Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/niNrjG9OVvempZooi1BdYxvFu34.roa
File: niNrjG9OVvempZooi1BdYxvFu34.roa (raw, json)
Hash identifier: 4D3pfDh7vpFO57DcEeEpEr16XaYqHAbHAMRKgtoi7BU=
Subject key identifier: 9E:23:6B:8C:6F:4E:56:F7:A6:A5:9A:28:8B:50:5D:63:1B:C5:BB:7E
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 01914AC7B728EA25561B1E625156FC9F637B
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/niNrjG9OVvempZooi1BdYxvFu34.roa
Signing time: Tue 13 Aug 2024 08:08:08 +0000
ROA not before: Tue 13 Aug 2024 08:08:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 31.3.0.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
146.19.176.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
2a03:3f00:2::/48 maxlen: 48
2a03:3f00:3::/48 maxlen: 48
2a03:3f00:4::/48 maxlen: 48
2a03:3f00:5::/48 maxlen: 48
2a03:3f00:6::/48 maxlen: 48
2a03:3f00:7::/48 maxlen: 48
2a03:3f00:10::/48 maxlen: 48
2a03:3f00:17::/48 maxlen: 48
2a03:3f00:31::/48 maxlen: 48
2a03:3f00:160::/48 maxlen: 48
2a03:3f00:161::/48 maxlen: 48
2a03:3f00:162::/48 maxlen: 48
2a03:3f00:163::/48 maxlen: 48
2a03:3f00:172::/48 maxlen: 48
2a03:3f00:174::/48 maxlen: 48
2a03:3f00:175::/48 maxlen: 48
2a03:3f00:180::/48 maxlen: 48
2a03:3f00:181::/48 maxlen: 48
2a03:3f00:182::/48 maxlen: 48
2a03:3f00:183::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Sep 2024 13:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4a:c7:b7:28:ea:25:56:1b:1e:62:51:56:fc:9f:63:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Aug 13 08:08:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e236b8c6f4e56f7a6a59a288b505d631bc5bb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d3:a8:52:a5:9d:b5:aa:00:f9:92:b8:f3:5c:
c7:79:8a:ea:d8:44:a1:3b:8f:35:88:dc:da:22:8b:
ab:60:b0:79:27:67:38:f4:e8:4d:32:67:6d:ff:03:
cf:15:c9:fc:e5:dc:0b:75:04:8b:b6:de:e6:bb:d2:
ca:4b:96:42:1d:c5:e1:cd:7c:e7:16:23:48:1b:ae:
92:95:1e:c9:11:85:73:52:58:86:ae:b5:06:bb:f8:
b7:5b:dd:0a:4e:d8:ce:65:17:de:a8:68:8b:de:27:
3b:18:42:be:34:21:62:5a:94:80:6d:d4:46:d1:b3:
d7:e0:0e:25:49:8c:f9:97:82:d0:6b:88:12:3d:de:
f4:54:8d:44:0f:be:d9:dd:2b:24:8a:4f:54:a8:87:
13:3c:75:98:7d:4a:0a:cd:a1:f6:08:32:84:76:c7:
10:3d:55:43:86:23:ba:f2:23:60:a2:e2:2a:c9:69:
be:13:8c:c4:40:38:c1:07:72:dc:82:b4:4c:8e:a8:
8c:b2:ad:ec:e5:4b:46:60:19:72:57:42:48:0a:44:
a1:48:55:dd:f3:e8:83:ac:72:04:40:61:0c:2b:26:
ba:6e:ad:a6:ec:40:1f:db:d7:c3:fb:95:3b:93:4c:
65:cb:03:17:21:d9:65:a7:b3:a4:c2:cd:0f:13:bc:
d8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:23:6B:8C:6F:4E:56:F7:A6:A5:9A:28:8B:50:5D:63:1B:C5:BB:7E
