Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/t2WX9W9rXO9oFKd0YWD2-DJVZ5M.roa
File: t2WX9W9rXO9oFKd0YWD2-DJVZ5M.roa (raw, json)
Hash identifier: OEf0dskwfNChQrE7ogAiL4REWn7oEIhe6jNaCoP+Pj0=
Subject key identifier: B7:65:97:F5:6F:6B:5C:EF:68:14:A7:74:61:60:F6:F8:32:55:67:93
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 018E9316BF009FB1CBB892016CD5CF9C97DC
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/t2WX9W9rXO9oFKd0YWD2-DJVZ5M.roa
Signing time: Sun 31 Mar 2024 05:58:45 +0000
ROA not before: Sun 31 Mar 2024 05:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
185.155.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 10:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:93:16:bf:00:9f:b1:cb:b8:92:01:6c:d5:cf:9c:97:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Mar 31 05:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b76597f56f6b5cef6814a7746160f6f832556793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8b:2b:1f:0c:03:ac:0b:d1:53:a5:b3:67:49:
55:8a:19:b8:b3:3d:57:ca:d5:15:3a:10:f3:1e:14:
71:ee:d7:d9:ac:0c:cf:e2:0a:56:2a:65:61:b5:60:
3e:56:f4:cb:ff:4e:ac:95:87:4c:04:3f:3a:ff:69:
06:e2:d2:9e:c2:59:d6:57:95:80:81:a8:b9:cd:4a:
18:f4:e8:fd:ea:b9:dc:13:a9:49:58:3e:ab:6b:67:
7a:63:43:fa:86:b9:83:a5:a7:f5:b4:47:2f:58:ce:
e9:29:77:ab:6f:eb:b3:42:ab:91:70:20:ee:2a:ce:
81:d5:37:57:c3:1d:da:99:46:93:a8:91:16:4f:7b:
72:b7:5d:26:4d:63:64:f6:39:9d:f3:cf:60:94:46:
e2:1d:67:5a:eb:49:92:21:f0:0c:2b:12:3e:28:3d:
01:82:da:d9:46:b2:87:52:a7:e0:7b:dd:06:82:fb:
7e:07:de:bc:d1:dd:0e:5d:2e:c0:df:98:b2:39:aa:
63:00:53:aa:3b:e4:b5:6a:0e:11:a8:44:d4:5f:d9:
38:06:7b:5c:24:80:c0:d2:e2:14:44:a2:e9:e6:a9:
cc:29:8f:47:bb:d1:60:24:af:33:ec:0b:64:fb:c2:
df:98:a3:c5:4b:89:57:da:b3:ae:f5:7d:7d:88:d5:
49:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:65:97:F5:6F:6B:5C:EF:68:14:A7:74:61:60:F6:F8:32:55:67:93
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/t2WX9W9rXO9oFKd0YWD2-DJVZ5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0/24
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:dd:50:6c:5f:df:83:ae:b4:9b:7b:09:8e:95:81:d5:3a:5d:
ef:ea:ca:57:a3:43:cb:1c:91:71:ef:36:4c:08:30:b3:e9:00:
a5:35:3b:b3:e9:34:68:51:d4:75:ee:f2:ec:17:f5:a4:d1:50:
5a:26:41:ca:0e:f5:2b:63:5e:d0:3b:0a:0f:27:0f:50:8b:2a:
25:74:89:ad:c7:f6:e8:4a:90:6a:3d:83:bf:d6:86:e0:d7:53:
0d:1b:12:68:a3:6c:54:17:e6:35:17:ea:bf:9d:84:ba:46:ab:
ec:f7:b6:6f:b4:81:42:8b:b3:1b:b5:b1:bb:f9:2d:01:63:b3:
af:a7:93:55:fa:3d:12:40:9e:a5:49:30:8b:cd:09:bb:30:82:
55:f8:ef:bc:7f:5c:8a:33:42:f8:81:2b:5f:8e:8b:87:2d:f0:
d6:cd:dd:fb:c3:7f:79:b4:6c:65:de:df:d1:ca:d0:14:4a:87:
cd:8b:17:51:59:d6:b6:1d:a6:37:6a:2f:4f:a2:20:85:e0:a0:
15:ed:65:12:0b:d8:4f:4a:c4:25:fe:c5:dc:9a:e0:11:0e:ee:
82:db:f6:34:2c:66:27:01:f1:ba:20:db:bf:45:99:14:cd:71:
6b:59:6f:8c:1b:61:49:c7:6d:bb:82:94:8b:f1:dc:ca:65:b2:
ba:b3:57:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6TFr8An7HLuJIBbNXPnJfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjQwMzMxMDU1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzY1OTdmNTZmNmI1Y2VmNjgxNGE3NzQ2MTYwZjZmODMyNTU2NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIsrHwwDrAvRU6WzZ0lVihm4sz1X
ytUVOhDzHhRx7tfZrAzP4gpWKmVhtWA+VvTL/06slYdMBD86/2kG4tKewlnWV5WA
gai5zUoY9Oj96rncE6lJWD6ra2d6Y0P6hrmDpaf1tEcvWM7pKXerb+uzQquRcCDu
Ks6B1TdXwx3amUaTqJEWT3tyt10mTWNk9jmd889glEbiHWda60mSIfAMKxI+KD0B
gtrZRrKHUqfge90Ggvt+B9680d0OXS7A35iyOapjAFOqO+S1ag4RqETUX9k4Bntc
JIDA0uIURKLp5qnMKY9Hu9FgJK8z7Atk+8LfmKPFS4lX2rOu9X19iNVJlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdll/Vva1zvaBSndGFg9vgyVWeTMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvdDJXWDlXOXJYTzlvRktkMFlXRDItREpWWjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4lAwQB
uZs2MA0GCSqGSIb3DQEBCwUAA4IBAQBM3VBsX9+DrrSbewmOlYHVOl3v6spXo0PL
HJFx7zZMCDCz6QClNTuz6TRoUdR17vLsF/Wk0VBaJkHKDvUrY17QOwoPJw9Qiyol
dImtx/boSpBqPYO/1obg11MNGxJoo2xUF+Y1F+q/nYS6Rqvs97ZvtIFCi7MbtbG7
+S0BY7Ovp5NV+j0SQJ6lSTCLzQm7MIJV+O+8f1yKM0L4gStfjouHLfDWzd37w395
tGxl3t/RytAUSofNixdRWda2HaY3ai9PoiCF4KAV7WUSC9hPSsQl/sXcmuARDu6C
2/Y0LGYnAfG6INu/RZkUzXFrWW+MG2FJx227gpSL8dzKZbK6s1cq
-----END CERTIFICATE-----
Generated at Thu May 2 13:56:34 2024 by rpki-client on console-ams.rpki-client.org