Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/R32ZNQROrS9eYnLk_stn275iZY4.roa
File: R32ZNQROrS9eYnLk_stn275iZY4.roa (raw, json)
Hash identifier: Oe5VpPPVng1+3pkP+NNTUB8maAv/vGwxuiLl8Hxp2mU=
Subject key identifier: 47:7D:99:35:04:4E:AD:2F:5E:62:72:E4:FE:CB:67:DB:BE:62:65:8E
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 019265B00A97B2BFAC80A928F1C10D0ACBF9
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/R32ZNQROrS9eYnLk_stn275iZY4.roa
Signing time: Mon 07 Oct 2024 06:34:48 +0000
ROA not before: Mon 07 Oct 2024 06:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43700
IP address blocks: 14.102.4.0/22 maxlen: 24
14.102.4.0/24 maxlen: 24
14.102.5.0/24 maxlen: 24
14.102.6.0/24 maxlen: 24
14.102.7.0/24 maxlen: 24
14.102.8.0/22 maxlen: 24
14.102.8.0/24 maxlen: 24
14.102.9.0/24 maxlen: 24
14.102.10.0/24 maxlen: 24
14.102.11.0/24 maxlen: 24
31.172.224.0/22 maxlen: 22
31.172.224.0/23 maxlen: 23
31.172.226.0/23 maxlen: 23
45.84.244.0/22 maxlen: 22
45.84.244.0/23 maxlen: 23
78.158.0.0/19 maxlen: 19
78.158.0.0/20 maxlen: 20
78.158.16.0/20 maxlen: 20
95.215.140.0/22 maxlen: 22
95.215.140.0/23 maxlen: 23
95.215.142.0/23 maxlen: 23
185.246.240.0/22 maxlen: 22
185.246.240.0/23 maxlen: 23
185.246.242.0/23 maxlen: 23
185.252.108.0/22 maxlen: 22
185.252.108.0/23 maxlen: 23
185.252.110.0/23 maxlen: 23
185.252.204.0/22 maxlen: 22
185.252.204.0/23 maxlen: 23
185.252.206.0/23 maxlen: 23
216.25.0.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 09 Oct 2024 10:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:b0:0a:97:b2:bf:ac:80:a9:28:f1:c1:0d:0a:cb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Oct 7 06:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=477d9935044ead2f5e6272e4fecb67dbbe62658e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7d:df:35:3f:90:33:2a:8a:52:3b:59:72:72:
a1:13:7a:09:36:53:98:cb:98:48:a1:20:f8:cf:a3:
b7:5e:f7:0e:13:70:be:b8:ac:12:31:64:a9:16:63:
35:61:51:73:0b:e0:0d:b4:43:91:b8:e8:3e:76:66:
cc:24:5f:fa:d6:b7:c6:ac:91:f5:d6:49:1e:27:a3:
74:08:8c:87:8a:0a:dc:be:2c:0a:cd:aa:a2:b9:4a:
05:a9:b4:80:8a:6b:f4:2f:01:50:4d:c8:af:e2:a8:
77:e1:56:28:cf:d8:09:0f:6a:f6:b8:69:4b:c7:18:
da:6e:d1:8c:8c:52:e9:58:4f:07:69:61:50:35:60:
30:77:8d:12:ef:0f:06:47:86:1c:3d:f7:25:2f:46:
36:be:69:fd:04:d6:ea:3a:35:bb:06:7d:1b:7f:30:
9e:63:c5:7e:6f:6e:8b:ee:7e:f7:a3:9e:16:64:91:
2e:03:e7:00:c9:3a:3e:4c:0d:36:c0:44:0c:f3:36:
aa:03:ab:47:1b:a7:30:07:3c:27:f2:13:7b:9a:8f:
c6:a1:df:df:9f:91:5b:83:8e:df:c2:08:30:58:f0:
aa:b7:f9:c6:b0:6f:a0:75:23:b2:f1:fd:44:72:73:
40:70:9f:ad:f0:d0:7f:d0:17:b8:4b:10:0c:76:a8:
48:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7D:99:35:04:4E:AD:2F:5E:62:72:E4:FE:CB:67:DB:BE:62:65:8E
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/R32ZNQROrS9eYnLk_stn275iZY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.4.0-14.102.11.255
31.172.224.0/22
45.84.244.0/22
78.158.0.0/19
95.215.140.0/22
185.246.240.0/22
185.252.108.0/22
185.252.204.0/22
216.25.0.0/22
Signature Algorithm: sha256WithRSAEncryption
20:3a:19:0f:5a:6e:31:8c:5e:66:91:58:a0:75:2a:1f:6d:7d:
23:14:e7:83:17:43:35:b8:de:18:39:fa:61:79:53:97:45:9f:
d9:ae:a4:5a:5c:c8:3a:6c:a9:36:4b:99:eb:1e:a7:bc:97:ee:
35:f1:4f:1d:6a:e0:1b:37:aa:ab:8c:06:71:06:af:b1:6e:2f:
e2:0a:85:81:79:cd:25:57:1a:5c:4c:1c:31:46:3d:8c:f4:74:
ae:91:67:2d:92:5d:5a:b5:94:b1:b9:15:c8:4e:45:64:4b:df:
ec:dd:88:7e:e4:df:c9:1b:fd:59:fa:40:3d:c5:dc:9f:19:43:
0f:f3:92:37:12:fb:b9:e6:cd:a4:7f:86:2b:d8:fb:e8:79:81:
a5:b9:dd:ef:f2:77:1c:f6:c3:2b:da:ff:39:91:cf:55:cb:ee:
88:d0:82:f4:57:1f:f9:b0:d6:b9:82:12:0f:20:2d:89:c5:8b:
9c:2c:e8:0f:79:86:75:ba:1b:56:0c:48:88:3c:2c:d6:15:99:
d0:72:0e:1b:06:09:90:62:54:a9:e5:a1:66:fa:bf:a8:e6:68:
a1:16:06:5e:26:82:2f:64:0e:d4:7b:7b:4b:56:6a:b6:87:48:
b6:9d:65:2e:9f:8d:9e:08:8d:5a:7c:02:3c:14:88:c8:d7:91:
30:2e:db:b3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZJlsAqXsr+sgKko8cENCsv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQxMDA3MDYzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdkOTkzNTA0NGVhZDJmNWU2MjcyZTRmZWNiNjdkYmJlNjI2NThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX3fNT+QMyqKUjtZcnKhE3oJNlOY
y5hIoSD4z6O3XvcOE3C+uKwSMWSpFmM1YVFzC+ANtEORuOg+dmbMJF/61rfGrJH1
1kkeJ6N0CIyHigrcviwKzaqiuUoFqbSAimv0LwFQTciv4qh34VYoz9gJD2r2uGlL
xxjabtGMjFLpWE8HaWFQNWAwd40S7w8GR4YcPfclL0Y2vmn9BNbqOjW7Bn0bfzCe
Y8V+b26L7n73o54WZJEuA+cAyTo+TA02wEQM8zaqA6tHG6cwBzwn8hN7mo/God/f
n5Fbg47fwggwWPCqt/nGsG+gdSOy8f1EcnNAcJ+t8NB/0Be4SxAMdqhIMwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEd9mTUETq0vXmJy5P7LZ9u+YmWOMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvUjMyWk5RUk9yUzllWW5Ma19zdG4yNzVpWlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAIOZgQD
BAIOZggDBAIfrOADBAItVPQDBAVOngADBAJf14wDBAK59vADBAK5/GwDBAK5/MwD
BALYGQAwDQYJKoZIhvcNAQELBQADggEBACA6GQ9abjGMXmaRWKB1Kh9tfSMU54MX
QzW43hg5+mF5U5dFn9mupFpcyDpsqTZLmesep7yX7jXxTx1q4Bs3qquMBnEGr7Fu
L+IKhYF5zSVXGlxMHDFGPYz0dK6RZy2SXVq1lLG5FchORWRL3+zdiH7k38kb/Vn6
QD3F3J8ZQw/zkjcS+7nmzaR/hivY++h5gaW53e/ydxz2wyva/zmRz1XL7ojQgvRX
H/mw1rmCEg8gLYnFi5ws6A95hnW6G1YMSIg8LNYVmdByDhsGCZBiVKnloWb6v6jm
aKEWBl4mgi9kDtR7e0tWaraHSLadZS6fjZ4IjVp8AjwUiMjXkTAu27M=
-----END CERTIFICATE-----
Generated at Wed Oct 9 13:27:02 2024 by rpki-client on console-fra.rpki-client.org