Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YxDaP276Bf0oF18WjdGxa-UrDl0.roa
File: YxDaP276Bf0oF18WjdGxa-UrDl0.roa (raw, json)
Hash identifier: mtXc1jHZvMUdmQYOTZZE6cHL+SQPoLDPdJblByC0y1k=
Subject key identifier: 63:10:DA:3F:6E:FA:05:FD:28:17:5F:16:8D:D1:B1:6B:E5:2B:0E:5D
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018D7D5C45B1112AF88737667609B7186791
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YxDaP276Bf0oF18WjdGxa-UrDl0.roa
Signing time: Tue 06 Feb 2024 07:40:15 +0000
ROA not before: Tue 06 Feb 2024 07:40:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 31.58.236.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
31.58.238.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.254.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.59.12.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
94.182.56.0/22 maxlen: 22
94.182.56.0/24 maxlen: 24
94.182.57.0/24 maxlen: 24
94.182.58.0/24 maxlen: 24
94.182.59.0/24 maxlen: 24
94.182.60.0/22 maxlen: 22
94.182.60.0/24 maxlen: 24
94.182.61.0/24 maxlen: 24
94.182.62.0/24 maxlen: 24
94.182.63.0/24 maxlen: 24
151.247.212.0/23 maxlen: 23
151.247.228.0/22 maxlen: 22
151.247.232.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.236.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.238.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Apr 2024 06:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:5c:45:b1:11:2a:f8:87:37:66:76:09:b7:18:67:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 6 07:40:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6310da3f6efa05fd28175f168dd1b16be52b0e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:c7:0c:0b:91:b0:5b:a0:8c:cb:d1:2b:63:
85:5a:59:e4:3a:4b:4d:8b:b8:61:d2:fa:61:40:e8:
8a:03:c5:95:4c:84:29:52:a6:3c:8b:26:de:c1:08:
a5:54:81:5b:e8:03:5e:02:9c:f7:e4:e8:20:53:df:
d4:1f:5a:ec:b1:25:c1:ec:5b:a8:a9:18:53:47:0f:
a0:eb:cc:a9:0c:1f:42:0f:28:6a:c8:2a:04:22:91:
42:4c:fa:d1:3c:88:27:a2:c4:ef:4f:a9:3b:da:14:
dd:89:a3:1d:c4:d9:ac:bc:08:bf:6d:2c:3e:15:7c:
6a:a6:a4:02:eb:b5:03:0f:50:3b:b4:50:4f:31:59:
f2:c9:08:1b:7f:23:f0:06:ba:c9:71:cf:cb:63:07:
dc:ca:c4:47:99:0d:2b:45:82:ed:2b:d2:d4:6f:4e:
72:b1:a9:2f:18:2f:26:31:08:15:5b:c0:80:9e:84:
ef:b8:2a:44:84:7f:f4:d8:61:3c:4f:5a:3a:88:c3:
0a:2e:a3:f4:1a:15:45:32:7d:54:6d:7b:77:e5:89:
bb:4b:4f:b6:99:d8:4a:71:05:a3:a7:f1:ff:3a:ae:
45:67:22:65:aa:5b:52:ce:ef:54:3e:af:b7:fb:6f:
b6:19:db:22:fd:97:fa:9a:73:11:cf:78:5d:35:23:
f4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:10:DA:3F:6E:FA:05:FD:28:17:5F:16:8D:D1:B1:6B:E5:2B:0E:5D
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/YxDaP276Bf0oF18WjdGxa-UrDl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.1.255
31.59.12.0/22
94.182.56.0/21
151.247.212.0/23
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
7a:c0:79:75:b1:45:e1:0a:1a:f4:74:35:21:18:2e:4d:1e:9e:
7e:ba:40:03:2d:ee:d8:88:90:6d:d3:07:3d:83:71:20:90:39:
e0:8f:7f:f4:1c:5b:1e:33:a1:cf:5d:11:80:72:23:7f:7f:dd:
7e:f6:2f:1a:16:17:f8:3f:b9:f1:9f:8b:9f:8b:14:20:be:6b:
69:46:57:9a:36:a7:20:f0:a4:10:9d:8f:d3:9b:68:ff:89:16:
0b:e9:63:49:39:77:66:a9:52:bc:4c:07:56:a7:4c:05:54:b7:
7d:30:3e:62:93:4b:97:a1:9c:4c:e4:98:81:2a:2d:6f:77:5a:
1d:e5:94:55:19:e1:15:99:a3:34:c2:c8:84:44:16:45:3a:d7:
0f:29:01:6c:e5:cc:6a:6e:76:23:2e:b9:ea:a2:13:98:48:16:
a0:49:04:9c:8a:ad:a8:bb:c6:04:0d:18:ef:89:88:21:c8:26:
39:b5:35:89:44:cc:b3:2f:ae:76:59:4c:78:87:e0:e5:51:76:
5e:09:0c:7b:2c:19:d5:e5:eb:0a:1e:cb:9c:d9:e7:38:6d:59:
64:97:2a:d6:a7:61:b4:70:5a:b7:4d:3b:6f:da:42:1f:1b:79:
72:00:6a:e9:b8:be:8e:36:67:07:ba:d1:0b:c1:43:cb:ff:46:
41:a9:21:4f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY19XEWxESr4hzdmdgm3GGeRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjQwMjA2MDc0MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzEwZGEzZjZlZmEwNWZkMjgxNzVmMTY4ZGQxYjE2YmU1MmIwZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxjHDAuRsFugjMvRK2OFWlnkOktN
i7hh0vphQOiKA8WVTIQpUqY8iybewQilVIFb6ANeApz35OggU9/UH1rssSXB7Fuo
qRhTRw+g68ypDB9CDyhqyCoEIpFCTPrRPIgnosTvT6k72hTdiaMdxNmsvAi/bSw+
FXxqpqQC67UDD1A7tFBPMVnyyQgbfyPwBrrJcc/LYwfcysRHmQ0rRYLtK9LUb05y
sakvGC8mMQgVW8CAnoTvuCpEhH/02GE8T1o6iMMKLqP0GhVFMn1UbXt35Ym7S0+2
mdhKcQWjp/H/Oq5FZyJlqltSzu9UPq+3+2+2Gdsi/Zf6mnMRz3hdNSP0MwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGMQ2j9u+gX9KBdfFo3RsWvlKw5dMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvWXhEYVAyNzZCZjBvRjE4V2pkR3hhLVVyRGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAIfOuwD
BAEfOwADBAIfOwwDBANetjgDBAGX99QwDAMEApf35AMEAZf38DANBgkqhkiG9w0B
AQsFAAOCAQEAesB5dbFF4Qoa9HQ1IRguTR6efrpAAy3u2IiQbdMHPYNxIJA54I9/
9BxbHjOhz10RgHIjf3/dfvYvGhYX+D+58Z+Ln4sUIL5raUZXmjanIPCkEJ2P05to
/4kWC+ljSTl3ZqlSvEwHVqdMBVS3fTA+YpNLl6GcTOSYgSotb3daHeWUVRnhFZmj
NMLIhEQWRTrXDykBbOXMam52Iy656qITmEgWoEkEnIqtqLvGBA0Y74mIIcgmObU1
iUTMsy+udllMeIfg5VF2XgkMeywZ1eXrCh7LnNnnOG1ZZJcq1qdhtHBat007b9pC
Hxt5cgBq6bi+jjZnB7rRC8FDy/9GQakhTw==
-----END CERTIFICATE-----
Generated at Mon Apr 8 12:58:59 2024 by rpki-client on console.sobornost.net