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/niNrjG9OVvempZooi1BdYxvFu34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/45
2a03:3f00:10::/48
2a03:3f00:17::/48
2a03:3f00:31::/48
2a03:3f00:160::/46
2a03:3f00:172::/48
2a03:3f00:174::/47
2a03:3f00:180::/46
Signature Algorithm: sha256WithRSAEncryption
08:4e:a2:d2:90:2e:42:12:0d:bd:a2:ca:b8:af:fb:55:e9:cb:
53:19:73:c6:7f:b7:10:fb:78:27:d0:38:66:19:b9:00:7b:bf:
b9:80:73:bc:aa:a0:ae:8f:a1:20:32:2a:1f:6c:e1:b7:58:d5:
f9:2e:8c:f2:8e:81:fa:a1:ee:b7:6c:df:69:39:da:d7:71:39:
49:cb:2d:76:1c:f0:84:a4:f2:79:f5:9f:fc:39:a2:5f:91:1c:
da:1d:45:b5:5e:81:c6:6d:57:24:e0:7f:92:01:6a:5c:2e:dd:
03:fd:1a:01:d3:cf:6c:4d:85:44:54:54:07:5c:07:b0:f0:c9:
2f:22:b0:34:81:f9:0f:a1:67:02:98:7e:73:eb:32:80:e6:f4:
67:f6:da:23:38:af:c8:c6:b0:82:20:15:36:fd:7f:05:00:3b:
1e:02:a9:29:77:ba:75:69:46:30:f4:ac:b1:af:93:22:75:28:
b3:fe:94:b3:86:a5:ca:ed:d4:ec:1d:0d:9d:cf:63:e2:ae:09:
d7:a2:14:f2:17:30:88:fc:4f:29:15:73:37:4a:7d:1b:ed:c1:
d2:d6:a1:10:3f:7c:03:58:7e:b1:76:c5:95:ff:6a:36:99:7d:
82:a6:7d:0b:c6:86:d1:2f:72:b2:c9:4e:64:1d:74:05:90:f7:
6b:3a:76:9f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZFKx7co6iVWGx5iUVb8n2N7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjQwODEzMDgwODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTIzNmI4YzZmNGU1NmY3YTZhNTlhMjg4YjUwNWQ2MzFiYzViYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9OoUqWdtaoA+ZK481zHeYrq2ESh
O481iNzaIourYLB5J2c49OhNMmdt/wPPFcn85dwLdQSLtt7mu9LKS5ZCHcXhzXzn
FiNIG66SlR7JEYVzUliGrrUGu/i3W90KTtjOZRfeqGiL3ic7GEK+NCFiWpSAbdRG
0bPX4A4lSYz5l4LQa4gSPd70VI1ED77Z3Sskik9UqIcTPHWYfUoKzaH2CDKEdscQ
PVVDhiO68iNgouIqyWm+E4zEQDjBB3LcgrRMjqiMsq3s5UtGYBlyV0JICkShSFXd
8+iDrHIEQGEMKya6bq2m7EAf29fD+5U7k0xlywMXIdllp7Okws0PE7zYqQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFJ4ja4xvTlb3pqWaKItQXWMbxbt+MB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvbmlOcmpHOU9WdmVtcFpvb2kxQmRZeHZGdTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjA8BAIAATA2AwQDHwMA
AwQAkhOwAwQCuRW0AwQCuRagAwQCuVesAwQBueYQAwQAueYTAwQAuesKAwQAufE/
ME4EAgACMEgDBwMqAz8AAAADBwAqAz8AABADBwAqAz8AABcDBwAqAz8AADEDBwIq
Az8AAWADBwAqAz8AAXIDBwEqAz8AAXQDBwIqAz8AAYAwDQYJKoZIhvcNAQELBQAD
ggEBAAhOotKQLkISDb2iyriv+1Xpy1MZc8Z/txD7eCfQOGYZuQB7v7mAc7yqoK6P
oSAyKh9s4bdY1fkujPKOgfqh7rds32k52tdxOUnLLXYc8ISk8nn1n/w5ol+RHNod
RbVegcZtVyTgf5IBalwu3QP9GgHTz2xNhURUVAdcB7DwyS8isDSB+Q+hZwKYfnPr
MoDm9Gf22iM4r8jGsIIgFTb9fwUAOx4CqSl3unVpRjD0rLGvkyJ1KLP+lLOGpcrt
1OwdDZ3PY+KuCdeiFPIXMIj8TykVczdKfRvtwdLWoRA/fANYfrF2xZX/ajaZfYKm
fQvGhtEvcrLJTmQddAWQ92s6dp8=
-----END CERTIFICATE-----
Generated at Fri Sep 20 14:32:39 2024 by rpki-client on console-fra.rpki-client.org