Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/8CAKlp61vDnEKgCuYO1LFWPj1zM.roa
File: 8CAKlp61vDnEKgCuYO1LFWPj1zM.roa (raw, json)
Hash identifier: WbtJ/bEX34hpzTVepFVh3RCp5T1wjok2ZveUf/cXtek=
Subject key identifier: F0:20:0A:96:9E:B5:BC:39:C4:2A:00:AE:60:ED:4B:15:63:E3:D7:33
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 018E3C86675106781E041EDB867B1D105479
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/8CAKlp61vDnEKgCuYO1LFWPj1zM.roa
Signing time: Thu 14 Mar 2024 10:33:44 +0000
ROA not before: Thu 14 Mar 2024 10:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34602
IP address blocks: 31.130.128.0/21 maxlen: 21
31.130.144.0/20 maxlen: 20
45.151.60.0/22 maxlen: 24
77.50.0.0/16 maxlen: 16
77.50.0.0/23 maxlen: 23
77.50.2.0/23 maxlen: 23
77.50.4.0/22 maxlen: 22
77.50.8.0/21 maxlen: 21
77.50.16.0/20 maxlen: 20
77.50.32.0/19 maxlen: 19
77.50.53.0/24 maxlen: 24
77.50.64.0/18 maxlen: 18
77.50.128.0/17 maxlen: 17
77.233.192.0/19 maxlen: 19
77.243.96.0/20 maxlen: 20
81.17.144.0/20 maxlen: 20
91.204.128.0/22 maxlen: 22
94.141.160.0/19 maxlen: 19
94.141.162.0/23 maxlen: 23
94.141.164.0/22 maxlen: 22
94.141.168.0/22 maxlen: 22
94.141.172.0/22 maxlen: 22
94.141.176.0/20 maxlen: 20
185.185.140.0/22 maxlen: 22
2a00:e78::/33 maxlen: 33
2a00:e78::/34 maxlen: 34
2a00:e78:6000::/36 maxlen: 36
2a00:e79::/32 maxlen: 32
2a00:e79::/36 maxlen: 36
2a00:e7a::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 25 Mar 2024 07:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:86:67:51:06:78:1e:04:1e:db:86:7b:1d:10:54:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Mar 14 10:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0200a969eb5bc39c42a00ae60ed4b1563e3d733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:1e:de:33:3b:6c:5f:3a:fe:ed:f2:33:5d:4c:
bf:5b:b2:6c:b3:bb:0d:9c:85:b1:db:92:a8:e7:0e:
9c:26:8a:b6:2f:14:c6:a8:fe:fd:49:7d:52:f8:ed:
26:9d:d7:21:bf:a6:b9:f2:4b:85:40:ea:b0:1f:2f:
37:c2:45:9a:c7:b2:72:79:e2:94:a1:81:0f:69:af:
20:5c:75:67:be:82:9f:3a:2b:5b:13:a7:5a:b6:37:
3e:17:06:ca:4e:61:cf:3f:64:9a:31:1c:e0:75:f0:
a2:f8:56:78:e8:6f:63:ad:3f:43:93:ca:da:b7:0a:
04:62:ef:79:e2:bf:3e:48:82:2e:1e:34:5b:c7:bc:
41:04:fb:70:d7:1e:d8:bb:ee:ca:70:d7:3f:ec:2b:
aa:09:d9:cf:8c:ad:9e:2b:aa:ac:0c:36:60:b1:07:
5d:50:58:37:07:ad:df:75:34:52:2c:97:c6:39:86:
61:a0:79:dc:c4:1f:09:db:f6:73:0f:f4:49:ce:67:
7c:7c:ef:63:6b:eb:b0:4d:5f:7c:e5:8a:64:e7:5e:
08:8c:d1:c2:8c:a9:8a:8b:ff:47:cb:3f:6a:d8:f9:
98:21:ee:84:57:e0:cf:16:b5:ff:16:83:d9:81:5d:
62:a6:c3:ef:23:0c:73:34:af:b8:f6:5e:69:6f:f5:
68:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:20:0A:96:9E:B5:BC:39:C4:2A:00:AE:60:ED:4B:15:63:E3:D7:33
