Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/dpUN2g0FR4gM63y3UnF9NEB9XmQ.roa
File: dpUN2g0FR4gM63y3UnF9NEB9XmQ.roa (raw, json)
Hash identifier: O6ADjBqmL2OgYA5tEc52BXHd83lLr6j4Hzf3F+miubg=
Subject key identifier: 76:95:0D:DA:0D:05:47:88:0C:EB:7C:B7:52:71:7D:34:40:7D:5E:64
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 018DCB6A187C85E2580FEAC54C4959A2794F
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/dpUN2g0FR4gM63y3UnF9NEB9XmQ.roa
Signing time: Wed 21 Feb 2024 11:25:44 +0000
ROA not before: Wed 21 Feb 2024 11:25:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1820
IP address blocks: 31.223.224.0/21 maxlen: 32
91.226.1.0/24 maxlen: 32
185.16.228.0/22 maxlen: 32
185.45.244.0/22 maxlen: 32
185.170.192.0/22 maxlen: 32
193.16.47.0/24 maxlen: 32
193.104.182.0/24 maxlen: 32
195.66.93.0/24 maxlen: 32
195.177.72.0/22 maxlen: 32
2a00:6180::/29 maxlen: 128
2a13:8800::/29 maxlen: 64
Validation: Failed, certificate revoked on Tue 16 Jul 2024 09:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:6a:18:7c:85:e2:58:0f:ea:c5:4c:49:59:a2:79:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Feb 21 11:25:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76950dda0d0547880ceb7cb752717d34407d5e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:96:c3:38:49:59:24:41:dc:28:1f:2b:fe:ba:
00:25:89:e4:4f:67:a3:55:9b:0f:30:47:ce:43:2e:
14:a0:2c:58:7e:7a:6c:b9:fd:fc:e6:47:bc:b4:91:
6b:a9:74:22:4a:39:d7:27:e5:a3:e9:ae:33:14:3e:
6b:2c:4d:55:a8:ba:7e:3a:1b:c8:d9:2b:fd:8f:e4:
d5:94:3e:56:d6:4e:3c:5f:83:2d:87:64:3b:7f:1c:
a5:97:88:86:6b:4d:72:d2:e0:24:fc:f7:f9:56:d5:
7d:85:bf:fa:7f:35:6a:e2:bc:16:f0:a4:56:d0:dd:
3d:ee:68:db:de:0d:69:e3:90:aa:24:1e:77:fb:0c:
1d:b2:26:5a:1b:46:03:2d:31:fe:e3:d1:c2:ac:9b:
33:d1:8d:b6:9e:8e:f7:77:f6:34:53:7f:12:13:a4:
09:96:2a:cc:a1:d9:e4:8a:e0:7a:06:2d:26:64:dc:
fd:50:3f:fc:fd:b5:54:98:bf:c2:05:4b:05:ff:21:
40:ba:58:5e:0e:ce:03:df:01:e2:71:10:ee:a9:31:
85:a8:e0:b2:6a:2c:fd:8c:24:5f:e8:8a:f4:33:06:
75:db:b4:f5:aa:0e:a8:2a:16:2a:43:23:5f:df:8c:
b1:de:a7:bb:f3:1a:53:ee:ff:5f:1f:d6:b5:19:65:
57:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:95:0D:DA:0D:05:47:88:0C:EB:7C:B7:52:71:7D:34:40:7D:5E:64
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/dpUN2g0FR4gM63y3UnF9NEB9XmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.224.0/21
91.226.1.0/24
185.16.228.0/22
185.45.244.0/22
185.170.192.0/22
