Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/2NzIA3s3NJnzcP3sW8Vp65kkMyU.roa
File: 2NzIA3s3NJnzcP3sW8Vp65kkMyU.roa (raw, json)
Hash identifier: KHKCctW5oLcIzeYdqbbDGfOWWbM/8FIorCu2KnaOCY8=
Subject key identifier: D8:DC:C8:03:7B:37:34:99:F3:70:FD:EC:5B:C5:69:EB:99:24:33:25
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 01914714EF17EDE4A3280632589032223A82
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/2NzIA3s3NJnzcP3sW8Vp65kkMyU.roa
Signing time: Mon 12 Aug 2024 14:53:59 +0000
ROA not before: Mon 12 Aug 2024 14:53:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 31.3.0.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
146.19.176.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
2a03:3f00:161::/48 maxlen: 48
2a03:3f00:175::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Aug 2024 08:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:14:ef:17:ed:e4:a3:28:06:32:58:90:32:22:3a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Aug 12 14:53:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8dcc8037b373499f370fdec5bc569eb99243325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:18:30:9c:7f:2f:a3:23:74:82:47:74:80:db:
31:dd:27:52:d0:74:b7:29:22:54:d7:8e:b4:6b:c3:
c0:c2:da:21:39:60:30:70:b7:29:23:bf:32:3b:0a:
49:d7:4a:83:c9:20:fe:07:b6:e1:7a:2d:0e:56:f0:
83:3c:67:4f:f9:36:26:2d:01:5b:1d:7e:16:02:d9:
6c:42:a5:f9:28:f9:24:e2:6f:41:2b:2f:07:2a:df:
be:5f:eb:75:42:c0:f8:f4:da:75:2e:b6:8c:29:0f:
69:8b:a2:e0:e3:51:31:ae:9a:f8:a6:10:75:5a:38:
c1:f1:de:c3:f6:f2:09:c3:0c:a6:28:d4:07:a6:f6:
48:02:e4:7c:74:a5:4b:c9:9a:03:84:43:37:d1:b9:
8b:a1:6a:bc:c6:ca:9c:2d:c0:54:39:d1:e7:36:6e:
9e:44:5b:be:8d:30:9b:d5:25:0a:de:9a:4e:e4:9b:
c9:cd:30:a0:42:af:da:45:33:aa:ff:17:70:b7:97:
98:ea:89:7c:5f:86:ad:df:a4:7a:5e:53:78:4d:26:
81:23:ec:87:16:df:6a:cd:ae:8c:f7:80:ae:a1:10:
3f:97:2c:ce:cb:39:37:aa:a1:69:0d:04:ed:73:1b:
13:0a:50:fc:7f:24:28:52:82:7d:cc:8b:3b:ba:96:
53:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DC:C8:03:7B:37:34:99:F3:70:FD:EC:5B:C5:69:EB:99:24:33:25
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/2NzIA3s3NJnzcP3sW8Vp65kkMyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/47
2a03:3f00:161::/48
2a03:3f00:175::/48
Signature Algorithm: sha256WithRSAEncryption
44:3f:2a:0e:54:d6:85:15:fc:c6:d6:76:08:99:0c:6b:99:07:
91:83:74:fe:cd:ac:e1:a2:6a:7e:31:d1:ab:c8:ff:b6:fe:11:
fd:d4:63:d8:7c:7e:d3:16:3e:eb:5f:c8:51:e8:25:6e:1d:2c:
0d:ae:90:dd:aa:87:db:44:df:f1:33:14:f6:a0:53:94:fc:c9:
60:27:d3:21:c8:e4:e5:d7:55:8b:05:13:48:16:15:5d:38:de:
0e:08:26:d0:f1:68:e9:a2:56:8e:25:2c:49:89:1a:26:4f:71:
1e:a5:bd:db:98:9a:bb:c0:62:56:2d:13:4f:f5:42:fa:0e:3e:
69:3c:26:b8:1c:26:56:b7:65:cc:c7:58:0b:2f:a9:9d:4c:b1:
1d:4d:9a:df:53:4b:a2:55:b5:04:f0:09:05:01:87:cc:b9:08:
16:ac:fc:d0:54:75:20:c7:41:92:d0:60:77:c1:54:12:61:a4:
10:5b:ec:94:4f:bb:5c:c9:32:eb:91:7e:bb:36:5b:91:ef:d8:
51:4a:d9:e4:56:60:f5:a1:19:4c:b1:5d:fe:48:5b:63:40:a6:
c0:e3:47:ea:8f:38:f4:59:73:dd:ca:90:77:68:8e:2c:f7:fa:
59:c6:b1:bc:3b:00:f6:0f:70:ed:7f:62:fa:e0:91:64:ae:f0:
c3:c4:98:6f
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZFHFO8X7eSjKAYyWJAyIjqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjQwODEyMTQ1MzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRjYzgwMzdiMzczNDk5ZjM3MGZkZWM1YmM1NjllYjk5MjQzMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhgwnH8voyN0gkd0gNsx3SdS0HS3
KSJU1460a8PAwtohOWAwcLcpI78yOwpJ10qDySD+B7bhei0OVvCDPGdP+TYmLQFb
HX4WAtlsQqX5KPkk4m9BKy8HKt++X+t1QsD49Np1LraMKQ9pi6Lg41Exrpr4phB1
WjjB8d7D9vIJwwymKNQHpvZIAuR8dKVLyZoDhEM30bmLoWq8xsqcLcBUOdHnNm6e
RFu+jTCb1SUK3ppO5JvJzTCgQq/aRTOq/xdwt5eY6ol8X4at36R6XlN4TSaBI+yH
Ft9qza6M94CuoRA/lyzOyzk3qqFpDQTtcxsTClD8fyQoUoJ9zIs7upZTBwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFNjcyAN7NzSZ83D97FvFaeuZJDMlMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvMk56SUEzczNOSm56Y1Azc1c4VnA2NWtrTXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTA8BAIAATA2AwQDHwMAAwQA
khOwAwQCuRW0AwQCuRagAwQCuVesAwQBueYQAwQAueYTAwQAuesKAwQAufE/MCEE
AgACMBsDBwEqAz8AAAADBwAqAz8AAWEDBwAqAz8AAXUwDQYJKoZIhvcNAQELBQAD
ggEBAEQ/Kg5U1oUV/MbWdgiZDGuZB5GDdP7NrOGian4x0avI/7b+Ef3UY9h8ftMW
PutfyFHoJW4dLA2ukN2qh9tE3/EzFPagU5T8yWAn0yHI5OXXVYsFE0gWFV043g4I
JtDxaOmiVo4lLEmJGiZPcR6lvduYmrvAYlYtE0/1QvoOPmk8JrgcJla3ZczHWAsv
qZ1MsR1Nmt9TS6JVtQTwCQUBh8y5CBas/NBUdSDHQZLQYHfBVBJhpBBb7JRPu1zJ
MuuRfrs2W5Hv2FFK2eRWYPWhGUyxXf5IW2NApsDjR+qPOPRZc93KkHdojiz3+lnG
sbw7APYPcO1/YvrgkWSu8MPEmG8=
-----END CERTIFICATE-----
Generated at Tue Aug 13 11:07:20 2024 by rpki-client on console-fra.rpki-client.org