Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/aE58TUUKhlfG5fCLuBF6TLDGQ8M.roa
File: aE58TUUKhlfG5fCLuBF6TLDGQ8M.roa (raw, json)
Hash identifier: BCm4KzKQ2dl2YPQhgRIXEAXP7kODJ7WaFIQPD7I6xF0=
Subject key identifier: 68:4E:7C:4D:45:0A:86:57:C6:E5:F0:8B:B8:11:7A:4C:B0:C6:43:C3
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018D390CB987242398976AFF1A69866FF823
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/aE58TUUKhlfG5fCLuBF6TLDGQ8M.roa
Signing time: Wed 24 Jan 2024 01:19:11 +0000
ROA not before: Wed 24 Jan 2024 01:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207456
IP address blocks: 31.171.132.0/22 maxlen: 24
109.235.53.0/24 maxlen: 24
109.235.54.0/23 maxlen: 24
185.153.188.0/22 maxlen: 24
185.196.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 10:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:39:0c:b9:87:24:23:98:97:6a:ff:1a:69:86:6f:f8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jan 24 01:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=684e7c4d450a8657c6e5f08bb8117a4cb0c643c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b9:34:6c:5c:d4:0d:92:38:d8:d3:01:24:78:
bb:78:a8:59:16:a1:b3:44:b1:c8:ae:7e:11:84:c1:
4a:2a:da:00:42:71:88:b8:36:73:b6:ef:cd:b0:e6:
33:52:1b:7d:5f:61:37:c4:94:2a:88:96:34:70:56:
d3:68:af:c4:a0:d4:44:62:7b:77:ca:41:62:51:c2:
66:b8:77:8c:82:91:c9:c3:95:a5:ba:ff:12:55:b1:
9c:ea:3e:42:f8:01:19:20:53:1d:0d:b6:66:6e:f8:
81:9e:b7:b1:6f:e1:36:12:0c:a3:b4:27:e7:00:0e:
3b:0a:e5:ed:f0:87:8c:3a:01:5b:b2:2c:2a:ab:a9:
07:b6:3b:50:9f:a1:8a:bc:02:d8:44:9c:65:b3:13:
2c:9b:8d:77:32:78:05:c8:59:1f:f2:96:06:63:5b:
48:8b:ae:ea:f5:2c:a8:57:41:fd:3e:16:16:52:7d:
ca:cc:fe:5c:bf:2c:06:39:bb:c5:a3:0e:ed:f9:a5:
c5:0b:99:ab:ab:d4:b0:6d:45:14:26:28:b1:17:aa:
7e:19:58:f3:c8:00:af:ed:94:3b:be:bf:55:87:a6:
a8:85:a2:41:85:81:43:1e:92:ee:c9:6d:28:66:74:
ea:46:69:43:c9:b3:17:c4:71:0b:d4:0a:74:c3:e8:
c7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:4E:7C:4D:45:0A:86:57:C6:E5:F0:8B:B8:11:7A:4C:B0:C6:43:C3
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/aE58TUUKhlfG5fCLuBF6TLDGQ8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.132.0/22
109.235.53.0-109.235.55.255
185.153.188.0/22
185.196.92.0/22
Signature Algorithm: sha256WithRSAEncryption
68:67:36:41:0a:1c:d2:bf:c9:5c:48:d3:03:ff:97:5c:e5:43:
f4:28:8b:2a:68:ab:6d:fa:82:62:ab:20:cc:7e:39:be:08:ec:
31:73:54:41:bd:82:ac:eb:1b:a8:1d:82:c0:11:ec:90:6d:69:
b3:79:12:a6:0e:a7:0f:48:96:67:5e:4b:c7:05:dd:2d:73:6a:
53:a1:fe:43:05:26:5b:d8:f1:7b:67:17:c7:bc:4a:91:20:77:
aa:28:8f:3a:4b:c0:b4:33:f3:fc:87:c9:fb:78:87:bc:10:13:
80:14:37:86:aa:7d:68:27:3c:16:ce:c8:f0:55:d6:c7:bf:09:
60:c1:99:d4:02:f3:b8:8d:67:1c:5f:ea:ac:87:26:ac:19:f4:
0a:b6:17:5f:c2:b9:75:83:5f:3c:b6:e5:0e:94:a2:f5:f6:b3:
b8:70:cd:3c:9f:98:97:00:5c:7b:27:8f:ba:d8:f5:28:f3:aa:
45:13:1e:53:94:21:12:80:93:55:a9:fb:31:9f:35:88:3b:47:
a2:38:19:86:e9:76:be:2a:c7:4a:4a:ab:7a:7b:1a:8f:a9:43:
87:32:ee:8e:eb:c0:5e:e7:e1:15:9c:f5:14:98:17:ad:3e:99:
5c:ad:5d:00:2d:46:80:15:7a:85:c8:95:1c:88:99:ac:a8:c2:
e2:82:b1:48
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY05DLmHJCOYl2r/GmmGb/gjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQwMTI0MDExOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODRlN2M0ZDQ1MGE4NjU3YzZlNWYwOGJiODExN2E0Y2IwYzY0M2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrk0bFzUDZI42NMBJHi7eKhZFqGz
RLHIrn4RhMFKKtoAQnGIuDZztu/NsOYzUht9X2E3xJQqiJY0cFbTaK/EoNREYnt3
ykFiUcJmuHeMgpHJw5Wluv8SVbGc6j5C+AEZIFMdDbZmbviBnrexb+E2EgyjtCfn
AA47CuXt8IeMOgFbsiwqq6kHtjtQn6GKvALYRJxlsxMsm413MngFyFkf8pYGY1tI
i67q9SyoV0H9PhYWUn3KzP5cvywGObvFow7t+aXFC5mrq9SwbUUUJiixF6p+GVjz
yACv7ZQ7vr9Vh6aohaJBhYFDHpLuyW0oZnTqRmlDybMXxHEL1Ap0w+jH8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGhOfE1FCoZXxuXwi7gRekywxkPDMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvYUU1OFRVVUtobGZHNWZDTHVCRjZUTERHUThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCH6uEMAwD
BABt6zUDBANt6zADBAK5mbwDBAK5xFwwDQYJKoZIhvcNAQELBQADggEBAGhnNkEK
HNK/yVxI0wP/l1zlQ/Qoiypoq236gmKrIMx+Ob4I7DFzVEG9gqzrG6gdgsAR7JBt
abN5EqYOpw9IlmdeS8cF3S1zalOh/kMFJlvY8XtnF8e8SpEgd6oojzpLwLQz8/yH
yft4h7wQE4AUN4aqfWgnPBbOyPBV1se/CWDBmdQC87iNZxxf6qyHJqwZ9Aq2F1/C
uXWDXzy25Q6UovX2s7hwzTyfmJcAXHsnj7rY9SjzqkUTHlOUIRKAk1Wp+zGfNYg7
R6I4GYbpdr4qx0pKq3p7Go+pQ4cy7o7rwF7n4RWc9RSYF60+mVytXQAtRoAVeoXI
lRyImayowuKCsUg=
-----END CERTIFICATE-----
Generated at Tue Jul 16 12:52:53 2024 by rpki-client on console-ams.rpki-client.org