Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/LYzUFhT94ZUZxGJDzXeYdIhk9RQ.roa
File: LYzUFhT94ZUZxGJDzXeYdIhk9RQ.roa (raw, json)
Hash identifier: yuxTf5qINo7B/mI9sxo1wrb32o31mXyCqwnmF7oYEL4=
Subject key identifier: 2D:8C:D4:16:14:FD:E1:95:19:C4:62:43:CD:77:98:74:88:64:F5:14
Certificate issuer: /CN=59919584033c3911a009bdde3183f6c60b2afcca
Certificate serial: 01870D8D73C49FF8854AAB5761DC762A5AF8
Authority key identifier: 59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/LYzUFhT94ZUZxGJDzXeYdIhk9RQ.roa
Signing time: Thu 23 Mar 2023 08:19:46 +0000
ROA not before: Thu 23 Mar 2023 08:19:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31115
IP address blocks: 62.97.32.0/19 maxlen: 24
194.150.162.0/23 maxlen: 24
94.126.56.0/21 maxlen: 24
195.134.176.0/21 maxlen: 24
91.187.192.0/19 maxlen: 24
185.11.192.0/22 maxlen: 24
130.255.144.0/21 maxlen: 24
5.172.64.0/19 maxlen: 24
31.171.136.0/21 maxlen: 24
178.19.144.0/20 maxlen: 24
2a01:9840::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Apr 2023 08:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:8d:73:c4:9f:f8:85:4a:ab:57:61:dc:76:2a:5a:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59919584033c3911a009bdde3183f6c60b2afcca
Validity
Not Before: Mar 23 08:19:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d8cd41614fde19519c46243cd7798748864f514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:04:da:5e:38:0e:df:b4:e3:92:c1:7f:fa:23:
fa:3d:c1:0d:3f:96:5c:17:7b:89:ee:1a:0a:47:84:
89:3b:16:63:f9:af:51:61:0f:7e:d7:ce:63:ad:7e:
b1:6e:58:5d:91:42:c5:ef:f7:57:2c:23:6b:17:0b:
44:f9:96:aa:2c:37:ea:22:96:5b:3d:52:30:23:96:
d2:37:5d:4f:c3:9d:4e:66:08:02:b0:e0:ae:7a:b0:
b3:60:71:2c:dc:4d:d6:7c:bd:a6:1d:15:ef:30:d7:
0f:80:8a:8b:7b:78:75:92:c1:97:06:2b:83:ab:32:
2c:11:9c:1e:70:aa:1e:e6:72:b4:7f:ce:11:78:ee:
92:15:10:40:a1:c6:4f:82:91:62:f3:21:c9:94:37:
1f:48:85:70:81:53:82:63:40:d5:10:e2:56:41:c1:
b0:38:4b:1f:6b:79:c2:ff:8a:9a:81:0d:54:8f:90:
86:74:a4:00:d4:98:bc:81:f5:ab:5e:6c:52:c9:34:
c5:d4:f2:c4:1d:89:34:78:fd:07:af:2e:97:e2:16:
fd:2f:ca:23:f5:c0:7b:80:d1:2c:11:db:57:68:3d:
b1:0a:a5:47:05:96:f3:35:67:f0:2e:79:ba:21:6d:
02:2f:ce:27:ea:42:73:16:0e:6d:fb:74:7c:ab:e5:
bd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:8C:D4:16:14:FD:E1:95:19:C4:62:43:CD:77:98:74:88:64:F5:14
X509v3 Authority Key Identifier:
keyid:59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/LYzUFhT94ZUZxGJDzXeYdIhk9RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.64.0/19
31.171.136.0/21
62.97.32.0/19
91.187.192.0/19
94.126.56.0/21
130.255.144.0/21
