Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/5a3j-rukgfaMkKnzJ1HWw87bqXI.roa
File: 5a3j-rukgfaMkKnzJ1HWw87bqXI.roa (raw, json)
Hash identifier: Ztl2RVu0Ftp5y6dtnbrWhBrUrq24jnkii78vYz1rlb8=
Subject key identifier: E5:AD:E3:FA:BB:A4:81:F6:8C:90:A9:F3:27:51:D6:C3:CE:DB:A9:72
Certificate issuer: /CN=16a28a0e241fff7aa2e64aa388156f223e2d215f
Certificate serial: 018F050424D7E9E643BB436AC1BF66BB0BD7
Authority key identifier: 16:A2:8A:0E:24:1F:FF:7A:A2:E6:4A:A3:88:15:6F:22:3E:2D:21:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FqKKDiQf_3qi5kqjiBVvIj4tIV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/5a3j-rukgfaMkKnzJ1HWw87bqXI.roa
Signing time: Mon 22 Apr 2024 08:55:08 +0000
ROA not before: Mon 22 Apr 2024 08:55:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51069
IP address blocks: 31.129.64.0/19 maxlen: 19
178.219.80.0/20 maxlen: 20
193.194.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 06 Sep 2024 09:56:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:04:24:d7:e9:e6:43:bb:43:6a:c1:bf:66:bb:0b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16a28a0e241fff7aa2e64aa388156f223e2d215f
Validity
Not Before: Apr 22 08:55:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ade3fabba481f68c90a9f32751d6c3cedba972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4a:8a:ef:e5:07:4d:3a:88:af:1f:66:48:18:
92:a9:4f:3a:3f:b8:84:90:38:12:f6:38:23:b9:4b:
67:03:28:4f:06:d8:a8:81:1c:a5:b3:68:b0:89:3a:
a3:83:ba:41:25:3d:62:8e:83:42:ae:05:50:e1:8a:
73:72:11:74:bc:6a:1b:a8:e4:7e:3d:9e:f7:02:87:
7c:8f:05:da:4c:18:ae:e1:d3:1a:f2:4f:63:67:ca:
dc:d1:b2:12:f1:16:48:f9:db:f1:e0:55:0b:a5:86:
b9:b9:c7:69:2f:22:06:9b:36:1e:f3:e3:42:d9:f1:
2c:8a:5e:1a:35:57:43:6f:89:35:a2:62:57:0b:3e:
b2:4b:84:0f:e0:6a:1d:0b:ab:02:f1:d2:3b:9d:63:
93:dd:e8:ac:24:9d:db:d9:2b:05:61:ca:51:ac:4e:
0d:4b:01:79:56:6b:b0:78:ef:1c:76:6c:6c:0b:80:
74:81:3e:ba:ed:e2:fe:0e:aa:fb:54:2a:d2:0c:0c:
fc:41:cb:88:ab:48:8f:ad:2c:58:b0:39:da:e0:77:
80:c5:ae:a5:c4:2b:49:05:f6:1d:36:09:c5:79:35:
3b:f4:b7:76:8a:eb:5b:ab:62:4f:64:cf:87:71:b5:
0e:86:ea:66:28:33:aa:40:d3:5f:b7:3e:0f:10:2f:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AD:E3:FA:BB:A4:81:F6:8C:90:A9:F3:27:51:D6:C3:CE:DB:A9:72
X509v3 Authority Key Identifier:
keyid:16:A2:8A:0E:24:1F:FF:7A:A2:E6:4A:A3:88:15:6F:22:3E:2D:21:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FqKKDiQf_3qi5kqjiBVvIj4tIV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/5a3j-rukgfaMkKnzJ1HWw87bqXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d95f1d-0e77-4ec6-bbca-fb2a983cc66a/1/FqKKDiQf_3qi5kqjiBVvIj4tIV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.64.0/19
