Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/ewjAG7B3ueTgiH9q21Fqx54fp5s.roa
File: ewjAG7B3ueTgiH9q21Fqx54fp5s.roa (raw, json)
Hash identifier: ouiQStckC18m74+RFL6NXqbOXM4xKuMtmGXxprg7kg4=
Subject key identifier: 7B:08:C0:1B:B0:77:B9:E4:E0:88:7F:6A:DB:51:6A:C7:9E:1F:A7:9B
Certificate issuer: /CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Certificate serial: 019001C658EFE5FCBA8A1078818D3AE383EF
Authority key identifier: CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/ewjAG7B3ueTgiH9q21Fqx54fp5s.roa
Signing time: Mon 10 Jun 2024 10:51:34 +0000
ROA not before: Mon 10 Jun 2024 10:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56547
IP address blocks: 31.24.232.0/24 maxlen: 24
31.24.233.0/24 maxlen: 24
31.24.234.0/24 maxlen: 24
31.24.235.0/24 maxlen: 24
31.24.236.0/24 maxlen: 24
31.24.237.0/24 maxlen: 24
31.24.238.0/24 maxlen: 24
31.24.239.0/24 maxlen: 24
185.69.108.0/24 maxlen: 24
185.69.109.0/24 maxlen: 24
185.69.110.0/24 maxlen: 24
185.69.111.0/24 maxlen: 24
185.76.248.0/24 maxlen: 24
185.76.249.0/24 maxlen: 24
185.76.250.0/24 maxlen: 24
185.76.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 09:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:01:c6:58:ef:e5:fc:ba:8a:10:78:81:8d:3a:e3:83:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb30eb4353ed750faf23f2f1e14018c6cfc62715
Validity
Not Before: Jun 10 10:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b08c01bb077b9e4e0887f6adb516ac79e1fa79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:38:10:8d:8e:c1:6c:69:0c:22:53:97:0e:82:
75:51:35:a0:c9:e6:ed:49:5f:0e:1c:6b:15:4d:d9:
2c:67:53:0b:5e:8b:63:70:4e:b3:eb:13:68:90:11:
3e:dd:63:3e:45:84:b0:a4:8a:f9:1e:f5:e0:48:8a:
17:14:c0:2b:c8:b9:91:33:1c:32:4e:52:2a:b3:97:
c4:06:7f:9c:53:d8:f9:2e:8f:ea:1f:66:cf:c5:02:
b3:7e:84:bb:5d:25:e9:6e:60:72:6a:9f:60:cc:cc:
b1:f2:9b:80:c5:77:c1:f7:41:f8:e9:a0:81:d1:41:
23:c6:64:f4:24:80:73:20:ea:25:0c:c8:fa:51:b5:
2e:4f:35:48:03:8e:a6:b3:e8:ab:3c:85:98:de:49:
2e:30:ca:c7:59:78:20:12:fd:81:ca:70:20:05:8d:
b1:df:4a:d3:d0:49:d4:fe:bf:e2:c8:69:7f:13:0c:
04:b9:e3:03:e7:99:9f:dc:07:d7:1f:28:30:f4:cf:
ed:d4:ec:eb:55:8d:ff:85:63:0a:b5:23:3d:c9:81:
23:f7:81:05:98:72:8a:f8:62:b9:04:56:07:36:f2:
eb:04:dc:37:c3:48:d0:f9:d2:ed:49:8a:16:7c:13:
43:5d:26:d8:ee:29:3c:ce:ae:cb:57:da:39:4c:05:
38:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:08:C0:1B:B0:77:B9:E4:E0:88:7F:6A:DB:51:6A:C7:9E:1F:A7:9B
X509v3 Authority Key Identifier:
keyid:CB:30:EB:43:53:ED:75:0F:AF:23:F2:F1:E1:40:18:C6:CF:C6:27:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/ewjAG7B3ueTgiH9q21Fqx54fp5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/f09744-8f5b-45ad-95a8-1b9a323c570b/1/yzDrQ1PtdQ-vI_Lx4UAYxs_GJxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.232.0/21
