Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/j9Y9Xa6bh6EEVty1TXiWiOA1xgc.roa
File: j9Y9Xa6bh6EEVty1TXiWiOA1xgc.roa (raw, json)
Hash identifier: t1c8CQl1vmxmFiST8bSdGC4DbbU+B5f95mbrF3t17MA=
Subject key identifier: 8F:D6:3D:5D:AE:9B:87:A1:04:56:DC:B5:4D:78:96:88:E0:35:C6:07
Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Certificate serial: 018FC4C39362ECF10DD5050F37535C93CCCA
Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/j9Y9Xa6bh6EEVty1TXiWiOA1xgc.roa
Signing time: Wed 29 May 2024 14:31:42 +0000
ROA not before: Wed 29 May 2024 14:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35467
IP address blocks: 31.186.160.0/21 maxlen: 22
37.0.16.0/21 maxlen: 22
81.92.176.0/20 maxlen: 21
83.136.192.0/21 maxlen: 24
91.106.224.0/21 maxlen: 23
93.95.144.0/21 maxlen: 22
145.87.224.0/19 maxlen: 20
185.35.32.0/22 maxlen: 23
185.55.108.0/22 maxlen: 23
185.250.160.0/22 maxlen: 24
212.52.224.0/19 maxlen: 22
217.27.224.0/20 maxlen: 24
217.27.224.0/21 maxlen: 22
217.27.232.0/21 maxlen: 24
2a02:5b0::/32 maxlen: 32
2a02:5b0::/40 maxlen: 40
2a02:5b0:700::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 08:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:c3:93:62:ec:f1:0d:d5:05:0f:37:53:5c:93:cc:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Validity
Not Before: May 29 14:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fd63d5dae9b87a10456dcb54d789688e035c607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b6:c9:43:67:ea:f2:31:81:ad:87:91:33:9a:
46:cb:ee:28:8f:6e:53:c8:11:45:59:b1:49:e1:d4:
d8:a0:f5:a4:d2:24:a6:44:c9:93:19:58:3e:4e:0c:
d9:01:83:f1:f7:0a:28:eb:bf:a5:19:ef:5f:87:cd:
d1:5e:79:75:c2:ff:0b:2b:7d:ec:ec:91:bd:1d:21:
6e:be:48:ca:57:7d:91:dd:18:27:d1:37:7d:fb:f1:
55:60:28:2a:54:12:23:c3:9c:45:d2:64:82:99:32:
ee:8f:5f:3f:76:92:59:b8:fe:a7:79:df:6c:a4:79:
2d:d2:fc:3e:7d:b8:2f:ff:39:ea:56:a1:31:64:e3:
77:8b:13:93:21:1b:fe:c2:d0:88:6b:c2:52:51:22:
59:1d:19:f5:a4:96:d3:32:61:cd:ef:3b:93:0b:1a:
02:31:ba:cc:6a:f1:8e:6d:f5:51:f7:8d:2c:bc:5a:
b0:38:47:da:26:81:4d:8d:32:4e:e7:a1:95:48:4a:
f6:4d:ca:4b:ef:f3:7a:8d:f6:ef:b2:95:36:2e:27:
4f:3b:91:6d:1f:55:77:e2:e4:ab:f0:61:7a:23:75:
fa:d7:da:cc:c7:5f:5f:3c:27:3c:63:28:9e:85:a8:
fb:68:00:7b:d7:4e:56:b8:54:34:31:35:11:4e:27:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D6:3D:5D:AE:9B:87:A1:04:56:DC:B5:4D:78:96:88:E0:35:C6:07
X509v3 Authority Key Identifier:
keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/j9Y9Xa6bh6EEVty1TXiWiOA1xgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.160.0/21
37.0.16.0/21
81.92.176.0/20
