Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ROlB5HzBTO6lSmuzzsBuS7dWvTI.roa
File: ROlB5HzBTO6lSmuzzsBuS7dWvTI.roa (raw, json)
Hash identifier: xrk7BBH7PCDu8DFHx3DThKugj82NpM8AfgecpeHZxXA=
Subject key identifier: 44:E9:41:E4:7C:C1:4C:EE:A5:4A:6B:B3:CE:C0:6E:4B:B7:56:BD:32
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 018E7482FC5D9390A408613A23ECDFC34DCC
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ROlB5HzBTO6lSmuzzsBuS7dWvTI.roa
Signing time: Mon 25 Mar 2024 07:28:45 +0000
ROA not before: Mon 25 Mar 2024 07:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34602
IP address blocks: 31.130.128.0/21 maxlen: 21
31.130.144.0/21 maxlen: 21
31.130.152.0/22 maxlen: 22
45.151.60.0/22 maxlen: 24
77.50.0.0/16 maxlen: 16
77.50.0.0/23 maxlen: 23
77.50.2.0/23 maxlen: 23
77.50.4.0/22 maxlen: 22
77.50.8.0/21 maxlen: 21
77.50.16.0/20 maxlen: 20
77.50.32.0/19 maxlen: 19
77.50.53.0/24 maxlen: 24
77.50.64.0/18 maxlen: 18
77.50.128.0/17 maxlen: 17
77.233.192.0/19 maxlen: 19
77.243.96.0/20 maxlen: 20
81.17.144.0/20 maxlen: 20
91.204.128.0/22 maxlen: 22
94.141.160.0/19 maxlen: 19
94.141.162.0/23 maxlen: 23
94.141.164.0/22 maxlen: 22
94.141.168.0/22 maxlen: 22
94.141.172.0/22 maxlen: 22
94.141.176.0/20 maxlen: 20
185.185.140.0/22 maxlen: 22
2a00:e78::/33 maxlen: 33
2a00:e78::/34 maxlen: 34
2a00:e78:6000::/36 maxlen: 36
2a00:e79::/32 maxlen: 32
2a00:e79::/36 maxlen: 36
2a00:e7a::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 04 Apr 2024 08:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:82:fc:5d:93:90:a4:08:61:3a:23:ec:df:c3:4d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Mar 25 07:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44e941e47cc14ceea54a6bb3cec06e4bb756bd32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9d:0a:a2:a7:98:da:a0:97:41:de:13:59:f4:
a3:07:3c:d4:0a:63:ac:3e:0a:a0:58:5f:96:e9:51:
4a:91:3d:e1:35:5b:7a:2a:a0:f0:01:cf:43:63:c9:
a0:24:20:bb:5a:d2:9c:04:2a:d5:af:47:cc:c5:1d:
a9:75:57:21:90:11:27:6e:5d:6d:58:8e:07:97:54:
a4:fe:91:a5:65:0e:68:49:66:18:f2:25:11:9e:22:
9b:cb:bf:84:2c:14:45:0b:3d:db:e8:9c:82:18:be:
1b:8f:fe:9f:14:7b:04:49:af:be:98:c9:4c:6a:af:
15:9a:43:b2:7a:85:bd:73:2c:df:0f:1e:f3:b4:30:
e9:3c:cb:e8:a5:a6:5c:01:5f:4d:57:52:c1:d0:37:
f2:26:18:63:25:99:61:26:07:6f:f2:23:91:4d:9f:
53:20:d3:d2:fe:a8:e5:25:71:6c:64:60:90:ca:65:
4c:f9:f6:63:8f:45:e9:d2:e1:48:fe:19:40:ba:de:
2b:b8:71:dc:d4:81:cf:00:4b:4e:f5:b0:42:11:b3:
60:05:ff:30:5f:30:80:49:29:ad:ba:76:38:42:74:
86:76:8b:14:8e:db:34:ba:e0:30:88:6b:92:9d:77:
91:11:7b:eb:8b:9d:3a:af:67:14:9b:fa:01:e2:4d:
ce:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E9:41:E4:7C:C1:4C:EE:A5:4A:6B:B3:CE:C0:6E:4B:B7:56:BD:32
