Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/7o5wcgK5NOJMfOUBTGeG4sYCzrs.roa
File: 7o5wcgK5NOJMfOUBTGeG4sYCzrs.roa (raw, json)
Hash identifier: hr5jBwjYaOjwn8kovMRRC+uWvLL3YXUz7T3ngByVWqU=
Subject key identifier: EE:8E:70:72:02:B9:34:E2:4C:7C:E5:01:4C:67:86:E2:C6:02:CE:BB
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 018EECB4A777FBE337B370019BBEA1404760
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/7o5wcgK5NOJMfOUBTGeG4sYCzrs.roa
Signing time: Wed 17 Apr 2024 15:37:26 +0000
ROA not before: Wed 17 Apr 2024 15:37:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34602
IP address blocks: 31.130.128.0/21 maxlen: 21
31.130.144.0/21 maxlen: 21
31.130.152.0/22 maxlen: 22
77.50.0.0/16 maxlen: 16
77.50.0.0/23 maxlen: 23
77.50.2.0/23 maxlen: 23
77.50.4.0/22 maxlen: 22
77.50.8.0/21 maxlen: 21
77.50.16.0/20 maxlen: 20
77.50.32.0/19 maxlen: 19
77.50.53.0/24 maxlen: 24
77.50.64.0/18 maxlen: 24
77.50.128.0/17 maxlen: 17
77.233.192.0/19 maxlen: 19
77.243.96.0/20 maxlen: 20
81.17.144.0/20 maxlen: 24
91.204.128.0/22 maxlen: 22
94.141.160.0/19 maxlen: 19
94.141.162.0/23 maxlen: 23
94.141.164.0/22 maxlen: 22
94.141.168.0/22 maxlen: 22
94.141.172.0/22 maxlen: 22
94.141.176.0/20 maxlen: 20
185.185.140.0/22 maxlen: 22
2a00:e78::/33 maxlen: 33
2a00:e78::/34 maxlen: 34
2a00:e78:6000::/36 maxlen: 36
2a00:e79::/32 maxlen: 32
2a00:e79::/36 maxlen: 36
2a00:e7a::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 27 May 2024 12:20:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:b4:a7:77:fb:e3:37:b3:70:01:9b:be:a1:40:47:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Apr 17 15:37:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee8e707202b934e24c7ce5014c6786e2c602cebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0f:78:d8:fe:f7:4f:b3:23:37:c8:b8:14:45:
14:c1:86:9f:49:a2:74:5b:ce:aa:34:20:fc:46:44:
10:50:2b:c4:76:77:96:82:5b:ca:a2:a9:dc:be:58:
a5:ac:28:bd:8b:99:e6:c3:ad:4e:70:33:f6:b0:6e:
73:96:2f:6c:82:63:d9:bb:d8:26:74:6b:25:35:cc:
5e:b1:a9:5e:9e:8e:86:9c:f9:de:5c:6c:93:ab:44:
49:8a:90:8b:8d:af:a9:b1:61:3f:c1:4b:92:a2:50:
04:f3:25:2a:17:96:96:6a:17:7d:75:d6:9c:2a:3e:
a8:da:74:5d:e6:98:3e:79:cf:72:cf:f0:22:ef:01:
25:67:8b:b0:e7:8c:8e:43:4c:8c:b6:4f:5c:9d:cb:
1f:86:c9:c5:88:8b:be:1c:ed:e9:20:4f:c0:25:28:
5a:d3:9b:a0:a3:34:67:db:9d:9f:75:66:bc:f9:53:
47:20:64:69:3e:26:c6:d2:87:72:47:57:7d:15:36:
c7:fd:a0:51:6e:83:d7:90:bf:02:9b:76:98:16:3e:
6b:4a:bd:96:56:45:0f:04:42:fc:c8:70:56:c2:8e:
54:28:0d:22:ab:38:3b:d6:8c:8b:e1:19:7c:2e:84:
e2:86:4f:ff:4e:50:7c:25:83:86:85:cc:52:3f:f0:
99:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8E:70:72:02:B9:34:E2:4C:7C:E5:01:4C:67:86:E2:C6:02:CE:BB
