Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DgcJ5-ajRlrrQH6asuIeg4Tpwb8.roa
File: DgcJ5-ajRlrrQH6asuIeg4Tpwb8.roa (raw, json)
Hash identifier: ur2KHGtqEGE5FNRlc2+qGlf0XT+wDJGF9FGtQzGSSi0=
Subject key identifier: 0E:07:09:E7:E6:A3:46:5A:EB:40:7E:9A:B2:E2:1E:83:84:E9:C1:BF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018AB7AAAE2735EB1BF7BED041AB225D8F0A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DgcJ5-ajRlrrQH6asuIeg4Tpwb8.roa
Signing time: Thu 21 Sep 2023 12:15:30 +0000
ROA not before: Thu 21 Sep 2023 12:15:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 91.193.28.0/24 maxlen: 24
31.135.4.0/23 maxlen: 23
91.193.29.0/24 maxlen: 24
176.112.80.0/22 maxlen: 24
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 12:11:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:aa:ae:27:35:eb:1b:f7:be:d0:41:ab:22:5d:8f:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Sep 21 12:15:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e0709e7e6a3465aeb407e9ab2e21e8384e9c1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5c:6c:b2:d0:04:79:f5:4e:ef:25:bf:86:f8:
40:f7:5f:9c:c4:df:6d:67:6d:18:d6:89:1d:b3:92:
9a:15:73:88:ab:56:ad:bc:b9:78:b6:d5:67:ff:1a:
f6:3e:83:fa:03:36:a0:d7:32:89:f4:74:60:24:d2:
b7:fb:aa:80:cb:f9:bd:08:01:72:76:22:8d:f4:7a:
b0:cc:c0:2d:4b:54:5b:56:5d:b5:d9:37:01:52:77:
36:ea:82:5a:cf:c0:28:a8:b7:84:67:da:bf:0d:cc:
3b:52:b0:1b:e6:76:94:09:17:09:2d:e0:e5:5b:13:
9b:e3:63:08:c2:57:e0:a6:af:e4:eb:9c:b8:3e:c7:
56:07:e1:79:2c:ce:ef:6d:c7:92:37:c6:7b:52:54:
53:12:d1:e6:d3:8e:0c:29:bd:8b:49:ff:72:2f:03:
b6:5a:30:06:11:c1:03:20:68:67:f0:4e:01:e9:ec:
ea:ca:dc:ea:5a:74:8d:29:bf:47:d2:77:52:d3:95:
51:c2:ae:17:75:c7:9d:35:f1:fc:c4:29:8e:a5:8f:
6b:19:0b:39:29:38:86:43:e1:60:5f:c0:a1:d2:14:
1a:97:53:b2:2a:9d:92:21:1b:6d:03:b4:ae:2a:1f:
39:86:02:33:bb:27:de:eb:63:d1:a9:cf:11:69:4c:
00:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:07:09:E7:E6:A3:46:5A:EB:40:7E:9A:B2:E2:1E:83:84:E9:C1:BF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/DgcJ5-ajRlrrQH6asuIeg4Tpwb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:af:be:bd:57:05:16:32:c5:61:ac:73:5b:6f:62:29:d5:6a:
74:62:28:79:79:ce:00:19:a5:5f:b6:59:e8:39:07:43:4d:16:
d9:ab:5f:11:e1:5d:e6:21:73:62:4a:dd:90:27:39:0c:73:3d:
0d:fe:67:ab:48:2b:1e:53:32:76:4f:e7:7d:da:6d:96:bd:89:
8b:01:4a:63:5c:91:18:46:04:a0:5e:51:56:a7:75:da:93:e5:
9d:01:b2:db:87:d2:17:be:a4:16:b0:e6:d9:7e:cc:43:f1:35:
17:e3:ec:f4:0a:bb:1c:d1:4d:aa:74:40:fb:75:15:38:0d:aa:
43:74:0b:55:38:50:29:fe:27:ee:1c:04:48:8a:1e:19:95:2a:
a8:85:07:78:30:ae:46:4f:28:f4:17:88:a8:0c:2c:19:d3:e5:
27:3f:15:1d:aa:9e:0a:7a:ef:13:5d:2a:55:96:e9:86:f4:e1:
8d:18:ef:59:2a:10:6d:de:a8:05:60:4f:8c:e4:43:70:3e:bf:
1b:c0:d8:9a:fe:cf:80:d6:04:4a:db:70:a7:c5:4d:44:ee:86:
9c:c6:81:3c:7f:a2:24:53:bc:cb:7e:85:7e:3d:a0:ec:29:e0:
55:2e:bc:56:2d:27:90:30:8e:d6:60:98:1c:94:4a:c3:91:00:
f2:05:e7:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYq3qq4nNesb977QQasiXY8KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwOTIxMTIxNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA3MDllN2U2YTM0NjVhZWI0MDdlOWFiMmUyMWU4Mzg0ZTljMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolxsstAEefVO7yW/hvhA91+cxN9t
Z20Y1okds5KaFXOIq1atvLl4ttVn/xr2PoP6Azag1zKJ9HRgJNK3+6qAy/m9CAFy
diKN9HqwzMAtS1RbVl212TcBUnc26oJaz8AoqLeEZ9q/Dcw7UrAb5naUCRcJLeDl
WxOb42MIwlfgpq/k65y4PsdWB+F5LM7vbceSN8Z7UlRTEtHm044MKb2LSf9yLwO2
WjAGEcEDIGhn8E4B6ezqytzqWnSNKb9H0ndS05VRwq4XdcedNfH8xCmOpY9rGQs5
KTiGQ+FgX8Ch0hQal1OyKp2SIRttA7SuKh85hgIzuyfe62PRqc8RaUwA/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA4HCefmo0Za60B+mrLiHoOE6cG/MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRGdjSjUtYWpSbHJyUUg2YXN1SWVnNFRwd2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBH4cEAwQB
W8EcAwQAsGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQA6r769VwUWMsVhrHNb
b2Ip1Wp0Yih5ec4AGaVftlnoOQdDTRbZq18R4V3mIXNiSt2QJzkMcz0N/merSCse
UzJ2T+d92m2WvYmLAUpjXJEYRgSgXlFWp3Xak+WdAbLbh9IXvqQWsObZfsxD8TUX
4+z0Crsc0U2qdED7dRU4DapDdAtVOFAp/ifuHARIih4ZlSqohQd4MK5GTyj0F4io
DCwZ0+UnPxUdqp4Keu8TXSpVlumG9OGNGO9ZKhBt3qgFYE+M5ENwPr8bwNia/s+A
1gRK23CnxU1E7oacxoE8f6IkU7zLfoV+PaDsKeBVLrxWLSeQMI7WYJgclErDkQDy
Befc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org