Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa
File: Ey2SgxnU-4IyUnecveXZknjTgTU.roa (raw, json)
Hash identifier: IqYdZYmRhw/yCkrd+ojCB9/TQgs+XzEx/pCfqNXUT5M=
Subject key identifier: 13:2D:92:83:19:D4:FB:82:32:52:77:9C:BD:E5:D9:92:78:D3:81:35
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 018CCA2AA3E1610F14FD0C551326351C45F8
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.233.0/24 maxlen: 24
31.192.232.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
2a0a:eec0:6::/48 maxlen: 48
2a0a:eec0:5::/48 maxlen: 48
2a0a:eec0::/48 maxlen: 48
2a0a:eec0:3::/48 maxlen: 48
2a03:a0e0::/32 maxlen: 32
2a0a:eec0:4::/48 maxlen: 48
2a0a:eec0:7::/48 maxlen: 48
2a0a:eec0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 23 Sep 2024 15:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a3:e1:61:0f:14:fd:0c:55:13:26:35:1c:45:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=132d928319d4fb823252779cbde5d99278d38135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:35:46:22:a0:c4:fa:5d:c1:e1:a8:0c:82:
65:25:36:11:df:ce:e1:2b:78:05:bf:7f:9a:a3:bb:
73:9d:84:f7:11:35:ad:92:fb:f1:b2:10:26:62:68:
40:98:18:d5:ac:14:3a:4d:94:7d:58:8f:cd:85:f2:
2f:4b:36:e5:66:2d:bc:94:b2:f3:0d:1b:c3:70:55:
ca:d7:d7:6d:ef:32:f3:e8:a3:0f:0e:11:62:3c:99:
9f:bb:01:73:ff:df:2d:ab:06:6a:cd:da:b6:46:d9:
43:77:cf:52:95:6e:4f:e8:60:a5:49:ff:0f:75:0f:
ec:c1:f6:05:09:54:5b:56:6e:f2:ac:41:9d:c8:a6:
b7:aa:a2:e1:c4:c5:60:2d:79:32:12:9d:ef:df:15:
49:15:b0:ac:80:81:89:15:9e:10:9b:10:20:47:d8:
fd:ad:b8:0e:f7:f7:f2:de:15:42:50:1d:0a:43:b7:
64:c9:44:b1:98:3b:d0:bd:fa:6f:26:84:9f:37:a6:
26:7e:0e:a9:8a:06:24:e2:78:d5:2a:60:79:b7:ee:
28:40:63:ac:9d:19:9c:80:a4:10:f7:3b:4f:4e:13:
3f:7e:cf:13:b8:ef:0d:ee:99:b0:de:db:72:df:8d:
99:a7:e6:9a:68:01:40:62:28:04:85:13:03:d3:e9:
00:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2D:92:83:19:D4:FB:82:32:52:77:9C:BD:E5:D9:92:78:D3:81:35
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/Ey2SgxnU-4IyUnecveXZknjTgTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/21
IPv6:
2a03:a0e0::/32
2a0a:eec0::/48
2a0a:eec0:2::-2a0a:eec0:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
84:47:57:90:61:f5:20:56:7c:3a:e1:8b:da:af:4a:aa:35:88:
53:b3:54:c6:2c:9b:39:68:f7:9f:14:f8:69:6d:d0:d0:1e:94:
75:d2:3a:c4:93:95:de:2a:d8:00:ba:e7:09:9b:92:26:a0:d4:
93:33:3b:e4:4c:f4:4f:3d:3c:30:f5:14:fd:d4:f0:74:eb:c6:
b2:31:30:7c:34:11:05:93:b1:b8:d2:2a:f4:c7:81:bb:52:ad:
6c:34:4b:86:6f:0f:35:ba:ad:ca:8b:11:75:d5:26:c8:82:4f:
57:0f:03:21:02:ec:2c:5f:f9:54:b7:ab:91:fc:d2:c1:9f:9f:
82:f2:40:c0:be:27:40:72:1f:84:c4:f2:69:fa:6e:f0:68:7c:
1d:45:34:49:d8:cb:83:9d:d5:e4:13:84:3d:72:52:d3:30:b8:
09:9a:29:00:26:39:53:6d:69:44:9e:dc:65:e7:f9:ea:67:b5:
e7:e8:f1:b0:f7:2c:46:dd:78:bd:5e:f2:66:b4:11:37:0b:42:
31:be:03:26:85:68:ed:1b:c0:de:16:f4:a3:34:0d:92:f6:56:
36:1b:1c:0a:df:b8:59:08:0f:65:61:ed:87:4b:f9:73:b6:f9:
87:1a:84:39:90:3f:41:5e:4e:ef:18:95:c9:21:41:e7:19:ac:
7e:92:b5:71
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzKKqPhYQ8U/QxVEyY1HEX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzJkOTI4MzE5ZDRmYjgyMzI1Mjc3OWNiZGU1ZDk5Mjc4ZDM4MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfU1RiKgxPpdweGoDIJlJTYR387h
K3gFv3+ao7tznYT3ETWtkvvxshAmYmhAmBjVrBQ6TZR9WI/NhfIvSzblZi28lLLz
DRvDcFXK19dt7zLz6KMPDhFiPJmfuwFz/98tqwZqzdq2RtlDd89SlW5P6GClSf8P
dQ/swfYFCVRbVm7yrEGdyKa3qqLhxMVgLXkyEp3v3xVJFbCsgIGJFZ4QmxAgR9j9
rbgO9/fy3hVCUB0KQ7dkyUSxmDvQvfpvJoSfN6Ymfg6pigYk4njVKmB5t+4oQGOs
nRmcgKQQ9ztPThM/fs8TuO8N7pmw3tty342Zp+aaaAFAYigEhRMD0+kAcQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBMtkoMZ1PuCMlJ3nL3l2ZJ404E1MB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvRXkyU2d4blUtNEl5VW5lY3ZlWFprbmpUZ1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQDH8DoMCoE
AgACMCQDBQAqA6DgAwcAKgruwAAAMBIDBwEqCu7AAAIDBwMqCu7AAAAwDQYJKoZI
hvcNAQELBQADggEBAIRHV5Bh9SBWfDrhi9qvSqo1iFOzVMYsmzlo958U+Glt0NAe
lHXSOsSTld4q2AC65wmbkiag1JMzO+RM9E89PDD1FP3U8HTrxrIxMHw0EQWTsbjS
KvTHgbtSrWw0S4ZvDzW6rcqLEXXVJsiCT1cPAyEC7Cxf+VS3q5H80sGfn4LyQMC+
J0ByH4TE8mn6bvBofB1FNEnYy4Od1eQThD1yUtMwuAmaKQAmOVNtaUSe3GXn+epn
tefo8bD3LEbdeL1e8ma0ETcLQjG+AyaFaO0bwN4W9KM0DZL2VjYbHArfuFkID2Vh
7YdL+XO2+YcahDmQP0FeTu8YlckhQecZrH6StXE=
-----END CERTIFICATE-----
Generated at Mon Sep 23 18:00:48 2024 by rpki-client on console-fra.rpki-client.org