Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/B6ZivP85ilFmK1B0mQUIVRKdLQE.roa
File: B6ZivP85ilFmK1B0mQUIVRKdLQE.roa (raw, json)
Hash identifier: +lXqZu6D5R6nV3k8hZyvXtFn1YJP2l6G/p07FKMkydg=
Subject key identifier: 07:A6:62:BC:FF:39:8A:51:66:2B:50:74:99:05:08:55:12:9D:2D:01
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 01911E223867A5C5C8C8976502A58305AABD
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/B6ZivP85ilFmK1B0mQUIVRKdLQE.roa
Signing time: Sun 04 Aug 2024 16:04:04 +0000
ROA not before: Sun 04 Aug 2024 16:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42574
IP address blocks: 31.41.192.0/21 maxlen: 21
91.189.160.0/24 maxlen: 24
91.189.161.0/24 maxlen: 24
91.189.162.0/24 maxlen: 24
193.33.100.0/24 maxlen: 24
193.33.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Aug 2024 03:08:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1e:22:38:67:a5:c5:c8:c8:97:65:02:a5:83:05:aa:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Aug 4 16:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07a662bcff398a51662b507499050855129d2d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:fe:03:b1:14:62:f2:54:7e:dd:d7:12:67:
b6:cf:ec:0c:93:83:7e:cd:71:d8:fe:7c:b3:e9:c7:
14:64:a0:68:6e:d8:2a:24:11:48:7b:7e:bc:37:33:
54:01:f5:80:92:f8:6b:e1:b9:4c:99:62:0b:a0:3c:
9d:16:b7:3e:0d:f9:ae:b7:d7:64:ac:85:07:40:46:
2d:de:cd:4d:93:97:8c:03:cf:97:de:4f:9c:cf:11:
25:1f:53:90:d1:f6:c0:83:0f:bb:5b:66:ec:51:c2:
3c:1f:81:bc:b1:c5:72:50:85:ea:8c:f9:f0:3f:05:
bf:09:92:ba:bc:1a:2a:9f:15:9c:88:e4:97:9c:10:
1f:4a:ce:52:e4:b9:38:df:60:ea:b9:fe:28:98:f4:
87:7e:4f:22:64:ad:d1:a3:0d:7b:5e:53:e3:d3:51:
c9:b9:8f:ec:1f:3e:e7:db:17:b6:2e:68:11:dd:65:
af:2f:c8:ff:73:e3:bb:4c:c2:ad:a5:4a:4b:61:20:
3e:51:ee:c9:f9:f5:1c:6e:f1:d7:ea:80:8a:2e:3e:
6f:fd:a8:59:d4:bb:be:99:70:f3:01:9e:33:ff:c7:
19:72:52:87:18:fe:95:c1:a6:a9:1c:fb:32:57:a2:
ae:8a:80:c2:6a:db:dc:db:80:97:b8:3b:56:2f:7f:
e6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A6:62:BC:FF:39:8A:51:66:2B:50:74:99:05:08:55:12:9D:2D:01
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/B6ZivP85ilFmK1B0mQUIVRKdLQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.192.0/21
91.189.160.0-91.189.162.255
193.33.100.0/23
Signature Algorithm: sha256WithRSAEncryption
68:19:a7:8a:2c:60:6e:a4:92:65:0f:58:77:51:ce:fd:22:8b:
3a:c2:ae:55:dd:ec:b2:36:9b:55:a4:0d:4d:bd:dc:14:37:53:
2c:c8:79:ca:53:20:ee:cd:73:82:4a:e8:d1:43:a2:ec:f0:71:
3b:8d:49:ff:24:f4:4a:f7:25:97:7d:ca:64:cb:b0:e7:db:0f:
68:68:89:35:69:d6:25:8b:a9:f6:7b:c0:80:e0:df:fa:da:b1:
be:d2:fa:b8:58:43:fe:80:57:43:5b:26:9f:b4:56:2a:ad:7d:
3b:ac:f6:d7:8e:01:2b:2d:76:99:27:73:12:0f:30:4c:6e:9c:
b4:f7:a0:ad:0b:02:e4:47:11:a2:14:61:c0:02:4b:2e:83:2d:
3f:01:9f:4a:55:81:e4:ea:ab:ee:ce:e4:0d:e6:7b:ba:ca:57:
63:51:3b:6d:61:f7:30:c2:69:c8:12:97:f0:d6:9e:53:14:94:
4c:a2:f1:e2:c1:f1:3a:af:5b:33:d8:e6:2c:70:97:bb:15:1b:
ca:99:eb:ce:e0:98:b7:ab:d1:f4:10:89:1b:14:0e:64:96:f7:
9c:8c:54:c8:03:44:8d:c1:ed:5c:84:3a:c9:a1:44:5c:d1:42:
01:d4:26:f4:3d:09:f3:0d:39:96:10:c6:6f:96:4f:3e:f7:5c:
12:ea:ec:24
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZEeIjhnpcXIyJdlAqWDBaq9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjQwODA0MTYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2E2NjJiY2ZmMzk4YTUxNjYyYjUwNzQ5OTA1MDg1NTEyOWQyZDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqb+A7EUYvJUft3XEme2z+wMk4N+
zXHY/nyz6ccUZKBobtgqJBFIe368NzNUAfWAkvhr4blMmWILoDydFrc+Dfmut9dk
rIUHQEYt3s1Nk5eMA8+X3k+czxElH1OQ0fbAgw+7W2bsUcI8H4G8scVyUIXqjPnw
PwW/CZK6vBoqnxWciOSXnBAfSs5S5Lk432Dquf4omPSHfk8iZK3Row17XlPj01HJ
uY/sHz7n2xe2LmgR3WWvL8j/c+O7TMKtpUpLYSA+Ue7J+fUcbvHX6oCKLj5v/ahZ
1Lu+mXDzAZ4z/8cZclKHGP6VwaapHPsyV6KuioDCatvc24CXuDtWL3/mkQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAemYrz/OYpRZitQdJkFCFUSnS0BMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvQjZaaXZQODVpbEZtSzFCMG1RVUlWUktkTFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDHynAMAwD
BAVbvaADBABbvaIDBAHBIWQwDQYJKoZIhvcNAQELBQADggEBAGgZp4osYG6kkmUP
WHdRzv0iizrCrlXd7LI2m1WkDU293BQ3UyzIecpTIO7Nc4JK6NFDouzwcTuNSf8k
9Er3JZd9ymTLsOfbD2hoiTVp1iWLqfZ7wIDg3/rasb7S+rhYQ/6AV0NbJp+0Viqt
fTus9teOASstdpkncxIPMExunLT3oK0LAuRHEaIUYcACSy6DLT8Bn0pVgeTqq+7O
5A3me7rKV2NRO21h9zDCacgSl/DWnlMUlEyi8eLB8TqvWzPY5ixwl7sVG8qZ687g
mLer0fQQiRsUDmSW95yMVMgDRI3B7VyEOsmhRFzRQgHUJvQ9CfMNOZYQxm+WTz73
XBLq7CQ=
-----END CERTIFICATE-----
Generated at Mon Aug 5 04:58:19 2024 by rpki-client on console-ams.rpki-client.org