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/8CAKlp61vDnEKgCuYO1LFWPj1zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.128.0/21
31.130.144.0/20
45.151.60.0/22
77.50.0.0/16
77.233.192.0/19
77.243.96.0/20
81.17.144.0/20
91.204.128.0/22
94.141.160.0/19
185.185.140.0/22
IPv6:
2a00:e78::/33
2a00:e79::-2a00:e7b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3b:6b:6c:1c:c3:e6:5b:f9:53:a1:40:85:44:f2:4a:a5:18:b0:
36:7a:96:56:5c:6a:68:64:2a:52:ab:e4:b0:4b:67:d5:f4:94:
5c:21:11:8e:75:2a:8f:eb:10:31:e7:19:97:35:f4:87:8e:70:
72:81:98:8e:16:48:3a:bb:00:20:3b:bf:e0:1f:9d:69:cc:e3:
3b:7e:a0:6d:06:aa:76:9c:83:24:0f:8d:9b:b5:d8:70:fa:9b:
38:e0:87:90:32:14:f4:ab:93:3f:2e:6c:eb:40:bb:e4:c7:b7:
47:9c:64:56:a3:24:11:f7:0a:4f:86:3b:6c:e9:16:25:37:d9:
ab:80:22:56:ef:ac:45:69:64:4f:ea:42:a5:83:97:bc:39:dd:
60:e1:6d:8e:83:b1:42:4b:82:ae:76:17:9f:f2:13:d4:86:90:
16:32:a5:2d:05:34:c7:69:8b:98:68:fc:1b:a1:a5:aa:3d:ea:
66:83:6d:3a:df:dd:09:f5:03:5d:2d:55:c8:48:dc:e1:05:c7:
35:a4:c2:64:7a:68:64:0a:6e:7b:d3:d3:4c:05:9d:bd:d2:5a:
6a:0e:ed:67:5e:bd:c5:83:1c:78:ea:da:63:26:9e:d1:bb:59:
96:81:02:37:a8:1e:97:d7:7e:35:12:7a:f8:0a:30:de:e0:4c:
0a:cd:26:16
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAY48hmdRBngeBB7bhnsdEFR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwMzE0MTAzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDIwMGE5NjllYjViYzM5YzQyYTAwYWU2MGVkNGIxNTYzZTNkNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/h7eMztsXzr+7fIzXUy/W7Jss7sN
nIWx25Ko5w6cJoq2LxTGqP79SX1S+O0mndchv6a58kuFQOqwHy83wkWax7JyeeKU
oYEPaa8gXHVnvoKfOitbE6datjc+FwbKTmHPP2SaMRzgdfCi+FZ46G9jrT9Dk8ra
twoEYu954r8+SIIuHjRbx7xBBPtw1x7Yu+7KcNc/7CuqCdnPjK2eK6qsDDZgsQdd
UFg3B63fdTRSLJfGOYZhoHncxB8J2/ZzD/RJzmd8fO9ja+uwTV985Ypk514IjNHC
jKmKi/9Hyz9q2PmYIe6EV+DPFrX/FoPZgV1ipsPvIwxzNK+49l5pb/VoVQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFPAgCpaetbw5xCoArmDtSxVj49czMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvOENBS2xwNjF2RG5FS2dDdVlPMUxGV1BqMXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBBBAIAATA7AwQDH4KAAwQE
H4KQAwQCLZc8AwMATTIDBAVN6cADBARN82ADBARREZADBAJbzIADBAVejaADBAK5
uYwwHgQCAAIwGAMGByoADngAMA4DBQAqAA55AwUCKgAOeDANBgkqhkiG9w0BAQsF
AAOCAQEAO2tsHMPmW/lToUCFRPJKpRiwNnqWVlxqaGQqUqvksEtn1fSUXCERjnUq
j+sQMecZlzX0h45wcoGYjhZIOrsAIDu/4B+daczjO36gbQaqdpyDJA+Nm7XYcPqb
OOCHkDIU9KuTPy5s60C75Me3R5xkVqMkEfcKT4Y7bOkWJTfZq4AiVu+sRWlkT+pC
pYOXvDndYOFtjoOxQkuCrnYXn/IT1IaQFjKlLQU0x2mLmGj8G6Glqj3qZoNtOt/d
CfUDXS1VyEjc4QXHNaTCZHpoZApue9PTTAWdvdJaag7tZ169xYMceOraYyae0btZ
loECN6gel9d+NRJ6+Aow3uBMCs0mFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:45 2024 by rpki-client on console-ams.rpki-client.org