185.69.108.0/22
185.76.248.0/22
Signature Algorithm: sha256WithRSAEncryption
38:ca:05:05:4c:51:32:b6:f9:b3:9a:b7:b3:a4:6a:4f:2b:42:
89:ca:9b:c5:7c:48:71:ea:bc:99:79:83:67:62:48:c6:78:dc:
4e:b6:56:c8:2d:df:9c:3f:5e:b0:69:ce:69:62:8c:11:52:31:
ff:97:ce:d8:c6:9d:ed:d5:3d:de:2f:87:d0:71:1c:fb:00:7c:
e2:c3:b3:66:fa:38:2e:86:3d:04:49:bb:ed:26:28:05:eb:52:
e1:e2:a6:44:d5:c6:e5:dd:86:a4:19:19:37:96:72:96:a0:82:
d2:45:11:1a:19:51:cb:71:2c:4f:71:c7:5f:b6:25:45:6c:a6:
3e:12:87:1b:1c:e3:28:5a:fe:4d:1e:f9:62:d7:5f:b4:bd:f2:
17:b8:18:1a:23:b7:65:23:f8:2e:77:f2:57:37:41:19:50:f6:
57:b3:63:20:58:d0:f0:6a:f2:c2:59:f5:27:3c:b2:1f:06:83:
a2:02:67:18:e8:ff:65:9d:a1:8b:54:d4:08:0d:82:96:f4:9f:
de:36:63:43:ae:87:c9:78:01:45:9d:c8:25:60:a6:44:c9:98:
7a:b8:9d:74:0a:6c:32:dc:46:39:5a:ed:de:47:d7:f1:94:a2:
3f:c7:80:ad:5b:d2:27:9b:47:fc:01:7f:7f:ef:15:5e:e0:2c:
69:52:43:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZABxljv5fy6ihB4gY0644PvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzBlYjQzNTNlZDc1MGZhZjIzZjJmMWUxNDAxOGM2Y2Zj
NjI3MTUwHhcNMjQwNjEwMTA1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjA4YzAxYmIwNzdiOWU0ZTA4ODdmNmFkYjUxNmFjNzllMWZhNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TgQjY7BbGkMIlOXDoJ1UTWgyebt
SV8OHGsVTdksZ1MLXotjcE6z6xNokBE+3WM+RYSwpIr5HvXgSIoXFMAryLmRMxwy
TlIqs5fEBn+cU9j5Lo/qH2bPxQKzfoS7XSXpbmByap9gzMyx8puAxXfB90H46aCB
0UEjxmT0JIBzIOolDMj6UbUuTzVIA46ms+irPIWY3kkuMMrHWXggEv2BynAgBY2x
30rT0EnU/r/iyGl/EwwEueMD55mf3AfXHygw9M/t1OzrVY3/hWMKtSM9yYEj94EF
mHKK+GK5BFYHNvLrBNw3w0jQ+dLtSYoWfBNDXSbY7ik8zq7LV9o5TAU41QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsIwBuwd7nk4Ih/attRaseeH6ebMB8GA1UdIwQY
MBaAFMsw60NT7XUPryPy8eFAGMbPxicVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgt
MWI5YTMyM2M1NzBiLzEvZXdqQUc3QjN1ZVRnaUg5cTIxRnF4NTRmcDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9mMDk3NDQtOGY1Yi00NWFkLTk1YTgtMWI5YTMyM2M1NzBi
LzEveXpEclExUHRkUS12SV9MeDRVQVl4c19HSnhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxjoAwQC
uUVsAwQCuUz4MA0GCSqGSIb3DQEBCwUAA4IBAQA4ygUFTFEytvmzmrezpGpPK0KJ
ypvFfEhx6ryZeYNnYkjGeNxOtlbILd+cP16wac5pYowRUjH/l87Yxp3t1T3eL4fQ
cRz7AHziw7Nm+jguhj0ESbvtJigF61Lh4qZE1cbl3YakGRk3lnKWoILSRREaGVHL
cSxPccdftiVFbKY+EocbHOMoWv5NHvli11+0vfIXuBgaI7dlI/gud/JXN0EZUPZX
s2MgWNDwavLCWfUnPLIfBoOiAmcY6P9lnaGLVNQIDYKW9J/eNmNDrofJeAFFncgl
YKZEyZh6uJ10Cmwy3EY5Wu3eR9fxlKI/x4CtW9Inm0f8AX9/7xVe4CxpUkPW
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:23 2024 by rpki-client on console-ams.rpki-client.org