Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/4WclXtJyV6jQoN18KcLttozmLWY.roa
File: 4WclXtJyV6jQoN18KcLttozmLWY.roa (raw, json)
Hash identifier: istDQi12RqflJk6Us1oUJYwzGLN8EMQCvT33ARiMcJE=
Subject key identifier: E1:67:25:5E:D2:72:57:A8:D0:A0:DD:7C:29:C2:ED:B6:8C:E6:2D:66
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 018B7DC617D41F8BCEDCDF3209ACDB104C0B
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/4WclXtJyV6jQoN18KcLttozmLWY.roa
Signing time: Sun 29 Oct 2023 23:30:16 +0000
ROA not before: Sun 29 Oct 2023 23:30:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52091
IP address blocks: 31.133.42.0/24 maxlen: 24
31.133.40.0/24 maxlen: 24
31.133.40.0/23 maxlen: 24
31.133.41.0/24 maxlen: 24
2a0d:df80::/31 maxlen: 31
2a0d:df80::/29 maxlen: 29
2a0d:df80::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7d:c6:17:d4:1f:8b:ce:dc:df:32:09:ac:db:10:4c:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Oct 29 23:30:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e167255ed27257a8d0a0dd7c29c2edb68ce62d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e0:3b:6f:0f:df:75:f0:ef:7f:d9:be:db:46:
3d:19:ae:f5:3a:b2:4a:29:e3:1d:1c:d6:bc:73:98:
b0:7a:69:06:d0:3c:6a:65:88:ff:39:2c:c5:56:e2:
ab:ce:95:8b:56:11:ff:ac:79:58:87:2a:6b:21:78:
67:65:b5:02:c6:28:a9:0e:9e:87:2a:3c:e9:9c:7a:
cc:23:9e:b5:ba:46:23:ac:ca:74:80:f8:7d:6f:bb:
51:80:35:b9:65:b9:11:8d:0f:06:c4:10:36:0f:f4:
3d:dd:c9:e5:1f:ea:63:b1:64:c8:2e:62:89:c5:84:
bb:f6:97:88:a1:55:c6:6a:75:08:00:6a:b1:d8:47:
49:9b:c3:b3:cf:89:0a:0d:16:00:bb:32:42:b9:30:
e1:03:3b:f2:06:d3:13:7d:85:fc:35:02:40:a6:da:
09:36:1f:5d:61:4f:5f:fd:09:8b:5b:5e:a3:28:f9:
29:fb:0c:21:80:70:fa:f7:8b:43:b2:81:24:3b:37:
1e:1a:4e:e1:b7:4f:fc:02:cb:6d:f3:62:a2:bb:42:
15:72:73:26:c5:fd:8a:85:67:21:58:4b:68:03:c3:
45:86:22:d6:df:58:11:47:ea:5d:9b:97:4c:89:14:
34:db:4f:49:01:c7:13:72:d9:e5:c9:19:b4:52:9f:
81:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:67:25:5E:D2:72:57:A8:D0:A0:DD:7C:29:C2:ED:B6:8C:E6:2D:66
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/4WclXtJyV6jQoN18KcLttozmLWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.40.0-31.133.42.255
IPv6:
2a0d:df80::/29
Signature Algorithm: sha256WithRSAEncryption
81:20:83:85:83:4d:14:19:7f:69:60:ba:ce:2e:50:e1:6a:36:
a5:5f:78:73:8f:b3:6b:34:67:cb:69:de:c2:9e:99:36:79:c3:
e2:e3:93:52:55:c5:f6:6a:fc:ec:d5:10:f7:76:c0:24:c0:ff:
fc:ef:61:71:37:8c:76:f3:25:25:f1:72:4f:fa:9e:5f:ff:97:
eb:29:97:f7:da:68:c6:b6:e4:2f:a1:7d:c8:3f:55:df:79:6a:
ae:44:4a:e4:37:12:2d:ec:3c:88:15:f1:21:d4:fd:17:cf:af:
d3:6a:23:27:3c:80:ee:79:eb:b0:f5:db:78:98:f6:32:5c:04:
f5:39:dc:56:9a:25:49:73:f1:cb:40:ae:e3:b5:63:45:15:0f:
33:ab:51:99:14:bf:70:96:ee:33:48:ed:85:62:a8:6b:7f:f6:
ca:98:98:64:ba:fa:43:ee:87:bb:f1:dc:01:2d:2c:44:3a:24:
95:38:9a:ae:2c:4a:dc:bb:c3:db:ab:48:48:b5:6f:e5:69:a6:
c9:4a:5c:ba:1f:7c:45:04:ef:cd:8e:96:87:9d:04:56:25:87:
92:c6:93:ff:e9:3c:a1:ad:a8:91:06:33:4b:65:ab:70:10:4d:
d4:61:c6:59:bd:36:0b:ae:0f:57:80:bf:fd:e5:0b:c7:00:59:
a3:55:7c:b6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYt9xhfUH4vO3N8yCazbEEwLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMxMDI5MjMzMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTY3MjU1ZWQyNzI1N2E4ZDBhMGRkN2MyOWMyZWRiNjhjZTYyZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeA7bw/fdfDvf9m+20Y9Ga71OrJK
KeMdHNa8c5iwemkG0DxqZYj/OSzFVuKrzpWLVhH/rHlYhyprIXhnZbUCxiipDp6H
KjzpnHrMI561ukYjrMp0gPh9b7tRgDW5ZbkRjQ8GxBA2D/Q93cnlH+pjsWTILmKJ
xYS79peIoVXGanUIAGqx2EdJm8Ozz4kKDRYAuzJCuTDhAzvyBtMTfYX8NQJAptoJ
Nh9dYU9f/QmLW16jKPkp+wwhgHD694tDsoEkOzceGk7ht0/8Astt82Kiu0IVcnMm
xf2KhWchWEtoA8NFhiLW31gRR+pdm5dMiRQ0209JAccTctnlyRm0Up+BKQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOFnJV7Scleo0KDdfCnC7baM5i1mMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvNFdjbFh0SnlWNmpRb04xOEtjTHR0b3ptTFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMfhSgD
BAAfhSowDQQCAAIwBwMFAyoN34AwDQYJKoZIhvcNAQELBQADggEBAIEgg4WDTRQZ
f2lgus4uUOFqNqVfeHOPs2s0Z8tp3sKemTZ5w+Ljk1JVxfZq/OzVEPd2wCTA//zv
YXE3jHbzJSXxck/6nl//l+spl/faaMa25C+hfcg/Vd95aq5ESuQ3Ei3sPIgV8SHU
/RfPr9NqIyc8gO5567D123iY9jJcBPU53FaaJUlz8ctAruO1Y0UVDzOrUZkUv3CW
7jNI7YViqGt/9sqYmGS6+kPuh7vx3AEtLEQ6JJU4mq4sSty7w9urSEi1b+VppslK
XLoffEUE782OloedBFYlh5LGk//pPKGtqJEGM0tlq3AQTdRhxlm9NguuD1eAv/3l
C8cAWaNVfLY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:41 2024 by rpki-client on console-ams.rpki-client.org