178.19.144.0/20
185.11.192.0/22
194.150.162.0/23
195.134.176.0/21
IPv6:
2a01:9840::/32
Signature Algorithm: sha256WithRSAEncryption
61:a5:bd:dd:ac:d4:79:a2:f3:d7:dd:af:68:0c:da:ce:66:b8:
73:90:d0:da:3c:c4:21:df:db:61:2d:f2:20:ee:42:00:92:23:
cb:20:f6:4d:a3:fc:c0:a2:5a:f2:e0:e3:38:42:36:6f:91:d2:
36:5c:a2:52:32:20:74:28:50:73:78:f6:ba:14:54:9f:27:d3:
81:eb:52:ae:e9:d0:f9:73:93:45:4a:62:ce:89:16:98:91:bd:
ae:52:fd:33:12:35:85:44:0b:1b:67:95:b8:87:97:ae:e0:ac:
df:44:3a:f8:89:66:8e:03:1e:16:78:a9:12:5d:98:75:8b:b3:
42:e5:f7:a6:d9:ad:4d:0e:48:d1:e6:85:35:a4:f0:70:3f:2f:
29:13:70:a7:a0:f2:bb:7b:4c:cf:6a:76:99:98:27:23:0e:75:
e8:c2:cd:fc:8a:f6:d3:e4:fe:28:58:22:5b:37:de:d2:da:49:
51:aa:b5:f5:55:08:a9:94:b0:62:0d:b2:b7:af:cd:94:1c:3d:
b9:33:28:eb:c5:60:a9:1a:69:2f:6b:b8:1a:b0:e2:e6:66:2f:
a3:40:7a:24:50:66:81:de:43:8a:5c:b7:c1:79:dc:fc:04:b3:
50:93:f2:b5:d2:74:e3:73:8c:55:6a:5c:c7:87:ca:14:ae:b3:
13:f5:8b:80
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYcNjXPEn/iFSqtXYdx2Klr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OTE5NTg0MDMzYzM5MTFhMDA5YmRkZTMxODNmNmM2MGIy
YWZjY2EwHhcNMjMwMzIzMDgxOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDhjZDQxNjE0ZmRlMTk1MTljNDYyNDNjZDc3OTg3NDg4NjRmNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggTaXjgO37TjksF/+iP6PcENP5Zc
F3uJ7hoKR4SJOxZj+a9RYQ9+185jrX6xblhdkULF7/dXLCNrFwtE+ZaqLDfqIpZb
PVIwI5bSN11Pw51OZggCsOCuerCzYHEs3E3WfL2mHRXvMNcPgIqLe3h1ksGXBiuD
qzIsEZwecKoe5nK0f84ReO6SFRBAocZPgpFi8yHJlDcfSIVwgVOCY0DVEOJWQcGw
OEsfa3nC/4qagQ1Uj5CGdKQA1Ji8gfWrXmxSyTTF1PLEHYk0eP0Hry6X4hb9L8oj
9cB7gNEsEdtXaD2xCqVHBZbzNWfwLnm6IW0CL84n6kJzFg5t+3R8q+W9SQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFC2M1BYU/eGVGcRiQ813mHSIZPUUMB8GA1UdIwQY
MBaAFFmRlYQDPDkRoAm93jGD9sYLKvzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWIt
OWNmODExZTlmYTdhLzEvTFl6VUZoVDk0WlVaeEdKRHpYZVlkSWhrOVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWItOWNmODExZTlmYTdh
LzEvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFBaxAAwQD
H6uIAwQFPmEgAwQFW7vAAwQDXn44AwQDgv+QAwQEshOQAwQCuQvAAwQBwpaiAwQD
w4awMA0EAgACMAcDBQAqAZhAMA0GCSqGSIb3DQEBCwUAA4IBAQBhpb3drNR5ovPX
3a9oDNrOZrhzkNDaPMQh39thLfIg7kIAkiPLIPZNo/zAolry4OM4QjZvkdI2XKJS
MiB0KFBzePa6FFSfJ9OB61Ku6dD5c5NFSmLOiRaYkb2uUv0zEjWFRAsbZ5W4h5eu
4KzfRDr4iWaOAx4WeKkSXZh1i7NC5fem2a1NDkjR5oU1pPBwPy8pE3CnoPK7e0zP
anaZmCcjDnXows38ivbT5P4oWCJbN97S2klRqrX1VQiplLBiDbK3r82UHD25Myjr
xWCpGmkva7gasOLmZi+jQHokUGaB3kOKXLfBedz8BLNQk/K10nTjc4xValzHh8oU
rrMT9YuA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:40 2024 by rpki-client on console-fra.rpki-client.org