Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3QGk9IQ7kgwCg7_e62vSyT0Iij8.roa
File: 3QGk9IQ7kgwCg7_e62vSyT0Iij8.roa (raw, json)
Hash identifier: uqtFmZOUvUS3a1SMO8LGhzEAoMqehHWzDflsyxs0s0Q=
Subject key identifier: DD:01:A4:F4:84:3B:92:0C:02:83:BF:DE:EB:6B:D2:C9:3D:08:8A:3F
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018A5F502D6F98FB5B8C7A58C64936240688
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3QGk9IQ7kgwCg7_e62vSyT0Iij8.roa
Signing time: Mon 04 Sep 2023 08:30:04 +0000
ROA not before: Mon 04 Sep 2023 08:30:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.17.0/24 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
141.98.232.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
94.198.216.0/22 maxlen: 24
81.200.144.0/21 maxlen: 24
31.129.0.0/20 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
46.19.64.0/22 maxlen: 24
37.220.80.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:50:2d:6f:98:fb:5b:8c:7a:58:c6:49:36:24:06:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Sep 4 08:30:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd01a4f4843b920c0283bfdeeb6bd2c93d088a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:98:00:dc:0c:db:43:34:31:96:7a:51:8c:bb:
5f:22:34:fe:22:02:63:43:ba:c7:b8:2d:ca:30:3a:
a4:f6:95:68:83:1a:6f:f3:5f:7f:a3:c2:dd:9b:de:
6f:e2:f2:3e:56:b0:48:4e:c9:24:9c:6a:08:8a:9e:
9a:9e:72:03:26:55:03:f4:08:89:ba:b0:d3:b4:f0:
8c:7d:cd:00:af:cb:fe:55:a9:4a:72:70:16:2b:7f:
78:32:a8:2b:9f:9d:51:69:e8:41:c9:3b:4e:cd:6f:
e6:0e:ca:40:ae:ba:52:d6:5a:45:d0:03:12:a6:9e:
2d:fd:38:14:10:e2:78:b1:cd:e0:55:da:b7:1f:65:
d5:cc:0b:90:9c:26:34:6a:31:4e:90:c8:d1:05:fb:
3e:05:fc:bb:f8:cf:df:45:cc:31:34:9f:eb:3e:1b:
99:c3:37:ab:5e:96:c2:a4:9c:d3:45:6f:f3:05:13:
04:20:46:63:27:6d:13:ab:aa:e7:ef:c6:ba:64:5c:
2f:9c:d1:b8:71:9e:d9:a9:82:3a:00:d5:9c:49:dd:
ea:c0:2f:09:4b:4e:37:f5:a0:47:3c:01:3c:fa:b8:
22:5a:33:24:2c:32:75:f0:a6:cf:8d:aa:55:82:52:
21:6c:7e:a9:3a:99:87:ab:2e:cb:7e:7c:19:8c:fa:
0c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:01:A4:F4:84:3B:92:0C:02:83:BF:DE:EB:6B:D2:C9:3D:08:8A:3F
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/3QGk9IQ7kgwCg7_e62vSyT0Iij8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.19.64.0/22
81.200.144.0-81.200.157.255
94.198.216.0/22
141.98.232.0/24
141.98.234.0/24
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
79:45:6b:89:fa:6b:30:06:86:cf:27:b4:fc:ed:6d:54:d9:c2:
6f:6f:3c:f8:05:82:61:b8:42:f3:95:cf:a9:f2:9b:c6:f4:46:
9d:b7:01:d7:f1:54:f4:ca:52:7d:1b:24:8d:bc:12:e9:25:79:
9b:a0:66:be:31:21:29:1f:d5:a8:99:cc:27:14:23:d8:4c:77:
8a:e4:72:fa:5b:c3:d4:8f:2c:62:b7:14:83:31:18:ae:bb:0a:
07:89:66:cc:10:68:9f:4f:a0:f6:40:f5:5d:e7:31:c2:d4:10:
e0:f4:83:b5:d2:a2:3b:77:44:81:c3:bc:99:e9:18:2c:6c:ea:
55:e0:20:58:6b:b2:0a:5b:f7:3b:bc:f9:8d:74:14:44:50:da:
27:9f:7f:58:aa:8e:8c:b7:09:50:f1:f2:e8:c5:83:3d:07:58:
ae:88:29:e2:f9:9d:2c:35:81:f7:e8:67:c4:fe:7a:af:f1:4a:
29:32:fc:43:1c:21:da:31:34:c1:fd:4d:15:e2:70:a9:f3:6c:
98:e6:46:b4:86:76:4a:b9:68:65:47:d6:be:06:0d:3a:38:ea:
44:2d:4d:af:42:34:60:ca:4e:71:e2:5a:2b:23:84:f2:9b:df:
9b:6f:87:01:dc:54:88:74:d3:ff:70:71:6f:7d:df:89:c4:2c:
bc:13:63:0b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYpfUC1vmPtbjHpYxkk2JAaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwOTA0MDgzMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDAxYTRmNDg0M2I5MjBjMDI4M2JmZGVlYjZiZDJjOTNkMDg4YTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJgA3AzbQzQxlnpRjLtfIjT+IgJj
Q7rHuC3KMDqk9pVogxpv819/o8Ldm95v4vI+VrBITskknGoIip6annIDJlUD9AiJ
urDTtPCMfc0Ar8v+ValKcnAWK394Mqgrn51RaehByTtOzW/mDspArrpS1lpF0AMS
pp4t/TgUEOJ4sc3gVdq3H2XVzAuQnCY0ajFOkMjRBfs+Bfy7+M/fRcwxNJ/rPhuZ
wzerXpbCpJzTRW/zBRMEIEZjJ20Tq6rn78a6ZFwvnNG4cZ7ZqYI6ANWcSd3qwC8J
S0439aBHPAE8+rgiWjMkLDJ18KbPjapVglIhbH6pOpmHqy7LfnwZjPoMRQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFN0BpPSEO5IMAoO/3utr0sk9CIo/MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvM1FHazlJUTdrZ3dDZzdfZTYydlN5VDBJaWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAsDAwAfgQME
AB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQCLhNAMAwDBARRyJADBAFR
yJwDBAJextgDBACNYugDBACNYuoDBAG5psQwDQYJKoZIhvcNAQELBQADggEBAHlF
a4n6azAGhs8ntPztbVTZwm9vPPgFgmG4QvOVz6nym8b0Rp23AdfxVPTKUn0bJI28
EukleZugZr4xISkf1aiZzCcUI9hMd4rkcvpbw9SPLGK3FIMxGK67CgeJZswQaJ9P
oPZA9V3nMcLUEOD0g7XSojt3RIHDvJnpGCxs6lXgIFhrsgpb9zu8+Y10FERQ2ief
f1iqjoy3CVDx8ujFgz0HWK6IKeL5nSw1gffoZ8T+eq/xSiky/EMcIdoxNMH9TRXi
cKnzbJjmRrSGdkq5aGVH1r4GDTo46kQtTa9CNGDKTnHiWisjhPKb35tvhwHcVIh0
0/9wcW9934nELLwTYws=
-----END CERTIFICATE-----
Generated at Tue Sep 12 05:42:01 2023 by rpki-client on console-ams.rpki-client.org