Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/flc0VgiAlgCV-NE-Fhd5eHvrOzA.roa
File: flc0VgiAlgCV-NE-Fhd5eHvrOzA.roa (raw, json)
Hash identifier: 9oDK+wO3OylJPFeY6DZOlFJOCV7Ovi1OlEDEWXw55og=
Subject key identifier: 7E:57:34:56:08:80:96:00:95:F8:D1:3E:16:17:79:78:7B:EB:3B:30
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 018571D7BAB3D11D77E9673384818FB3003E
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/flc0VgiAlgCV-NE-Fhd5eHvrOzA.roa
Signing time: Mon 02 Jan 2023 09:37:21 +0000
ROA not before: Mon 02 Jan 2023 09:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.68.0/26 maxlen: 26
31.169.68.0/24 maxlen: 24
31.169.68.224/28 maxlen: 28
31.169.68.160/28 maxlen: 28
31.169.68.192/28 maxlen: 28
31.169.68.128/28 maxlen: 28
31.169.68.96/28 maxlen: 28
31.169.68.64/28 maxlen: 28
31.169.68.240/28 maxlen: 28
31.169.68.208/28 maxlen: 28
31.169.68.176/28 maxlen: 28
31.169.68.144/28 maxlen: 28
31.169.68.112/28 maxlen: 28
31.169.68.80/28 maxlen: 28
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ba:b3:d1:1d:77:e9:67:33:84:81:8f:b3:00:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Jan 2 09:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e5734560880960095f8d13e161779787beb3b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:52:18:ca:a0:28:08:32:dd:ba:a7:98:ef:c6:
47:fd:5e:df:c7:a2:46:97:d2:c7:e0:11:77:86:f6:
8d:a8:92:8d:c5:cc:d2:53:af:3f:94:5b:e1:49:88:
10:63:07:f0:7e:07:9a:a4:e3:2b:1e:6f:e8:2d:ed:
94:d6:18:30:12:27:76:d9:7c:c2:89:c5:0d:33:d5:
8a:ce:a4:e4:05:b6:03:25:45:27:14:ba:6c:00:81:
9f:2d:77:c4:cb:5b:3f:43:70:34:8d:e5:0f:d0:85:
b8:01:1a:99:51:fe:f1:ba:56:4f:ef:6f:9a:38:96:
9b:46:24:c3:a8:6d:66:03:9a:50:13:f9:54:68:c8:
ac:3d:24:f9:e5:54:1e:78:9c:26:76:1e:03:cf:c0:
8b:48:c0:82:1e:98:5e:a8:c2:85:c5:b9:34:5e:8a:
1f:48:05:fc:19:d7:f5:f6:85:9c:51:19:f9:17:c0:
09:47:19:57:f9:c0:e7:a8:da:44:62:a3:0f:5e:c8:
9e:a8:bf:cd:35:96:eb:9d:f3:d7:df:65:a6:51:af:
41:c2:bb:35:21:0d:14:29:3d:ae:b9:eb:2c:65:48:
b5:01:fb:2b:7c:09:9c:1a:4d:ce:ce:87:7f:fa:26:
3c:0d:e0:28:b6:c6:ad:32:4e:d0:26:b6:cc:79:16:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:57:34:56:08:80:96:00:95:F8:D1:3E:16:17:79:78:7B:EB:3B:30
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/flc0VgiAlgCV-NE-Fhd5eHvrOzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.68.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:81:9a:0b:28:b3:a2:03:03:79:eb:ab:8d:49:b1:bf:38:3a:
84:65:65:0d:2a:28:c5:47:67:c3:84:5d:6c:20:88:28:7b:02:
74:2e:12:ce:30:bc:f1:42:8e:64:c8:be:68:08:90:bf:bd:76:
b7:74:60:89:69:62:3d:0c:d7:b0:f6:24:8c:25:4a:ed:55:4f:
29:e7:7a:bf:99:c3:c7:95:8d:4e:fa:7f:ac:58:dd:52:a0:86:
af:84:73:8d:ef:4e:8d:91:38:6d:4f:9b:3e:4f:8e:57:ab:bd:
79:9f:e3:d2:c4:c6:cd:e5:cf:93:2f:8a:18:bf:1a:a9:2d:21:
6f:7b:14:cd:f8:49:ef:1d:90:44:33:f9:3a:36:8b:7b:52:5a:
47:92:ab:6d:86:a5:b8:4a:73:82:a2:e0:84:d3:15:fb:1a:ae:
d9:e8:89:16:cf:07:21:f4:4e:0f:c5:b4:6d:1e:9c:a7:4d:f5:
c7:2d:47:67:d8:86:75:5d:bc:20:27:7b:40:4b:28:97:e6:cc:
3f:18:a6:09:dc:5e:d4:8c:00:3d:50:82:6e:00:4d:b9:f0:7b:
05:4c:b3:6e:8e:37:b8:c3:7d:34:db:df:3e:ee:0a:5d:d3:b0:
16:71:97:aa:63:66:74:aa:96:c7:15:5e:b4:1e:c8:e5:dd:dc:
5d:d9:36:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx17qz0R136WczhIGPswA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjMwMTAyMDkzNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU3MzQ1NjA4ODA5NjAwOTVmOGQxM2UxNjE3Nzk3ODdiZWIzYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFIYyqAoCDLduqeY78ZH/V7fx6JG
l9LH4BF3hvaNqJKNxczSU68/lFvhSYgQYwfwfgeapOMrHm/oLe2U1hgwEid22XzC
icUNM9WKzqTkBbYDJUUnFLpsAIGfLXfEy1s/Q3A0jeUP0IW4ARqZUf7xulZP72+a
OJabRiTDqG1mA5pQE/lUaMisPST55VQeeJwmdh4Dz8CLSMCCHpheqMKFxbk0Xoof
SAX8Gdf19oWcURn5F8AJRxlX+cDnqNpEYqMPXsieqL/NNZbrnfPX32WmUa9Bwrs1
IQ0UKT2uuessZUi1AfsrfAmcGk3Ozod/+iY8DeAotsatMk7QJrbMeRZC8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5XNFYIgJYAlfjRPhYXeXh76zswMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvZmxjMFZnaUFsZ0NWLU5FLUZoZDVlSHZyT3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6lEMA0G
CSqGSIb3DQEBCwUAA4IBAQCPgZoLKLOiAwN566uNSbG/ODqEZWUNKijFR2fDhF1s
IIgoewJ0LhLOMLzxQo5kyL5oCJC/vXa3dGCJaWI9DNew9iSMJUrtVU8p53q/mcPH
lY1O+n+sWN1SoIavhHON706NkThtT5s+T45Xq715n+PSxMbN5c+TL4oYvxqpLSFv
exTN+EnvHZBEM/k6Not7UlpHkqtthqW4SnOCouCE0xX7Gq7Z6IkWzwch9E4PxbRt
HpynTfXHLUdn2IZ1XbwgJ3tASyiX5sw/GKYJ3F7UjAA9UIJuAE258HsFTLNujje4
w300298+7gpd07AWcZeqY2Z0qpbHFV60Hsjl3dxd2TaC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:57 2024 by rpki-client on console-fra.rpki-client.org