193.16.47.0/24
193.104.182.0/24
195.66.93.0/24
195.177.72.0/22
IPv6:
2a00:6180::/29
2a13:8800::/29
Signature Algorithm: sha256WithRSAEncryption
39:11:6f:bb:ca:80:cf:e4:27:33:73:f5:ab:8c:71:d5:5e:a6:
3b:7f:48:28:df:9d:75:63:8d:26:cf:20:d9:f2:54:b0:41:6a:
13:7e:19:c9:cb:7c:9a:71:87:33:78:aa:79:27:68:cb:43:5c:
25:3b:f3:6e:2b:02:7e:38:b2:87:80:83:fc:a5:1f:f3:b1:7c:
82:93:15:95:17:db:31:5a:27:ce:b9:96:43:09:1b:18:7e:f4:
8e:e9:ea:16:c8:39:6e:bb:cf:cc:42:31:be:eb:78:6c:09:4f:
8c:27:f3:47:b2:9d:1d:1f:40:b7:cb:05:8d:99:00:ae:23:a4:
d8:08:09:11:37:f2:e6:a8:e2:e2:aa:b0:b5:56:a3:ba:69:6c:
f9:fb:f3:ad:c6:f9:03:f9:eb:42:60:5f:c3:6f:e9:6a:5b:f5:
94:f5:61:36:9c:b2:a1:93:c6:ea:38:e3:5b:42:d9:4a:df:e0:
95:05:8b:d5:14:a3:7d:9a:bc:cf:0b:fb:05:3d:e0:4a:cd:29:
8d:6d:f9:e1:19:f5:67:a0:df:dc:6c:df:f3:24:bc:0a:49:22:
9c:80:7f:aa:3a:64:02:6f:bf:04:66:ce:2d:5f:c7:2a:f3:06:
75:00:4a:81:56:6b:cf:3f:72:9c:ba:1c:d7:bd:0a:93:4a:33:
09:82:8f:fc
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY3Lahh8heJYD+rFTElZonlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjQwMjIxMTEyNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk1MGRkYTBkMDU0Nzg4MGNlYjdjYjc1MjcxN2QzNDQwN2Q1ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpbDOElZJEHcKB8r/roAJYnkT2ej
VZsPMEfOQy4UoCxYfnpsuf385ke8tJFrqXQiSjnXJ+Wj6a4zFD5rLE1VqLp+OhvI
2Sv9j+TVlD5W1k48X4Mth2Q7fxyll4iGa01y0uAk/Pf5VtV9hb/6fzVq4rwW8KRW
0N097mjb3g1p45CqJB53+wwdsiZaG0YDLTH+49HCrJsz0Y22no73d/Y0U38SE6QJ
lirModnkiuB6Bi0mZNz9UD/8/bVUmL/CBUsF/yFAulheDs4D3wHicRDuqTGFqOCy
aiz9jCRf6Ir0MwZ127T1qg6oKhYqQyNf34yx3qe78xpT7v9fH9a1GWVX8wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFHaVDdoNBUeIDOt8t1JxfTRAfV5kMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvZHBVTjJnMEZSNGdNNjN5M1VuRjlORUI5WG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDH9/gAwQA
W+IBAwQCuRDkAwQCuS30AwQCuarAAwQAwRAvAwQAwWi2AwQAw0JdAwQCw7FIMBQE
AgACMA4DBQMqAGGAAwUDKhOIADANBgkqhkiG9w0BAQsFAAOCAQEAORFvu8qAz+Qn
M3P1q4xx1V6mO39IKN+ddWONJs8g2fJUsEFqE34Zyct8mnGHM3iqeSdoy0NcJTvz
bisCfjiyh4CD/KUf87F8gpMVlRfbMVonzrmWQwkbGH70junqFsg5brvPzEIxvut4
bAlPjCfzR7KdHR9At8sFjZkAriOk2AgJETfy5qji4qqwtVajumls+fvzrcb5A/nr
QmBfw2/palv1lPVhNpyyoZPG6jjjW0LZSt/glQWL1RSjfZq8zwv7BT3gSs0pjW35
4Rn1Z6Df3Gzf8yS8CkkinIB/qjpkAm+/BGbOLV/HKvMGdQBKgVZrzz9ynLoc170K
k0ozCYKP/A==
-----END CERTIFICATE-----
Generated at Tue Jul 16 12:52:53 2024 by rpki-client on console-ams.rpki-client.org