83.136.192.0/21
91.106.224.0/21
93.95.144.0/21
145.87.224.0/19
185.35.32.0/22
185.55.108.0/22
185.250.160.0/22
212.52.224.0/19
217.27.224.0/20
IPv6:
2a02:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
ce:75:18:6e:2d:2a:94:7c:c6:2a:c2:b6:d7:ef:99:33:0f:de:
3b:f4:e5:53:76:62:b6:11:e5:a0:46:ff:eb:cc:2a:20:01:94:
e7:29:e9:ce:20:39:4a:10:5f:9f:e3:04:30:7a:43:88:8d:6d:
d2:2e:e4:45:47:0f:57:0e:01:2d:2a:dd:d0:d7:56:e9:8a:52:
c2:ce:d9:da:43:58:12:87:98:cb:eb:bb:0f:e2:b8:97:d2:52:
a2:58:22:95:5b:c8:8c:be:df:8d:97:b6:f6:11:96:06:5f:5c:
bb:71:ca:53:65:32:e4:93:3c:7c:12:77:fe:96:c7:c1:20:b5:
57:b9:8b:ca:39:97:5b:82:a6:93:e1:e4:bc:16:3e:fd:ec:34:
3f:6c:95:41:3a:82:e6:2c:01:75:8e:73:56:8e:c8:1b:73:3d:
c7:84:e2:79:b2:bd:ed:f1:cf:40:86:a8:ef:43:5c:7e:72:19:
4b:9d:35:69:0b:ec:9f:f7:a9:d2:42:cc:57:98:a3:d4:4b:00:
ef:4d:eb:b6:12:18:dd:92:97:55:73:07:e3:42:8a:38:70:64:
7d:bd:b8:d3:52:42:c9:1f:32:7d:ae:b3:73:ad:36:2f:73:09:
12:45:d4:05:65:e0:20:68:c2:12:d6:b6:6b:5d:01:13:33:6f:
9b:42:0a:e5
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY/Ew5Ni7PEN1QUPN1Nck8zKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2
MTg3MjYwHhcNMjQwNTI5MTQzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ2M2Q1ZGFlOWI4N2ExMDQ1NmRjYjU0ZDc4OTY4OGUwMzVjNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LbJQ2fq8jGBrYeRM5pGy+4oj25T
yBFFWbFJ4dTYoPWk0iSmRMmTGVg+TgzZAYPx9woo67+lGe9fh83RXnl1wv8LK33s
7JG9HSFuvkjKV32R3Rgn0Td9+/FVYCgqVBIjw5xF0mSCmTLuj18/dpJZuP6ned9s
pHkt0vw+fbgv/znqVqExZON3ixOTIRv+wtCIa8JSUSJZHRn1pJbTMmHN7zuTCxoC
MbrMavGObfVR940svFqwOEfaJoFNjTJO56GVSEr2TcpL7/N6jfbvspU2LidPO5Ft
H1V34uSr8GF6I3X619rMx19fPCc8Yyiehaj7aAB7105WuFQ0MTURTifi3QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFI/WPV2um4ehBFbctU14lojgNcYHMB8GA1UdIwQY
MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt
MGQyMjIzMmMzNGEwLzEvajlZOVhhNmJoNkVFVnR5MVRYaVdpT0ExeGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw
LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDH7qgAwQD
JQAQAwQEUVywAwQDU4jAAwQDW2rgAwQDXV+QAwQFkVfgAwQCuSMgAwQCuTdsAwQC
ufqgAwQF1DTgAwQE2RvgMA0EAgACMAcDBQAqAgWwMA0GCSqGSIb3DQEBCwUAA4IB
AQDOdRhuLSqUfMYqwrbX75kzD9479OVTdmK2EeWgRv/rzCogAZTnKenOIDlKEF+f
4wQwekOIjW3SLuRFRw9XDgEtKt3Q11bpilLCztnaQ1gSh5jL67sP4riX0lKiWCKV
W8iMvt+Nl7b2EZYGX1y7ccpTZTLkkzx8Enf+lsfBILVXuYvKOZdbgqaT4eS8Fj79
7DQ/bJVBOoLmLAF1jnNWjsgbcz3HhOJ5sr3t8c9AhqjvQ1x+chlLnTVpC+yf96nS
QsxXmKPUSwDvTeu2EhjdkpdVcwfjQoo4cGR9vbjTUkLJHzJ9rrNzrTYvcwkSRdQF
ZeAgaMIS1rZrXQETM2+bQgrl
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:53:26 2024 by rpki-client on console-ams.rpki-client.org