA not before: Tue 29 Aug 2023 07:36:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 91.196.240.0/23 maxlen: 24
91.196.240.0/22 maxlen: 24
217.16.192.0/20 maxlen: 24
91.196.242.0/23 maxlen: 24
185.130.0.0/24 maxlen: 24
62.181.223.0/24 maxlen: 24
31.25.64.0/22 maxlen: 24
31.25.64.0/21 maxlen: 24
31.25.68.0/22 maxlen: 24
2a02:7720::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:38:cf:a1:b3:83:fe:20:2c:23:de:4a:6f:93:fd:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Aug 29 07:36:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=232a32771ef3950f82d8636208b380a3b3fe4190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:28:4f:b6:8e:75:a7:06:db:5e:8b:45:e5:32:
ae:0d:21:e7:20:ff:07:70:68:7a:d6:d2:6b:9b:d8:
81:19:ae:ac:11:97:8c:b6:d6:49:04:73:1e:35:f9:
9c:89:a0:12:aa:6b:cc:d8:67:ee:c8:a8:8d:34:65:
2c:a5:de:aa:21:30:81:d1:be:98:36:0c:e6:da:95:
b8:d7:f2:16:da:b4:26:76:de:f9:25:34:d1:18:fc:
41:dd:b6:e2:f8:bf:1d:a6:73:b9:5f:0c:17:35:31:
b1:69:70:a3:43:eb:cf:48:a8:05:1e:b8:a3:51:63:
d2:39:b0:5b:6e:ba:c7:a7:78:1c:d2:d3:34:24:49:
a1:4f:46:70:21:ef:3c:16:f7:4a:70:bd:d0:d6:e5:
6f:35:1c:a9:07:77:52:35:45:41:56:85:d4:5e:41:
8c:a9:33:ca:c5:3e:ce:e2:c9:c4:d7:1d:8a:78:43:
41:fe:0f:1d:7a:ba:bb:11:3c:df:66:55:ee:0a:c1:
a7:75:d6:9c:5a:6d:08:77:fc:e5:13:0e:3b:04:0c:
d5:1e:fa:f7:c8:88:d7:80:58:bc:a0:60:4f:b0:4f:
97:d3:6c:68:79:f5:32:a2:1e:4c:f2:79:81:2d:8d:
10:96:ce:8a:08:fa:e9:eb:22:55:4d:b7:69:e1:fa:
b3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2A:32:77:1E:F3:95:0F:82:D8:63:62:08:B3:80:A3:B3:FE:41:90
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/Iyoydx7zlQ-C2GNiCLOAo7P-QZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
62.181.223.0/24
91.196.240.0/22
185.130.0.0/24
217.16.192.0/20
IPv6:
2a02:7720::/32
Signature Algorithm: sha256WithRSAEncryption
c2:d2:45:13:83:d3:54:3f:08:3d:6c:72:e1:03:91:f1:a0:ba:
0b:d8:9e:0e:7a:a6:d6:06:4e:33:32:de:50:d8:d1:c2:13:96:
0c:d2:2b:10:1d:bb:a7:3e:30:4f:2c:71:d2:78:01:e1:ee:86:
30:81:d8:35:d0:94:2e:cb:03:38:1d:e4:a6:5f:c3:05:ed:6b:
0a:51:27:bb:01:b9:4e:8c:e2:49:bf:3b:c6:d8:10:95:8d:0b:
6d:be:ec:0f:d4:ed:2c:12:5d:9b:cd:2a:1a:de:3d:46:f6:00:
35:33:18:6b:ee:94:b2:ce:bd:b7:a4:d6:83:a6:78:68:49:28:
e5:97:14:f0:82:9f:02:49:6b:50:c3:77:eb:41:9d:15:49:7b:
43:32:77:e3:66:4f:fc:f6:78:a7:24:92:5d:46:18:ec:89:a8:
61:72:4d:d1:e9:86:bf:54:7e:a8:e7:ef:0f:39:40:12:5e:db:
0b:27:67:5d:51:44:3a:c4:36:39:3e:c5:9e:58:ac:a7:9b:d4:
3c:1a:10:10:56:e0:da:97:99:db:59:2c:21:4b:83:54:aa:81:
87:37:b3:13:0b:39:31:66:0b:93:28:cd:ef:79:5b:ef:73:0f:
a6:25:3d:b5:28:53:c6:06:2a:fa:a5:d8:36:13:a4:8a:35:2a:
e0:f3:98:2c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYpAOM+hs4P+ICwj3kpvk/02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjMwODI5MDczNjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJhMzI3NzFlZjM5NTBmODJkODYzNjIwOGIzODBhM2IzZmU0MTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnChPto51pwbbXotF5TKuDSHnIP8H
cGh61tJrm9iBGa6sEZeMttZJBHMeNfmciaASqmvM2GfuyKiNNGUspd6qITCB0b6Y
Ngzm2pW41/IW2rQmdt75JTTRGPxB3bbi+L8dpnO5XwwXNTGxaXCjQ+vPSKgFHrij
UWPSObBbbrrHp3gc0tM0JEmhT0ZwIe88FvdKcL3Q1uVvNRypB3dSNUVBVoXUXkGM
qTPKxT7O4snE1x2KeENB/g8derq7ETzfZlXuCsGnddacWm0Id/zlEw47BAzVHvr3
yIjXgFi8oGBPsE+X02xoefUyoh5M8nmBLY0Qls6KCPrp6yJVTbdp4fqz6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCMqMnce85UPgthjYgizgKOz/kGQMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvSXlveWR4N3psUS1DMkdOaUNMT0FvN1AtUVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxlAAwQA
PrXfAwQCW8TwAwQAuYIAAwQE2RDAMA0EAgACMAcDBQAqAncgMA0GCSqGSIb3DQEB
CwUAA4IBAQDC0kUTg9NUPwg9bHLhA5HxoLoL2J4OeqbWBk4zMt5Q2NHCE5YM0isQ
HbunPjBPLHHSeAHh7oYwgdg10JQuywM4HeSmX8MF7WsKUSe7AblOjOJJvzvG2BCV
jQttvuwP1O0sEl2bzSoa3j1G9gA1Mxhr7pSyzr23pNaDpnhoSSjllxTwgp8CSWtQ
w3frQZ0VSXtDMnfjZk/89ninJJJdRhjsiahhck3R6Ya/VH6o5+8POUASXtsLJ2dd
UUQ6xDY5PsWeWKynm9Q8GhAQVuDal5nbWSwhS4NUqoGHN7MTCzkxZguTKM3veVvv
cw+mJT21KFPGBir6pdg2E6SKNSrg85gs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:38 2024 by rpki-client on console-ams.rpki-client.org