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/7o5wcgK5NOJMfOUBTGeG4sYCzrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.128.0/21
31.130.144.0-31.130.155.255
77.50.0.0/16
77.233.192.0/19
77.243.96.0/20
81.17.144.0/20
91.204.128.0/22
94.141.160.0/19
185.185.140.0/22
IPv6:
2a00:e78::/33
2a00:e79::-2a00:e7b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:32:ef:7c:87:26:aa:82:cc:e1:80:41:91:33:9a:4d:31:a7:
e2:84:f4:b5:51:d4:cc:f5:1a:02:01:69:34:bd:c9:c2:39:07:
ee:b0:87:82:e2:8c:50:1c:26:e9:1d:1c:6c:3d:f9:55:f6:8b:
dd:05:43:58:2a:bc:b6:b2:21:9e:0c:37:2e:92:f1:c8:f9:97:
96:17:15:06:08:14:a5:64:0c:18:e5:68:79:06:b5:40:3f:3f:
d4:ce:c5:d3:86:b9:5b:54:55:23:2d:b5:aa:42:aa:7b:ec:a4:
a4:f9:e7:31:02:9c:78:43:75:5c:f8:ab:ca:23:34:0a:10:d2:
6d:f0:27:a2:5f:69:f7:23:2a:fe:0a:e2:3f:54:c2:fe:6f:f9:
0f:88:a2:b0:a4:5f:12:57:7a:84:87:64:00:6e:55:20:30:cd:
ef:b0:c5:f1:49:1e:7d:69:3c:ef:4f:c8:24:9c:12:3c:ac:90:
2d:73:24:c0:ea:2c:23:af:32:b0:36:cc:a3:56:bf:c7:42:b4:
6b:a7:8a:dd:8f:2c:6b:59:35:e4:d6:de:48:b7:ce:a6:83:6e:
19:a8:6c:a9:99:b4:ae:31:2a:d2:ba:1b:66:f0:de:1f:16:8e:
bd:b7:1d:56:55:ff:79:7a:df:f7:84:e7:eb:22:e8:77:14:a1:
da:21:7f:b8
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAY7stKd3++M3s3ABm76hQEdgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwNDE3MTUzNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThlNzA3MjAyYjkzNGUyNGM3Y2U1MDE0YzY3ODZlMmM2MDJjZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw942P73T7MjN8i4FEUUwYafSaJ0
W86qNCD8RkQQUCvEdneWglvKoqncvlilrCi9i5nmw61OcDP2sG5zli9sgmPZu9gm
dGslNcxesaleno6GnPneXGyTq0RJipCLja+psWE/wUuSolAE8yUqF5aWahd9ddac
Kj6o2nRd5pg+ec9yz/Ai7wElZ4uw54yOQ0yMtk9cncsfhsnFiIu+HO3pIE/AJSha
05ugozRn252fdWa8+VNHIGRpPibG0odyR1d9FTbH/aBRboPXkL8Cm3aYFj5rSr2W
VkUPBEL8yHBWwo5UKA0iqzg71oyL4Rl8LoTihk//TlB8JYOGhcxSP/CZ1QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFO6OcHICuTTiTHzlAUxnhuLGAs67MB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvN281d2NnSzVOT0pNZk9VQlRHZUc0c1lDenJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBDBAIAATA9AwQDH4KAMAwD
BAQfgpADBAIfgpgDAwBNMgMEBU3pwAMEBE3zYAMEBFERkAMEAlvMgAMEBV6NoAME
Arm5jDAeBAIAAjAYAwYHKgAOeAAwDgMFACoADnkDBQIqAA54MA0GCSqGSIb3DQEB
CwUAA4IBAQAuMu98hyaqgszhgEGRM5pNMafihPS1UdTM9RoCAWk0vcnCOQfusIeC
4oxQHCbpHRxsPflV9ovdBUNYKry2siGeDDcukvHI+ZeWFxUGCBSlZAwY5Wh5BrVA
Pz/UzsXThrlbVFUjLbWqQqp77KSk+ecxApx4Q3Vc+KvKIzQKENJt8CeiX2n3Iyr+
CuI/VML+b/kPiKKwpF8SV3qEh2QAblUgMM3vsMXxSR59aTzvT8gknBI8rJAtcyTA
6iwjrzKwNsyjVr/HQrRrp4rdjyxrWTXk1t5It86mg24ZqGypmbSuMSrSuhtm8N4f
Fo69tx1WVf95et/3hOfrIuh3FKHaIX+4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:02 2025 by rpki-client