Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XNNjiC6AeKb11KrgQpyo281KJqo.roa
File: XNNjiC6AeKb11KrgQpyo281KJqo.roa (raw, json)
Hash identifier: +vPfYiVNiC8wyHxUrUOVecEbloIf1smKae0ZN3C/sUU=
Subject key identifier: 5C:D3:63:88:2E:80:78:A6:F5:D4:AA:E0:42:9C:A8:DB:CD:4A:26:AA
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018A465362F30A0DA2D3750D150DEA92D1C7
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XNNjiC6AeKb11KrgQpyo281KJqo.roa
Signing time: Wed 30 Aug 2023 12:03:04 +0000
ROA not before: Wed 30 Aug 2023 12:03:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 31.135.4.0/23 maxlen: 23
176.112.80.0/22 maxlen: 24
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 12:15:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:46:53:62:f3:0a:0d:a2:d3:75:0d:15:0d:ea:92:d1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 30 12:03:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd363882e8078a6f5d4aae0429ca8dbcd4a26aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c4:ad:76:2d:14:c3:5e:3d:26:ee:8f:29:bc:
aa:57:10:81:90:e1:3a:06:ef:df:89:22:de:75:6a:
04:70:97:3e:3f:ac:bc:c7:25:49:58:6c:7c:67:e9:
e0:b6:b3:de:37:81:38:6d:1d:54:80:3d:6d:3e:49:
39:e8:b4:9e:d6:9f:8e:7e:1a:b6:b8:40:2a:af:a9:
b9:30:d2:59:4e:da:b1:b8:82:dd:e9:6b:19:d2:a8:
2b:0b:ad:25:6d:01:aa:4e:0e:55:0f:57:fa:f5:1f:
38:b9:d5:df:9f:78:07:90:c0:fa:fb:36:43:7e:21:
9d:e0:b3:e5:45:7a:16:5a:a0:e6:69:d1:83:a4:98:
f3:97:77:11:a1:72:27:cf:5d:eb:6e:3b:06:7f:4e:
21:03:f4:8d:c1:0c:5f:ba:4f:85:10:d4:43:55:80:
07:7e:64:1a:83:02:0a:58:6e:7d:83:7c:db:e4:60:
f6:db:b2:85:41:51:ce:05:17:ae:25:11:33:73:27:
8a:c1:18:c6:b6:15:8a:59:97:e8:e8:c4:a3:39:26:
3f:73:e6:79:7e:83:42:3d:4b:90:e4:0f:1c:52:0f:
b9:3e:71:ce:c9:2c:e0:9e:68:78:bd:af:cc:f7:ff:
bb:05:0c:28:e7:a7:3a:99:bf:34:22:a6:4b:20:c7:
32:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D3:63:88:2E:80:78:A6:F5:D4:AA:E0:42:9C:A8:DB:CD:4A:26:AA
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/XNNjiC6AeKb11KrgQpyo281KJqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
176.96.95.0/24
176.112.80.0/22
Signature Algorithm: sha256WithRSAEncryption
84:b4:e0:e8:ab:ca:13:9b:37:fe:7c:3a:a4:5e:b4:26:04:12:
98:42:5c:09:b9:12:e5:73:2a:30:47:09:ad:16:d1:d3:4a:08:
32:26:23:7e:43:ef:fd:4e:be:bf:75:0f:29:25:82:7e:d3:28:
28:e3:36:07:c2:71:56:91:31:70:d9:b2:6a:08:df:37:25:66:
ef:ac:06:a4:b3:8f:96:54:a3:31:8e:1d:48:af:b2:47:76:2a:
ad:59:fc:f7:43:b8:d9:2d:31:8f:69:6e:6b:ae:f3:81:11:56:
37:9f:a2:d4:dc:1e:ad:ef:16:0b:6c:d5:61:24:8b:96:54:e4:
9d:d1:13:65:0c:bc:2b:4f:2a:7b:fb:77:8d:4a:71:7f:de:76:
9f:3a:13:c0:e5:c6:26:ab:22:95:3c:2b:04:28:92:3d:06:fd:
fb:f8:2b:2f:d0:3a:6a:92:38:53:c6:e3:9e:e5:22:8d:b3:93:
bd:b4:a8:b5:57:3a:91:4d:3a:c6:3e:40:5c:4f:97:3b:66:3b:
fa:b8:fa:27:b5:71:67:82:b7:6b:c3:d5:67:ab:0f:ef:6e:84:
56:fb:37:0c:86:ab:8c:97:54:51:1d:81:2d:1a:1e:09:39:f7:
81:99:9c:07:0b:c4:70:8c:45:92:68:38:9c:c0:37:b7:44:9e:
06:15:f4:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpGU2LzCg2i03UNFQ3qktHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODMwMTIwMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QzNjM4ODJlODA3OGE2ZjVkNGFhZTA0MjljYThkYmNkNGEyNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMStdi0Uw149Ju6PKbyqVxCBkOE6
Bu/fiSLedWoEcJc+P6y8xyVJWGx8Z+ngtrPeN4E4bR1UgD1tPkk56LSe1p+Ofhq2
uEAqr6m5MNJZTtqxuILd6WsZ0qgrC60lbQGqTg5VD1f69R84udXfn3gHkMD6+zZD
fiGd4LPlRXoWWqDmadGDpJjzl3cRoXInz13rbjsGf04hA/SNwQxfuk+FENRDVYAH
fmQagwIKWG59g3zb5GD227KFQVHOBReuJREzcyeKwRjGthWKWZfo6MSjOSY/c+Z5
foNCPUuQ5A8cUg+5PnHOySzgnmh4va/M9/+7BQwo56c6mb80IqZLIMcyiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFzTY4gugHim9dSq4EKcqNvNSiaqMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvWE5OamlDNkFlS2IxMUtyZ1FweW8yODFLSnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4cEAwQA
sGBfAwQCsHBQMA0GCSqGSIb3DQEBCwUAA4IBAQCEtODoq8oTmzf+fDqkXrQmBBKY
QlwJuRLlcyowRwmtFtHTSggyJiN+Q+/9Tr6/dQ8pJYJ+0ygo4zYHwnFWkTFw2bJq
CN83JWbvrAaks4+WVKMxjh1Ir7JHdiqtWfz3Q7jZLTGPaW5rrvOBEVY3n6LU3B6t
7xYLbNVhJIuWVOSd0RNlDLwrTyp7+3eNSnF/3nafOhPA5cYmqyKVPCsEKJI9Bv37
+Csv0DpqkjhTxuOe5SKNs5O9tKi1VzqRTTrGPkBcT5c7Zjv6uPontXFngrdrw9Vn
qw/vboRW+zcMhquMl1RRHYEtGh4JOfeBmZwHC8RwjEWSaDicwDe3RJ4GFfRZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org