Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/34AgAmTvUMZPVQM3zsb_pJHhhgE.roa
File: 34AgAmTvUMZPVQM3zsb_pJHhhgE.roa (raw, json)
Hash identifier: k+mCJUEdPihrg4v6zE0lC+8eacJEFg5BvD3/tlyT5co=
Subject key identifier: DF:80:20:02:64:EF:50:C6:4F:55:03:37:CE:C6:FF:A4:91:E1:86:01
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 018CC3496858FB14FAFFBFB722A62D81093B
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/34AgAmTvUMZPVQM3zsb_pJHhhgE.roa
Signing time: Mon 01 Jan 2024 04:30:17 +0000
ROA not before: Mon 01 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209420
IP address blocks: 192.145.17.0/24 maxlen: 24
192.145.16.0/23 maxlen: 23
192.145.16.0/24 maxlen: 24
192.145.18.0/24 maxlen: 24
152.89.133.0/24 maxlen: 24
31.207.68.0/24 maxlen: 24
31.207.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 May 2024 12:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:68:58:fb:14:fa:ff:bf:b7:22:a6:2d:81:09:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 1 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df80200264ef50c64f550337cec6ffa491e18601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2d:c9:a2:43:88:f4:77:0f:14:58:fb:44:54:
71:f3:19:54:35:f7:85:c0:d2:89:84:1a:47:90:43:
0a:12:30:41:f4:08:c6:f2:bb:cb:17:cb:30:0b:c9:
95:f0:d9:2f:7f:c1:d7:f7:05:98:e7:de:c7:1a:dc:
63:95:4f:fb:be:07:d6:4f:9c:4a:ed:c9:f1:23:50:
bd:5d:d5:3d:30:34:44:1d:e3:67:bb:17:a4:1f:96:
29:14:ac:8b:24:b4:6a:e5:c2:c3:69:f1:c9:7a:ba:
b8:b3:63:92:db:79:a3:92:07:f6:89:53:26:d1:07:
39:38:89:d8:f9:68:ed:db:86:f8:37:0a:63:29:30:
99:ff:48:9f:c1:8c:3f:5f:12:ef:42:ec:cc:08:37:
d8:07:5c:51:a4:8a:8b:80:23:1d:33:4b:50:ec:af:
7e:bd:72:54:cb:28:85:e8:9e:e1:0e:96:a8:ae:9f:
9d:c4:13:02:59:63:28:5b:34:fa:f1:0e:28:c7:88:
1d:8a:6a:a2:24:e4:97:59:fa:93:b9:b8:e5:79:9b:
e0:39:87:07:36:59:d6:2c:61:55:d6:5d:d1:dc:11:
12:24:b3:15:7e:05:98:7b:43:20:c9:6f:d4:a8:f2:
a4:4c:3f:28:33:e5:ca:d3:45:e9:4f:4e:ea:a0:09:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:80:20:02:64:EF:50:C6:4F:55:03:37:CE:C6:FF:A4:91:E1:86:01
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/34AgAmTvUMZPVQM3zsb_pJHhhgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.66.0/24
31.207.68.0/24
152.89.133.0/24
192.145.16.0-192.145.18.255
Signature Algorithm: sha256WithRSAEncryption
60:b5:0d:f3:0b:2f:b8:ef:24:38:03:d6:21:df:e7:00:c5:e9:
d7:06:ac:22:d1:6f:8f:2a:36:44:ad:68:ab:ab:31:06:b5:d8:
07:9e:2f:49:b5:2d:36:25:fc:4e:8e:db:44:ec:f2:d5:a0:6d:
f3:e8:c5:1b:33:94:2a:d9:74:12:62:b5:fd:4b:e3:c7:be:0d:
78:0f:77:d5:43:d0:e4:a8:80:aa:ca:83:dc:8d:7c:90:77:fe:
d1:fd:15:1a:38:2c:21:da:fe:57:92:bc:33:f1:14:f2:29:bc:
0a:69:be:65:ec:e5:c2:bd:6b:e6:7c:32:d4:26:6d:7f:80:8e:
6c:9d:59:1f:37:8e:1e:0c:a1:c8:70:b9:4c:58:a2:3f:ed:0a:
1f:eb:e2:e7:00:15:f3:d4:a9:86:13:db:8c:80:71:d1:8d:f8:
72:90:6e:80:8d:ca:64:e1:c4:b1:e2:c9:a7:e5:2e:90:37:26:
15:af:b3:6c:52:86:f2:d4:75:3e:82:c9:d7:03:06:59:10:e6:
4f:90:59:1b:ba:32:eb:1c:c2:2b:17:06:85:19:a4:8d:31:47:
9a:30:ea:6c:ad:f4:eb:a4:4a:26:18:78:68:07:4c:91:28:9b:
52:c9:69:00:6c:bb:72:48:15:23:7e:5e:9b:13:44:6a:8d:8f:
f5:3f:0c:a0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSWhY+xT6/7+3IqYtgQk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjQwMTAxMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjgwMjAwMjY0ZWY1MGM2NGY1NTAzMzdjZWM2ZmZhNDkxZTE4NjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy3JokOI9HcPFFj7RFRx8xlUNfeF
wNKJhBpHkEMKEjBB9AjG8rvLF8swC8mV8Nkvf8HX9wWY597HGtxjlU/7vgfWT5xK
7cnxI1C9XdU9MDREHeNnuxekH5YpFKyLJLRq5cLDafHJerq4s2OS23mjkgf2iVMm
0Qc5OInY+Wjt24b4NwpjKTCZ/0ifwYw/XxLvQuzMCDfYB1xRpIqLgCMdM0tQ7K9+
vXJUyyiF6J7hDpaorp+dxBMCWWMoWzT68Q4ox4gdimqiJOSXWfqTubjleZvgOYcH
NlnWLGFV1l3R3BESJLMVfgWYe0MgyW/UqPKkTD8oM+XK00XpT07qoAntIwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFN+AIAJk71DGT1UDN87G/6SR4YYBMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvMzRBZ0FtVHZVTVpQVlFNM3pzYl9wSkhoaGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAH89CAwQA
H89EAwQAmFmFMAwDBATAkRADBADAkRIwDQYJKoZIhvcNAQELBQADggEBAGC1DfML
L7jvJDgD1iHf5wDF6dcGrCLRb48qNkStaKurMQa12AeeL0m1LTYl/E6O20Ts8tWg
bfPoxRszlCrZdBJitf1L48e+DXgPd9VD0OSogKrKg9yNfJB3/tH9FRo4LCHa/leS
vDPxFPIpvAppvmXs5cK9a+Z8MtQmbX+AjmydWR83jh4MochwuUxYoj/tCh/r4ucA
FfPUqYYT24yAcdGN+HKQboCNymThxLHiyaflLpA3JhWvs2xShvLUdT6CydcDBlkQ
5k+QWRu6MuscwisXBoUZpI0xR5ow6myt9OukSiYYeGgHTJEom1LJaQBsu3JIFSN+
XpsTRGqNj/U/DKA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:14 2024 by rpki-client on console-fra.rpki-client.org