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/ROlB5HzBTO6lSmuzzsBuS7dWvTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.128.0/21
31.130.144.0-31.130.155.255
45.151.60.0/22
77.50.0.0/16
77.233.192.0/19
77.243.96.0/20
81.17.144.0/20
91.204.128.0/22
94.141.160.0/19
185.185.140.0/22
IPv6:
2a00:e78::/33
2a00:e79::-2a00:e7b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a7:fa:d5:45:3f:66:e5:da:84:6d:e2:19:b6:7a:4d:18:3e:fc:
10:49:fb:40:0d:cf:92:d6:35:f6:b4:23:09:f6:00:53:d8:c0:
da:91:b4:69:83:81:f6:91:67:c7:ce:4d:41:43:4b:f8:80:af:
b3:2c:85:c1:5f:51:fe:de:86:e6:9c:02:9d:53:c3:f6:54:07:
a8:2b:e1:03:45:54:ff:fc:a5:ab:72:a2:b9:d6:ce:0e:35:eb:
7b:70:0f:5d:92:5f:6d:97:ae:69:9b:93:91:2b:78:42:b7:1f:
c5:82:00:5f:90:96:5f:b5:40:1e:e6:1e:13:91:c5:64:74:9f:
9a:a2:5d:6e:72:80:21:bd:cb:e6:13:48:3d:f7:e4:2f:30:ed:
21:29:08:7e:a8:be:91:91:2d:ae:fb:b6:63:de:c4:44:b8:d1:
cc:5f:40:fd:c9:08:09:a9:3b:ec:be:87:87:d8:74:7c:bc:41:
16:c8:dd:b8:a1:b1:e6:12:b6:f3:30:56:4a:11:7f:2f:64:4c:
79:6c:72:f6:2e:00:0e:1c:f6:3e:4c:e0:02:57:4a:8b:12:54:
b3:4a:27:bc:97:b3:e7:cc:ac:27:28:b9:7e:0d:52:c7:29:02:
aa:87:79:0f:fc:a3:2f:55:97:c8:ba:53:e3:c4:d0:aa:cc:1d:
5a:5c:80:54
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAY50gvxdk5CkCGE6I+zfw03MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwMzI1MDcyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU5NDFlNDdjYzE0Y2VlYTU0YTZiYjNjZWMwNmU0YmI3NTZiZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJ0KoqeY2qCXQd4TWfSjBzzUCmOs
PgqgWF+W6VFKkT3hNVt6KqDwAc9DY8mgJCC7WtKcBCrVr0fMxR2pdVchkBEnbl1t
WI4Hl1Sk/pGlZQ5oSWYY8iURniKby7+ELBRFCz3b6JyCGL4bj/6fFHsESa++mMlM
aq8VmkOyeoW9cyzfDx7ztDDpPMvopaZcAV9NV1LB0DfyJhhjJZlhJgdv8iORTZ9T
INPS/qjlJXFsZGCQymVM+fZjj0Xp0uFI/hlAut4ruHHc1IHPAEtO9bBCEbNgBf8w
XzCASSmtunY4QnSGdosUjts0uuAwiGuSnXeREXvri506r2cUm/oB4k3OPwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFETpQeR8wUzupUprs87Abku3Vr0yMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvUk9sQjVIekJUTzZsU211enpzQnVTN2RXdlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBJBAIAATBDAwQDH4KAMAwD
BAQfgpADBAIfgpgDBAItlzwDAwBNMgMEBU3pwAMEBE3zYAMEBFERkAMEAlvMgAME
BV6NoAMEArm5jDAeBAIAAjAYAwYHKgAOeAAwDgMFACoADnkDBQIqAA54MA0GCSqG
SIb3DQEBCwUAA4IBAQCn+tVFP2bl2oRt4hm2ek0YPvwQSftADc+S1jX2tCMJ9gBT
2MDakbRpg4H2kWfHzk1BQ0v4gK+zLIXBX1H+3obmnAKdU8P2VAeoK+EDRVT//KWr
cqK51s4ONet7cA9dkl9tl65pm5ORK3hCtx/FggBfkJZftUAe5h4TkcVkdJ+aol1u
coAhvcvmE0g99+QvMO0hKQh+qL6RkS2u+7Zj3sREuNHMX0D9yQgJqTvsvoeH2HR8
vEEWyN24obHmErbzMFZKEX8vZEx5bHL2LgAOHPY+TOACV0qLElSzSie8l7PnzKwn
KLl+DVLHKQKqh3kP/KMvVZfIulPjxNCqzB1aXIBU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:40 2025 by rpki-client