Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/WO7cvMtrMySJETAJ5EnIPggrvFc.roa
File: WO7cvMtrMySJETAJ5EnIPggrvFc.roa (raw, json)
Hash identifier: 5GBAum/p25dGOmrQp5Ke8pH/EDzcAeAKtKw4a3jiXRo=
Subject key identifier: 58:EE:DC:BC:CB:6B:33:24:89:11:30:09:E4:49:C8:3E:08:2B:BC:57
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 018E371A778BC79086DA3E8DE62A650D7AF6
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/WO7cvMtrMySJETAJ5EnIPggrvFc.roa
Signing time: Wed 13 Mar 2024 09:17:45 +0000
ROA not before: Wed 13 Mar 2024 09:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39494
IP address blocks: 31.177.85.0/24 maxlen: 24
31.177.86.0/23 maxlen: 24
79.174.72.0/22 maxlen: 22
89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.176.0/22 maxlen: 22
89.111.177.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Mar 2024 14:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:1a:77:8b:c7:90:86:da:3e:8d:e6:2a:65:0d:7a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 13 09:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=58eedcbccb6b332489113009e449c83e082bbc57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d0:22:05:35:42:c7:81:4c:50:4c:ef:78:e0:
d4:53:b5:e7:ca:16:ec:57:07:20:43:0d:88:82:ef:
ff:16:f2:33:79:7a:7d:4a:4b:57:39:d9:3f:27:24:
cd:52:50:87:bb:27:aa:fa:c7:71:b3:6d:c8:a3:5c:
74:04:38:0a:04:e4:e2:43:b8:a1:97:64:c8:43:f4:
44:a6:58:e7:df:67:29:bc:18:76:20:a2:6c:f1:84:
c7:38:84:6c:df:e4:56:f5:9f:44:87:a5:f8:9d:80:
b0:f1:b0:c1:ca:72:27:de:92:1b:b6:9e:c3:31:c7:
ed:66:78:f0:58:7c:76:6f:72:53:7d:68:12:ab:f0:
f8:f6:43:9f:66:35:d1:e0:95:19:fb:eb:12:10:8b:
5d:7b:ee:fa:eb:c3:53:20:ae:6b:4d:29:28:5e:c3:
ec:05:56:6c:3a:4c:ca:61:04:77:6a:0d:ae:20:41:
ea:b2:65:32:cb:af:02:5a:41:9e:17:72:fc:df:a1:
d5:67:cc:a5:f0:7d:5a:72:02:b1:05:64:d5:d0:57:
9e:d8:d4:52:6a:17:55:03:02:46:17:50:66:c4:9a:
71:ee:d5:2f:33:1c:73:9f:21:40:bd:05:ad:c6:09:
b6:90:e2:5c:88:90:76:2a:87:2d:b3:7d:38:8d:af:
ca:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EE:DC:BC:CB:6B:33:24:89:11:30:09:E4:49:C8:3E:08:2B:BC:57
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/WO7cvMtrMySJETAJ5EnIPggrvFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.85.0-31.177.87.255
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
91.217.21.0/24
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
17:9d:04:3f:5f:89:ef:e0:8b:8c:26:79:e9:2d:5d:fb:ef:41:
07:5c:df:49:30:62:09:4e:16:9b:e0:08:d3:d6:93:02:bc:39:
14:c5:b3:d1:ba:6d:77:39:f3:f2:e5:97:bd:90:90:64:ab:1d:
b3:8f:71:5e:50:51:ac:0f:42:4a:52:90:1c:7f:7e:2b:4b:ba:
09:ce:29:f9:b1:d9:61:fb:09:66:db:94:6a:62:aa:8b:94:bf:
84:78:95:9d:b0:86:fe:b3:f1:18:84:92:39:b0:a2:38:fa:43:
10:94:ec:fd:4d:38:81:79:bd:3b:1c:db:e9:ff:9e:32:e4:57:
ea:60:ee:e4:b7:d9:d2:e8:19:41:43:c9:ad:e2:73:7d:c0:a2:
e3:61:6b:c9:5d:55:d9:cd:bd:9c:a5:94:84:82:5b:f8:d0:fa:
2d:65:0d:b2:ef:2e:ac:77:7a:3c:c6:55:a8:3a:0f:27:3e:d9:
53:bc:bc:ba:f0:ff:88:49:51:96:f9:49:f9:d9:86:3d:9f:56:
5d:96:64:f0:22:bd:99:d2:a8:2d:1f:d9:2b:ed:65:3a:78:af:
4e:5e:d4:32:8d:f9:25:e7:e4:8a:99:00:08:67:57:65:ae:5d:
8b:67:79:35:50:8b:3d:98:81:af:d7:1c:0b:1f:f6:39:ed:28:
fd:9a:5b:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY43GneLx5CG2j6N5iplDXr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjQwMzEzMDkxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGVlZGNiY2NiNmIzMzI0ODkxMTMwMDllNDQ5YzgzZTA4MmJiYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdAiBTVCx4FMUEzveODUU7Xnyhbs
VwcgQw2Igu//FvIzeXp9SktXOdk/JyTNUlCHuyeq+sdxs23Io1x0BDgKBOTiQ7ih
l2TIQ/REpljn32cpvBh2IKJs8YTHOIRs3+RW9Z9Eh6X4nYCw8bDBynIn3pIbtp7D
McftZnjwWHx2b3JTfWgSq/D49kOfZjXR4JUZ++sSEItde+7668NTIK5rTSkoXsPs
BVZsOkzKYQR3ag2uIEHqsmUyy68CWkGeF3L836HVZ8yl8H1acgKxBWTV0Fee2NRS
ahdVAwJGF1BmxJpx7tUvMxxznyFAvQWtxgm2kOJciJB2Kocts304ja/KgwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFju3LzLazMkiREwCeRJyD4IK7xXMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvV083Y3ZNdHJNeVNKRVRBSjVFbklQZ2dydkZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmMAwDBAAfsVUD
BAMfsVADBAJPrkgDBAVZaEADBAZZb4ADBABb2RUwFAQCAAIwDgMFACoBANgDBQAq
AiCQMA0GCSqGSIb3DQEBCwUAA4IBAQAXnQQ/X4nv4IuMJnnpLV3770EHXN9JMGIJ
Thab4AjT1pMCvDkUxbPRum13OfPy5Ze9kJBkqx2zj3FeUFGsD0JKUpAcf34rS7oJ
zin5sdlh+wlm25RqYqqLlL+EeJWdsIb+s/EYhJI5sKI4+kMQlOz9TTiBeb07HNvp
/54y5FfqYO7kt9nS6BlBQ8mt4nN9wKLjYWvJXVXZzb2cpZSEglv40PotZQ2y7y6s
d3o8xlWoOg8nPtlTvLy68P+ISVGW+Un52YY9n1ZdlmTwIr2Z0qgtH9kr7WU6eK9O
XtQyjfkl5+SKmQAIZ1dlrl2LZ3k1UIs9mIGv1xwLH/Y57Sj9mltr
-----END CERTIFICATE-----
Generated at Tue Mar 19 17:35:25 2024 by rpki-client on console-fra.rpki-client.org