Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/k9sacxqE5VMeV0DyL19Mgpzo8G4.roa
File: k9sacxqE5VMeV0DyL19Mgpzo8G4.roa (raw, json)
Hash identifier: VmEoBQ/fM26DB2eO+rQhBj5j8Dsb6aDwvg/4uQL5aYs=
Subject key identifier: 93:DB:1A:73:1A:84:E5:53:1E:57:40:F2:2F:5F:4C:82:9C:E8:F0:6E
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 018E7A7BEAA3866750F222F43A617C0327C4
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/k9sacxqE5VMeV0DyL19Mgpzo8G4.roa
Signing time: Tue 26 Mar 2024 11:18:45 +0000
ROA not before: Tue 26 Mar 2024 11:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215247
IP address blocks: 31.207.64.0/23 maxlen: 23
31.207.64.0/24 maxlen: 24
31.207.65.0/24 maxlen: 24
152.89.135.0/24 maxlen: 24
192.145.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:7b:ea:a3:86:67:50:f2:22:f4:3a:61:7c:03:27:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Mar 26 11:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93db1a731a84e5531e5740f22f5f4c829ce8f06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cc:9f:03:19:7d:9f:06:bd:ce:8f:fb:e9:e9:
ed:94:fd:d5:56:d6:0a:b5:a4:23:7f:45:3b:db:51:
ad:77:8c:31:d2:89:05:ea:43:99:3c:c8:6a:eb:0a:
64:0c:d5:e9:37:f5:9e:3e:5d:ee:5b:da:70:12:16:
eb:49:1e:43:fd:fc:ad:ac:00:a0:02:61:10:15:1d:
89:22:4e:07:b1:a1:d2:76:be:67:f2:c1:a8:26:db:
0e:46:91:7b:7e:c0:14:d6:cf:6e:fd:33:b4:39:4b:
b5:52:a7:2d:42:4f:25:4a:9d:08:b9:25:e0:a9:b5:
01:08:a5:de:84:1a:95:d9:be:f4:0e:bc:6d:c8:c6:
50:68:cd:04:93:b8:f1:35:b0:42:07:28:17:02:6e:
f4:16:e4:c1:ea:ad:26:a8:75:f1:bb:69:26:80:a3:
d8:17:ae:d5:2a:1f:53:2b:44:dd:11:23:31:32:2d:
c3:c2:11:a2:3b:4b:78:d4:c5:52:2d:69:04:75:07:
b3:a6:79:20:8c:fa:74:38:9e:1f:1e:0c:8f:45:5d:
81:8c:21:89:67:4b:a6:d9:dc:f8:a6:e1:48:d9:6a:
5a:e9:f6:5c:cf:a6:db:be:c3:eb:c5:2d:d0:44:00:
e3:85:1a:28:c3:38:4a:3b:2d:01:a8:8f:a0:6d:b4:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DB:1A:73:1A:84:E5:53:1E:57:40:F2:2F:5F:4C:82:9C:E8:F0:6E
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/k9sacxqE5VMeV0DyL19Mgpzo8G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/23
152.89.135.0/24
192.145.19.0/24
Signature Algorithm: sha256WithRSAEncryption
24:9a:55:31:45:2d:64:6c:2c:96:33:b5:51:b0:e7:bc:53:54:
73:70:58:14:bb:13:bc:ff:33:bc:40:5d:fd:09:fb:36:2b:83:
19:c1:07:75:6e:56:4b:da:0c:6b:3e:57:1a:e5:49:12:3a:8a:
71:fe:70:60:7c:b8:86:80:96:dd:12:c7:79:b3:15:5b:6c:88:
96:d2:35:9a:8c:e6:81:49:4a:fe:01:c3:76:66:65:b4:0b:59:
05:2d:9c:64:1e:29:7e:82:e9:66:b2:e0:1a:05:f2:95:b5:6d:
b8:54:82:13:a2:12:8a:70:68:a8:01:9d:51:16:8f:d3:b0:07:
7e:72:6b:c0:6c:c2:26:46:70:cf:93:a4:fa:34:03:50:b7:85:
2f:4c:d2:80:22:93:90:38:9a:d8:3d:72:20:e9:4a:7e:da:06:
4e:c6:6e:97:ad:38:94:d0:c1:15:db:bd:26:e4:64:a3:1e:fd:
b1:95:c2:5b:38:b8:ff:95:1b:14:55:43:c6:e5:df:05:1c:a1:
04:ac:22:33:2b:b7:ee:16:47:02:f2:94:fc:38:78:f4:db:dc:
3f:78:0b:71:15:86:20:b6:4b:bf:c2:a8:1b:60:a7:8b:7b:b3:
a2:2a:e2:60:a0:f5:8d:ee:05:bc:4c:86:b3:2e:f7:c2:8a:3a:
82:70:22:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY56e+qjhmdQ8iL0OmF8AyfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjQwMzI2MTExODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RiMWE3MzFhODRlNTUzMWU1NzQwZjIyZjVmNGM4MjljZThmMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsyfAxl9nwa9zo/76entlP3VVtYK
taQjf0U721Gtd4wx0okF6kOZPMhq6wpkDNXpN/WePl3uW9pwEhbrSR5D/fytrACg
AmEQFR2JIk4HsaHSdr5n8sGoJtsORpF7fsAU1s9u/TO0OUu1UqctQk8lSp0IuSXg
qbUBCKXehBqV2b70DrxtyMZQaM0Ek7jxNbBCBygXAm70FuTB6q0mqHXxu2kmgKPY
F67VKh9TK0TdESMxMi3DwhGiO0t41MVSLWkEdQezpnkgjPp0OJ4fHgyPRV2BjCGJ
Z0um2dz4puFI2Wpa6fZcz6bbvsPrxS3QRADjhRoowzhKOy0BqI+gbbQNXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJPbGnMahOVTHldA8i9fTIKc6PBuMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvazlzYWN4cUU1Vk1lVjBEeUwxOU1ncHpvOEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH89AAwQA
mFmHAwQAwJETMA0GCSqGSIb3DQEBCwUAA4IBAQAkmlUxRS1kbCyWM7VRsOe8U1Rz
cFgUuxO8/zO8QF39Cfs2K4MZwQd1blZL2gxrPlca5UkSOopx/nBgfLiGgJbdEsd5
sxVbbIiW0jWajOaBSUr+AcN2ZmW0C1kFLZxkHil+gulmsuAaBfKVtW24VIITohKK
cGioAZ1RFo/TsAd+cmvAbMImRnDPk6T6NANQt4UvTNKAIpOQOJrYPXIg6Up+2gZO
xm6XrTiU0MEV270m5GSjHv2xlcJbOLj/lRsUVUPG5d8FHKEErCIzK7fuFkcC8pT8
OHj029w/eAtxFYYgtku/wqgbYKeLe7OiKuJgoPWN7gW8TIazLvfCijqCcCIR
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:36 2025 by rpki-client