Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/s2l00y9Fj8UGw0ybfRUJ9sB0zjk.roa
File: s2l00y9Fj8UGw0ybfRUJ9sB0zjk.roa (raw, json)
Hash identifier: u59ICCAxpz76ITrgs1Pk2ZPBaMUc8O5FY4IvxGld1GQ=
Subject key identifier: B3:69:74:D3:2F:45:8F:C5:06:C3:4C:9B:7D:15:09:F6:C0:74:CE:39
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 0191E17D9418712917CDD8A7C47A259E241A
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/s2l00y9Fj8UGw0ybfRUJ9sB0zjk.roa
Signing time: Wed 11 Sep 2024 14:29:48 +0000
ROA not before: Wed 11 Sep 2024 14:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34602
IP address blocks: 31.130.128.0/21 maxlen: 21
31.130.144.0/21 maxlen: 21
31.130.152.0/22 maxlen: 22
77.50.0.0/16 maxlen: 16
77.50.0.0/23 maxlen: 23
77.50.2.0/23 maxlen: 23
77.50.4.0/22 maxlen: 22
77.50.8.0/21 maxlen: 21
77.50.16.0/20 maxlen: 20
77.50.32.0/19 maxlen: 19
77.50.53.0/24 maxlen: 24
77.50.64.0/18 maxlen: 24
77.50.128.0/17 maxlen: 17
77.233.192.0/19 maxlen: 19
77.243.96.0/20 maxlen: 20
81.17.144.0/20 maxlen: 24
91.204.128.0/22 maxlen: 22
91.204.128.0/23 maxlen: 23
91.204.130.0/24 maxlen: 24
94.141.160.0/19 maxlen: 19
94.141.162.0/23 maxlen: 23
94.141.164.0/22 maxlen: 22
94.141.168.0/22 maxlen: 22
94.141.172.0/22 maxlen: 22
94.141.176.0/20 maxlen: 20
185.185.140.0/22 maxlen: 22
185.185.140.0/23 maxlen: 23
2a00:e78::/33 maxlen: 33
2a00:e78::/34 maxlen: 34
2a00:e78:6000::/36 maxlen: 36
2a00:e79::/32 maxlen: 32
2a00:e79::/36 maxlen: 36
2a00:e7a::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 12 Sep 2024 06:44:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:7d:94:18:71:29:17:cd:d8:a7:c4:7a:25:9e:24:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Sep 11 14:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b36974d32f458fc506c34c9b7d1509f6c074ce39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6d:31:26:28:02:eb:38:de:8e:8a:21:d7:f3:
eb:c6:6e:31:fc:93:1e:92:e8:39:5e:95:77:d6:13:
e7:2b:b5:3d:e6:96:c4:35:2f:98:c4:44:88:3a:3f:
f7:38:71:ea:79:12:e8:44:34:5f:0d:9c:4d:46:a7:
7b:71:db:fc:14:cd:d7:e6:90:01:ce:31:b2:f7:58:
13:7e:af:0a:92:8e:3e:94:59:f9:1e:c6:23:5d:c3:
44:44:79:b5:d6:06:81:e5:b2:51:f5:bd:8d:c6:18:
a0:0e:9d:01:e9:33:68:9d:44:d7:a7:70:a2:78:5e:
54:ab:78:7f:7f:9c:bc:38:34:23:7c:54:0f:35:b7:
dc:3f:b4:7a:84:24:c9:dc:eb:60:c8:ce:20:31:cc:
d8:2c:d0:8e:c5:f2:e4:70:7b:df:a3:68:27:21:86:
81:11:af:d6:d6:88:68:46:4d:2c:48:67:5f:08:f1:
8c:2d:c6:31:d9:15:b4:25:a9:1d:a4:67:95:9e:1b:
44:de:c2:04:08:ca:7a:79:d9:1a:5d:8d:ac:9b:68:
94:4d:0d:68:63:7c:44:49:3f:fb:20:e4:11:72:74:
58:e6:56:05:06:49:9a:46:11:38:7b:f5:57:0f:9f:
45:22:91:91:2d:56:e8:3a:a1:e3:47:6b:71:57:e7:
15:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:69:74:D3:2F:45:8F:C5:06:C3:4C:9B:7D:15:09:F6:C0:74:CE:39
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/s2l00y9Fj8UGw0ybfRUJ9sB0zjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.128.0/21
31.130.144.0-31.130.155.255
77.50.0.0/16
77.233.192.0/19
77.243.96.0/20
81.17.144.0/20
91.204.128.0/22
94.141.160.0/19
185.185.140.0/22
IPv6:
2a00:e78::/33
2a00:e79::-2a00:e7b:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2a:df:c3:99:33:bc:0f:95:1b:ac:62:0e:ac:8c:dc:f6:df:af:
9f:d9:35:99:fd:9a:54:fa:73:13:c7:08:a9:4a:12:6b:ab:67:
0e:b7:c3:c4:e4:a9:d6:f2:08:d8:63:94:0c:0c:7c:1c:3e:d8:
68:41:db:81:92:3d:9b:3d:da:a7:69:36:49:ca:d8:0c:bc:0f:
92:83:ba:26:f4:ce:ca:47:f3:c8:7b:cc:18:43:ed:00:f2:3a:
e3:85:d7:e1:d3:3b:97:da:d2:d8:88:4e:6d:21:4c:2b:ac:78:
53:16:ce:f8:29:85:5c:d7:ee:38:56:0b:ab:51:1c:b9:39:4b:
fa:9c:4c:3c:cd:c6:84:0e:f1:85:0a:a9:a4:2e:f4:f2:18:e0:
fe:ce:bf:ab:5d:f7:3e:13:91:21:60:a0:64:26:36:5f:bd:ed:
e0:22:dd:d4:71:42:41:26:ba:91:a5:89:cb:26:e7:45:d8:34:
bd:c6:b6:ae:95:29:e5:c7:1e:24:1f:00:6b:1e:51:b0:85:a5:
12:4f:bd:0f:7a:56:a3:f4:5f:5d:c2:d0:ae:f3:a6:69:21:b5:
c9:cc:35:1f:94:d7:53:0b:c5:88:5b:cf:09:ff:73:c6:93:c1:
0d:6a:a1:3a:d1:6b:5d:f6:2b:f7:92:3e:84:84:71:b2:49:ae:
53:9a:73:70
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZHhfZQYcSkXzdinxHolniQaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQwOTExMTQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY5NzRkMzJmNDU4ZmM1MDZjMzRjOWI3ZDE1MDlmNmMwNzRjZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG0xJigC6zjejooh1/Prxm4x/JMe
kug5XpV31hPnK7U95pbENS+YxESIOj/3OHHqeRLoRDRfDZxNRqd7cdv8FM3X5pAB
zjGy91gTfq8Kko4+lFn5HsYjXcNERHm11gaB5bJR9b2NxhigDp0B6TNonUTXp3Ci
eF5Uq3h/f5y8ODQjfFQPNbfcP7R6hCTJ3OtgyM4gMczYLNCOxfLkcHvfo2gnIYaB
Ea/W1ohoRk0sSGdfCPGMLcYx2RW0JakdpGeVnhtE3sIECMp6edkaXY2sm2iUTQ1o
Y3xEST/7IOQRcnRY5lYFBkmaRhE4e/VXD59FIpGRLVboOqHjR2txV+cVSQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFLNpdNMvRY/FBsNMm30VCfbAdM45MB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvczJsMDB5OUZqOFVHdzB5YmZSVUo5c0IwemprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBDBAIAATA9AwQDH4KAMAwD
BAQfgpADBAIfgpgDAwBNMgMEBU3pwAMEBE3zYAMEBFERkAMEAlvMgAMEBV6NoAME
Arm5jDAeBAIAAjAYAwYHKgAOeAAwDgMFACoADnkDBQIqAA54MA0GCSqGSIb3DQEB
CwUAA4IBAQAq38OZM7wPlRusYg6sjNz236+f2TWZ/ZpU+nMTxwipShJrq2cOt8PE
5KnW8gjYY5QMDHwcPthoQduBkj2bPdqnaTZJytgMvA+Sg7om9M7KR/PIe8wYQ+0A
8jrjhdfh0zuX2tLYiE5tIUwrrHhTFs74KYVc1+44VgurURy5OUv6nEw8zcaEDvGF
CqmkLvTyGOD+zr+rXfc+E5EhYKBkJjZfve3gIt3UcUJBJrqRpYnLJudF2DS9xrau
lSnlxx4kHwBrHlGwhaUST70Pelaj9F9dwtCu86ZpIbXJzDUflNdTC8WIW88J/3PG
k8ENaqE60Wtd9iv3kj6EhHGySa5TmnNw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:10 2025 by rpki-client