Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/dp9r0UxN_cr7jkPec5OaO083hBw.roa
File: dp9r0UxN_cr7jkPec5OaO083hBw.roa (raw, json)
Hash identifier: skeMxvLMJW9UxG5OE10Ig3DKedhlSn4ocEzMdSYvZm4=
Subject key identifier: 76:9F:6B:D1:4C:4D:FD:CA:FB:8E:43:DE:73:93:9A:3B:4F:37:84:1C
Certificate issuer: /CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Certificate serial: 019349D92D7426AFC370DEB929FA4DE632C5
Authority key identifier: B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/dp9r0UxN_cr7jkPec5OaO083hBw.roa
Signing time: Wed 20 Nov 2024 13:53:09 +0000
ROA not before: Wed 20 Nov 2024 13:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212330
IP address blocks: 31.223.185.0/24 maxlen: 24
45.113.239.0/24 maxlen: 24
86.105.220.0/24 maxlen: 24
86.111.150.0/24 maxlen: 24
86.111.151.0/24 maxlen: 24
93.115.252.0/24 maxlen: 24
94.176.40.0/24 maxlen: 24
103.229.80.0/24 maxlen: 24
185.16.25.0/24 maxlen: 24
185.96.160.0/24 maxlen: 24
185.113.104.0/24 maxlen: 24
185.113.106.0/24 maxlen: 24
193.3.137.0/24 maxlen: 24
2a10:fa42::/32 maxlen: 32
2a10:fa43::/32 maxlen: 32
2a10:fa44::/32 maxlen: 32
2a10:fa44:a00::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 20 Nov 2024 20:11:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:d9:2d:74:26:af:c3:70:de:b9:29:fa:4d:e6:32:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b307c87e7b6e294f2700790eef19e82939d85cd6
Validity
Not Before: Nov 20 13:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=769f6bd14c4dfdcafb8e43de73939a3b4f37841c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:96:47:ea:fa:61:aa:99:b2:88:aa:fd:48:13:
5e:1e:23:5d:22:89:19:36:4c:0f:77:3a:5c:59:ce:
78:91:25:5d:a4:c0:ad:6f:4d:c2:48:5a:44:ba:7f:
ff:44:b8:b6:5a:39:96:c4:08:4d:98:a5:72:6f:14:
b9:de:cc:27:8e:20:d1:ad:b1:9b:23:46:1d:54:f4:
eb:78:6e:de:70:94:53:e3:b6:9a:50:11:c9:2a:97:
70:69:a8:7e:d9:f6:5d:d0:1f:0f:3f:f1:28:03:e2:
50:14:00:dc:85:ce:04:6d:e2:38:3b:30:4a:1a:58:
43:c1:6f:37:0a:72:41:23:2c:eb:58:d3:7d:a6:2f:
3e:52:39:f9:05:d4:83:02:cb:2e:92:a1:14:5a:cd:
ed:25:10:83:e9:59:8a:e1:67:2a:5a:9c:93:59:e7:
51:d2:5c:13:cb:af:7d:47:15:8e:4a:97:55:51:46:
d3:09:1a:ee:69:80:a1:3f:1f:6a:76:93:85:21:20:
d3:21:92:4f:68:c3:99:91:84:2f:99:68:b9:bd:14:
2d:b7:3a:52:b7:c7:cc:84:0f:1e:19:5d:52:f2:8f:
71:a8:dc:7c:81:99:20:50:94:f9:be:0e:54:61:5d:
aa:df:1d:b2:94:b5:1a:17:7e:d2:c1:0b:a1:3e:0e:
25:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9F:6B:D1:4C:4D:FD:CA:FB:8E:43:DE:73:93:9A:3B:4F:37:84:1C
X509v3 Authority Key Identifier:
keyid:B3:07:C8:7E:7B:6E:29:4F:27:00:79:0E:EF:19:E8:29:39:D8:5C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/swfIfntuKU8nAHkO7xnoKTnYXNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/dp9r0UxN_cr7jkPec5OaO083hBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/da642a-a6ab-4705-9587-64945a4f8e12/1/swfIfntuKU8nAHkO7xnoKTnYXNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.185.0/24
