Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3iaGhmCBoGwyauRCCzLsw7J6nc0.roa
File: 3iaGhmCBoGwyauRCCzLsw7J6nc0.roa (raw, json)
Hash identifier: c8JZNxytdyPsM5JjTJcS/ZBZrV3exfklDNGqPHFpY18=
Subject key identifier: DE:26:86:86:60:81:A0:6C:32:6A:E4:42:0B:32:EC:C3:B2:7A:9D:CD
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018EFB01964AED23E23D4FD08A65B70DF504
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3iaGhmCBoGwyauRCCzLsw7J6nc0.roa
Signing time: Sat 20 Apr 2024 10:16:08 +0000
ROA not before: Sat 20 Apr 2024 10:16:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39318
IP address blocks: 31.210.174.0/23 maxlen: 24
85.202.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Apr 2024 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fb:01:96:4a:ed:23:e2:3d:4f:d0:8a:65:b7:0d:f5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Apr 20 10:16:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de2686866081a06c326ae4420b32ecc3b27a9dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:54:c4:d8:66:99:08:b0:57:33:cb:6e:d5:
dc:59:e6:5e:10:40:a6:c9:f6:01:b8:4f:30:41:73:
e1:f4:f3:4e:63:12:63:1c:81:a6:76:c2:75:fb:29:
a0:b1:d5:ec:b8:5a:c5:15:92:2c:ff:c6:3e:1e:9f:
41:cb:3c:6d:6b:e9:a5:0d:83:64:ae:42:05:3b:80:
96:5a:2b:b8:a3:f3:00:8e:92:9b:62:e0:64:b2:d6:
fb:80:4a:48:96:6a:08:5f:3d:69:0e:52:ab:b6:3e:
aa:e5:c9:4b:1a:73:01:13:eb:1a:01:09:ee:6a:6c:
e0:84:f7:e3:66:b5:27:cb:bd:54:28:18:7d:a9:91:
48:9d:c3:34:83:23:15:32:34:43:87:00:77:2f:16:
27:cd:b3:50:a4:cf:2a:d2:13:e3:78:8e:72:47:2a:
75:7b:d2:fb:2b:6f:bf:7f:6e:b2:8f:27:2c:8b:bb:
0d:d3:ec:81:3d:30:bd:74:2c:f2:9e:eb:b1:2c:af:
af:3b:83:4b:af:db:53:de:5c:f8:f4:63:69:78:a8:
b7:32:4e:59:4b:54:d6:67:ba:ab:6f:dd:3a:0b:31:
7f:df:1b:be:45:e1:4d:cb:d7:6f:49:15:09:41:cf:
8a:36:ee:f5:88:8a:27:40:36:f4:7b:6c:05:47:ee:
30:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:26:86:86:60:81:A0:6C:32:6A:E4:42:0B:32:EC:C3:B2:7A:9D:CD
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/3iaGhmCBoGwyauRCCzLsw7J6nc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.174.0/23
85.202.192.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:3b:a9:d5:f0:c2:f6:b4:c8:49:8b:1f:2c:76:0e:ce:44:33:
38:70:91:eb:4e:59:bc:6b:ae:c3:9f:bf:0e:7d:ab:3a:ed:5f:
41:85:30:f4:8b:9c:64:7f:18:eb:b9:8f:9e:29:16:bb:a2:b4:
3c:63:0a:40:e0:8d:96:c4:c6:95:09:46:d5:5a:5a:7e:80:4b:
9f:7c:8f:24:85:33:15:51:37:d6:00:1f:6f:b1:6e:60:c8:0e:
85:36:f2:16:ca:b6:5d:ed:ba:d8:0e:fc:da:75:f6:6c:70:98:
45:f6:0a:3f:14:1e:3c:e7:d5:14:4e:12:39:33:1f:4b:a0:ae:
c5:9d:1a:45:8d:49:f8:b7:49:bc:39:f3:c6:ca:4d:7e:ca:06:
23:0d:28:cb:35:77:0e:55:b8:11:81:b1:48:90:97:7c:67:1a:
31:8f:7b:44:38:da:7d:c8:cf:87:c4:89:59:e7:2e:7b:5f:f8:
9b:06:3b:fa:ed:fc:8c:70:34:3b:33:c0:8b:78:42:86:07:64:
1d:7c:5b:70:05:27:3b:1b:0e:7d:3c:8e:c0:24:c5:f6:c7:a4:
ea:3e:b1:72:85:68:6a:45:6b:60:24:26:28:95:b9:67:c3:77:
a5:7d:cc:c1:86:df:a3:62:71:f6:22:4d:60:b9:db:ff:04:07:
20:d1:76:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY77AZZK7SPiPU/QimW3DfUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwNDIwMTAxNjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI2ODY4NjYwODFhMDZjMzI2YWU0NDIwYjMyZWNjM2IyN2E5ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndBUxNhmmQiwVzPLbtXcWeZeEECm
yfYBuE8wQXPh9PNOYxJjHIGmdsJ1+ymgsdXsuFrFFZIs/8Y+Hp9Byzxta+mlDYNk
rkIFO4CWWiu4o/MAjpKbYuBkstb7gEpIlmoIXz1pDlKrtj6q5clLGnMBE+saAQnu
amzghPfjZrUny71UKBh9qZFIncM0gyMVMjRDhwB3LxYnzbNQpM8q0hPjeI5yRyp1
e9L7K2+/f26yjycsi7sN0+yBPTC9dCzynuuxLK+vO4NLr9tT3lz49GNpeKi3Mk5Z
S1TWZ7qrb906CzF/3xu+ReFNy9dvSRUJQc+KNu71iIonQDb0e2wFR+4wRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN4mhoZggaBsMmrkQgsy7MOyep3NMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvM2lhR2htQ0JvR3d5YXVSQ0N6THN3N0o2bmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH9KuAwQA
VcrAMA0GCSqGSIb3DQEBCwUAA4IBAQC0O6nV8ML2tMhJix8sdg7ORDM4cJHrTlm8
a67Dn78Ofas67V9BhTD0i5xkfxjruY+eKRa7orQ8YwpA4I2WxMaVCUbVWlp+gEuf
fI8khTMVUTfWAB9vsW5gyA6FNvIWyrZd7brYDvzadfZscJhF9go/FB4859UUThI5
Mx9LoK7FnRpFjUn4t0m8OfPGyk1+ygYjDSjLNXcOVbgRgbFIkJd8Zxoxj3tEONp9
yM+HxIlZ5y57X/ibBjv67fyMcDQ7M8CLeEKGB2QdfFtwBSc7Gw59PI7AJMX2x6Tq
PrFyhWhqRWtgJCYolblnw3elfczBht+jYnH2Ik1gudv/BAcg0Xb9
-----END CERTIFICATE-----
Generated at Sat Apr 20 14:00:33 2024 by rpki-client on console-ams.rpki-client.org