Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2a_eOoULewnaaQepVu8anyhhXZU.roa
File: 2a_eOoULewnaaQepVu8anyhhXZU.roa (raw, json)
Hash identifier: widzcFQhxFhCcyoCtqL8QhJcyah5xgeA1Ge1jx57aik=
Subject key identifier: D9:AF:DE:3A:85:0B:7B:09:DA:69:07:A9:56:EF:1A:9F:28:61:5D:95
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0188A0CC20C2DF9E61CCDE9C79C8A8D090F0
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2a_eOoULewnaaQepVu8anyhhXZU.roa
Signing time: Fri 09 Jun 2023 15:35:12 +0000
ROA not before: Fri 09 Jun 2023 15:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 31.135.4.0/23 maxlen: 23
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Aug 2023 12:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:cc:20:c2:df:9e:61:cc:de:9c:79:c8:a8:d0:90:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 9 15:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9afde3a850b7b09da6907a956ef1a9f28615d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:17:c8:6f:75:0b:fe:0a:ac:1f:9d:b8:17:70:
e2:bf:7f:4a:65:70:21:5c:0c:c8:38:3f:f9:7a:72:
f2:d6:a9:04:eb:08:3e:d7:7f:52:bd:5a:b7:7f:cd:
1c:e6:8c:e7:83:dc:70:6b:bb:4c:5b:e3:b0:dd:b3:
d9:c1:b5:76:fd:fe:6e:51:ce:db:67:ce:86:ee:50:
30:ec:bb:d4:77:fe:57:70:c2:d9:05:49:02:c6:f5:
cd:74:27:bf:61:9a:f4:71:1f:4a:4b:56:4c:10:0d:
8e:11:ac:de:32:24:83:e7:9e:5d:d3:12:18:ac:66:
31:79:7b:d7:e9:9e:00:0c:5f:a3:c4:be:74:51:61:
90:3a:ab:85:d2:4c:5c:a8:e7:68:a9:3a:dc:4f:f4:
8a:a6:51:92:82:8a:5c:a1:df:cf:1b:43:63:33:27:
fb:b5:64:6d:da:f6:b0:19:26:40:a1:d8:3e:53:56:
b3:e3:7e:e0:07:b0:5f:0d:ac:b2:7e:eb:b9:5a:67:
cf:63:37:d9:9d:5f:be:81:97:45:fd:88:80:2c:d1:
fb:43:3d:f5:43:a1:d9:05:56:0b:45:34:be:08:09:
01:e8:42:a0:b2:2b:bf:63:90:71:50:0e:dc:37:db:
cd:ec:3a:49:0a:dc:19:b1:14:72:e3:7d:3f:7f:50:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AF:DE:3A:85:0B:7B:09:DA:69:07:A9:56:EF:1A:9F:28:61:5D:95
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/2a_eOoULewnaaQepVu8anyhhXZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
176.96.95.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:76:86:3c:12:3b:18:71:95:96:20:e0:a3:44:46:45:f2:64:
c8:12:54:66:02:b1:be:5f:a4:60:55:c6:15:b9:d3:51:ff:71:
81:96:e6:79:d9:d0:5f:14:98:98:2b:c2:d1:90:c0:47:66:66:
c0:56:bb:e8:b4:97:c1:70:40:16:f2:28:cf:5a:24:68:60:17:
67:5c:f3:61:36:8c:e6:1c:41:d9:fb:b2:e7:6e:de:1f:28:09:
1b:2c:ff:1f:61:0b:03:94:da:c5:30:32:6f:ed:b4:55:b8:a7:
fb:f0:c4:9c:9d:98:b3:c0:ba:5e:f1:79:90:67:85:95:7a:44:
82:b4:12:9f:51:eb:51:c4:fb:61:a3:82:87:a5:b7:d1:ab:7c:
d9:85:de:dc:15:8f:5c:9a:31:f7:e2:2d:19:27:d7:91:a3:d4:
0c:bb:84:5b:69:37:d2:e6:31:7c:f6:cc:25:32:c1:9e:d5:d4:
8d:12:ad:ed:fc:09:b0:ad:13:83:11:f7:52:2f:61:f2:b7:90:
22:b0:d0:b9:82:af:4c:ca:78:93:cb:9f:78:a5:60:69:41:d2:
2f:99:09:9c:08:72:67:af:5e:0d:73:19:e5:e7:91:26:8b:96:
11:fe:8d:bd:73:a0:3c:d4:ad:d8:08:6c:32:db:9c:8a:0b:ab:
53:c6:9a:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYigzCDC355hzN6cecio0JDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA5MTUzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFmZGUzYTg1MGI3YjA5ZGE2OTA3YTk1NmVmMWE5ZjI4NjE1ZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRfIb3UL/gqsH524F3Div39KZXAh
XAzIOD/5enLy1qkE6wg+139SvVq3f80c5ozng9xwa7tMW+Ow3bPZwbV2/f5uUc7b
Z86G7lAw7LvUd/5XcMLZBUkCxvXNdCe/YZr0cR9KS1ZMEA2OEazeMiSD555d0xIY
rGYxeXvX6Z4ADF+jxL50UWGQOquF0kxcqOdoqTrcT/SKplGSgopcod/PG0NjMyf7
tWRt2vawGSZAodg+U1az437gB7BfDayyfuu5WmfPYzfZnV++gZdF/YiALNH7Qz31
Q6HZBVYLRTS+CAkB6EKgsiu/Y5BxUA7cN9vN7DpJCtwZsRRy430/f1BJDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNmv3jqFC3sJ2mkHqVbvGp8oYV2VMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMmFfZU9vVUxld25hYVFlcFZ1OGFueWhoWFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4cEAwQA
sGBfMA0GCSqGSIb3DQEBCwUAA4IBAQB7doY8EjsYcZWWIOCjREZF8mTIElRmArG+
X6RgVcYVudNR/3GBluZ52dBfFJiYK8LRkMBHZmbAVrvotJfBcEAW8ijPWiRoYBdn
XPNhNozmHEHZ+7Lnbt4fKAkbLP8fYQsDlNrFMDJv7bRVuKf78MScnZizwLpe8XmQ
Z4WVekSCtBKfUetRxPtho4KHpbfRq3zZhd7cFY9cmjH34i0ZJ9eRo9QMu4RbaTfS
5jF89swlMsGe1dSNEq3t/AmwrRODEfdSL2Hyt5AisNC5gq9MyniTy594pWBpQdIv
mQmcCHJnr14Ncxnl55Emi5YR/o29c6A81K3YCGwy25yKC6tTxpoy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org