178.219.80.0/20
193.194.108.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:73:68:e6:ff:b1:c3:d4:b1:82:f6:17:63:09:7b:7a:5a:0c:
a6:91:d4:9e:25:db:0d:25:55:b2:f4:e6:2e:5e:ad:7d:bc:32:
b8:34:c5:c9:8b:2f:7e:c1:10:c2:2b:37:bf:13:da:54:b6:68:
da:d5:3e:18:d1:61:e0:f0:75:0b:64:b3:8f:cf:d1:ad:4e:e3:
1d:37:e6:e8:d7:ed:74:71:49:f6:3f:dd:a2:95:63:a2:37:c9:
da:f1:af:1f:d8:c4:78:af:f7:23:09:3d:31:f0:43:53:1e:52:
7a:43:65:f5:99:f0:68:19:84:5f:67:b9:91:a0:bd:fd:ac:9e:
59:98:6d:99:f8:80:41:ae:76:ca:fb:ae:1b:88:f4:16:ee:73:
ec:10:3b:03:4a:b3:20:08:7f:b8:ac:7f:aa:7f:d3:eb:e0:84:
32:b8:07:4c:fc:6d:2e:17:1a:24:1f:5c:0e:b4:8e:d1:94:72:
a2:4e:c4:70:dc:5b:fa:ec:08:ce:32:12:df:bb:50:a6:4f:74:
3a:d7:3f:02:c5:e9:5a:08:46:0f:71:26:7f:97:e5:f2:85:17:
e4:8e:3a:18:34:3d:0c:e6:00:91:18:9b:a6:8b:31:8e:1b:4e:
c5:17:d8:a5:1d:8e:33:fe:10:78:05:9a:68:8e:b5:f4:7e:de:
a7:b4:c8:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8FBCTX6eZDu0Nqwb9muwvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2YTI4YTBlMjQxZmZmN2FhMmU2NGFhMzg4MTU2ZjIyM2Uy
ZDIxNWYwHhcNMjQwNDIyMDg1NTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFkZTNmYWJiYTQ4MWY2OGM5MGE5ZjMyNzUxZDZjM2NlZGJhOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEqK7+UHTTqIrx9mSBiSqU86P7iE
kDgS9jgjuUtnAyhPBtiogRyls2iwiTqjg7pBJT1ijoNCrgVQ4YpzchF0vGobqOR+
PZ73Aod8jwXaTBiu4dMa8k9jZ8rc0bIS8RZI+dvx4FULpYa5ucdpLyIGmzYe8+NC
2fEsil4aNVdDb4k1omJXCz6yS4QP4GodC6sC8dI7nWOT3eisJJ3b2SsFYcpRrE4N
SwF5VmuweO8cdmxsC4B0gT667eL+Dqr7VCrSDAz8QcuIq0iPrSxYsDna4HeAxa6l
xCtJBfYdNgnFeTU79Ld2iutbq2JPZM+HcbUOhupmKDOqQNNftz4PEC/icQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOWt4/q7pIH2jJCp8ydR1sPO26lyMB8GA1UdIwQY
MBaAFBaiig4kH/96ouZKo4gVbyI+LSFfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnFLS0RpUWZfM3FpNWtxamlCVnZJajR0SVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kOTVmMWQtMGU3Ny00ZWM2LWJiY2Et
ZmIyYTk4M2NjNjZhLzEvNWEzai1ydWtnZmFNa0tuekoxSFd3ODdicVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kOTVmMWQtMGU3Ny00ZWM2LWJiY2EtZmIyYTk4M2NjNjZh
LzEvRnFLS0RpUWZfM3FpNWtxamlCVnZJajR0SVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFH4FAAwQE
sttQAwQCwcJsMA0GCSqGSIb3DQEBCwUAA4IBAQBPc2jm/7HD1LGC9hdjCXt6Wgym
kdSeJdsNJVWy9OYuXq19vDK4NMXJiy9+wRDCKze/E9pUtmja1T4Y0WHg8HULZLOP
z9GtTuMdN+bo1+10cUn2P92ilWOiN8na8a8f2MR4r/cjCT0x8ENTHlJ6Q2X1mfBo
GYRfZ7mRoL39rJ5ZmG2Z+IBBrnbK+64biPQW7nPsEDsDSrMgCH+4rH+qf9Pr4IQy
uAdM/G0uFxokH1wOtI7RlHKiTsRw3Fv67AjOMhLfu1CmT3Q61z8CxelaCEYPcSZ/
l+XyhRfkjjoYND0M5gCRGJumizGOG07FF9ilHY4z/hB4BZpojrX0ft6ntMiK
-----END CERTIFICATE-----
Generated at Fri Sep 6 10:58:44 2024 by rpki-client on console-fra.rpki-client.org