45.113.239.0/24
86.105.220.0/24
86.111.150.0/23
93.115.252.0/24
94.176.40.0/24
103.229.80.0/24
185.16.25.0/24
185.96.160.0/24
185.113.104.0/24
185.113.106.0/24
193.3.137.0/24
IPv6:
2a10:fa42::-2a10:fa44:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
af:e9:a5:bd:af:a9:06:63:3a:3c:34:ba:17:0a:e2:1a:a0:b3:
e7:77:69:ed:e4:15:98:98:67:6d:6e:18:ad:51:66:0d:71:4f:
5f:e9:1b:46:53:1b:8b:a3:cb:33:1a:7d:b2:43:11:8b:09:97:
6d:ab:75:a7:a7:c2:a4:eb:be:1e:47:91:b7:81:c1:d2:de:76:
7c:8b:89:f7:5e:8b:f1:4e:a6:ed:1c:2c:33:50:05:42:d6:1f:
de:f5:89:39:c9:55:40:1d:7a:ac:cb:fb:38:02:e0:68:de:32:
80:7a:cc:75:9c:9c:a4:b3:c2:27:ad:ad:87:95:80:74:08:cb:
7a:e6:9a:44:ec:f8:55:17:43:b3:57:69:50:d9:25:c0:e5:e8:
fe:4a:30:dd:e1:a9:d2:45:f4:df:2a:43:ba:7d:51:be:86:bc:
78:30:e9:e1:c7:66:87:bd:c0:17:7b:cd:20:8d:21:f5:92:a3:
a9:14:c3:04:5f:9b:ad:e9:74:c7:6b:83:3b:f5:f4:9c:f2:6b:
d1:f1:12:fc:c3:7e:f0:67:e5:13:f3:7b:f4:86:c2:03:33:c4:
5c:71:a9:d9:da:3b:4e:4e:59:ec:1c:c7:1b:1f:78:9c:fb:1b:
41:55:46:d9:e8:09:30:4b:9a:98:3f:02:c1:f9:58:ed:1f:3d:
86:28:d4:6b
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZNJ2S10Jq/DcN65KfpN5jLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMDdjODdlN2I2ZTI5NGYyNzAwNzkwZWVmMTllODI5Mzlk
ODVjZDYwHhcNMjQxMTIwMTM1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjlmNmJkMTRjNGRmZGNhZmI4ZTQzZGU3MzkzOWEzYjRmMzc4NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZZH6vphqpmyiKr9SBNeHiNdIokZ
NkwPdzpcWc54kSVdpMCtb03CSFpEun//RLi2WjmWxAhNmKVybxS53swnjiDRrbGb
I0YdVPTreG7ecJRT47aaUBHJKpdwaah+2fZd0B8PP/EoA+JQFADchc4EbeI4OzBK
GlhDwW83CnJBIyzrWNN9pi8+Ujn5BdSDAssukqEUWs3tJRCD6VmK4WcqWpyTWedR
0lwTy699RxWOSpdVUUbTCRruaYChPx9qdpOFISDTIZJPaMOZkYQvmWi5vRQttzpS
t8fMhA8eGV1S8o9xqNx8gZkgUJT5vg5UYV2q3x2ylLUaF37SwQuhPg4lawIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHafa9FMTf3K+45D3nOTmjtPN4QcMB8GA1UdIwQY
MBaAFLMHyH57bilPJwB5Du8Z6Ck52FzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODct
NjQ5NDVhNGY4ZTEyLzEvZHA5cjBVeE5fY3I3amtQZWM1T2FPMDgzaEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9kYTY0MmEtYTZhYi00NzA1LTk1ODctNjQ5NDVhNGY4ZTEy
LzEvc3dmSWZudHVLVThuQUhrTzd4bm9LVG5ZWE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBOBAIAATBIAwQAH9+5AwQA
LXHvAwQAVmncAwQBVm+WAwQAXXP8AwQAXrAoAwQAZ+VQAwQAuRAZAwQAuWCgAwQA
uXFoAwQAuXFqAwQAwQOJMBYEAgACMBAwDgMFASoQ+kIDBQAqEPpEMA0GCSqGSIb3
DQEBCwUAA4IBAQCv6aW9r6kGYzo8NLoXCuIaoLPnd2nt5BWYmGdtbhitUWYNcU9f
6RtGUxuLo8szGn2yQxGLCZdtq3Wnp8Kk674eR5G3gcHS3nZ8i4n3XovxTqbtHCwz
UAVC1h/e9Yk5yVVAHXqsy/s4AuBo3jKAesx1nJyks8Inra2HlYB0CMt65ppE7PhV
F0OzV2lQ2SXA5ej+SjDd4anSRfTfKkO6fVG+hrx4MOnhx2aHvcAXe80gjSH1kqOp
FMMEX5ut6XTHa4M79fSc8mvR8RL8w37wZ+UT83v0hsIDM8RccanZ2jtOTlnsHMcb
H3ic+xtBVUbZ6AkwS5qYPwLB+VjtHz2GKNRr
-----END CERTIFICATE-----
Generated at Wed Nov 20 22:21:00 2024 by rpki-client on console-ams.rpki-client.org