Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/eTWvWuANNfqKGV56dssPqejKAuY.roa
File: eTWvWuANNfqKGV56dssPqejKAuY.roa (raw, json)
Hash identifier: rXczrKtIYHcJnGs7urO/W5BxclSOfUTlACiwGJeVZLg=
Subject key identifier: 79:35:AF:5A:E0:0D:35:FA:8A:19:5E:7A:76:CB:0F:A9:E8:CA:02:E6
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0189B6B58BBED724F2E503D28A415DA8C74B
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/eTWvWuANNfqKGV56dssPqejKAuY.roa
Signing time: Wed 02 Aug 2023 14:44:58 +0000
ROA not before: Wed 02 Aug 2023 14:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42708
IP address blocks: 31.135.2.0/24 maxlen: 24
64.43.64.0/24 maxlen: 24
193.36.201.0/24 maxlen: 24
193.36.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b6:b5:8b:be:d7:24:f2:e5:03:d2:8a:41:5d:a8:c7:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 2 14:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7935af5ae00d35fa8a195e7a76cb0fa9e8ca02e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:91:a7:66:3a:31:34:08:ad:44:3b:75:b3:1f:
bc:68:21:30:be:34:f3:1c:9b:dd:50:4c:4b:b3:02:
9f:e2:48:9f:4d:37:70:76:db:98:0d:5c:52:cd:e7:
96:7f:fb:42:43:ad:cd:d5:8c:73:de:90:38:97:dc:
ec:e8:83:c0:a7:24:04:20:41:08:1a:96:df:18:ed:
cf:02:14:95:e4:49:ed:63:de:a1:39:5f:40:49:9c:
be:08:05:de:a3:88:4f:63:dd:79:60:00:09:78:b0:
2f:b7:69:82:52:dd:6f:0b:0c:e8:8c:a2:af:17:c7:
3b:e5:dd:58:d0:9b:41:2d:d8:1e:7b:0d:61:e5:c4:
28:44:03:0f:8c:7b:c2:9a:35:10:40:c4:10:53:0f:
a8:34:e9:32:8e:13:ac:fa:da:51:99:05:1b:3d:f7:
52:58:6c:3b:86:fc:57:1e:37:36:85:be:30:17:30:
05:13:65:f5:a3:2d:da:1a:65:dc:e0:07:9f:29:66:
5d:f4:ae:af:d8:8b:be:26:49:c9:fe:df:96:31:6e:
04:23:e2:98:37:53:89:85:92:f7:4c:62:4f:ea:b4:
e1:06:bc:a8:e6:e6:89:09:b6:22:da:11:81:48:1b:
c0:8a:a3:3f:65:e3:53:6c:d9:dc:3a:49:1c:3f:70:
ac:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:35:AF:5A:E0:0D:35:FA:8A:19:5E:7A:76:CB:0F:A9:E8:CA:02:E6
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/eTWvWuANNfqKGV56dssPqejKAuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.2.0/24
64.43.64.0/24
193.36.200.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:bc:45:94:dd:3a:31:f9:b1:85:70:9b:ca:e4:1f:5f:84:f4:
02:b8:a3:11:11:91:fd:9b:df:81:22:dc:c0:53:c9:42:31:14:
10:eb:b4:a4:20:c8:59:85:f6:e4:c2:07:d3:e7:2b:df:b6:18:
3f:80:ae:69:d8:44:0d:5f:a5:09:f5:5b:fa:d6:41:26:50:58:
5b:0b:7f:30:4a:d3:72:4f:53:77:30:8f:03:96:44:be:30:3c:
af:7e:3e:94:69:4a:68:a8:a9:c6:84:f5:2d:f8:af:9e:8a:63:
dd:41:49:4d:a1:44:31:f4:ab:0b:be:f9:98:de:0f:9f:7a:a7:
52:67:74:a6:63:e5:5e:16:ae:78:38:ce:ee:40:f2:5c:61:41:
0e:95:0b:0e:fb:21:9a:25:47:17:55:f6:2b:54:43:50:21:fa:
3a:f4:db:6f:95:bf:c0:66:61:69:dd:c3:26:f2:1c:29:40:25:
b8:2a:fd:02:ea:12:12:34:af:ab:f7:f3:5c:5b:fa:54:98:15:
ab:97:9c:18:72:1c:48:e0:ad:9a:82:4e:fc:29:c8:34:6f:26:
98:36:cb:54:ab:2b:7e:6d:07:ce:d7:99:97:ef:b1:d3:27:83:
8f:86:ef:16:60:b2:e4:85:e1:d6:e6:a2:3f:83:73:e7:12:63:
aa:e2:3f:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm2tYu+1yTy5QPSikFdqMdLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODAyMTQ0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTM1YWY1YWUwMGQzNWZhOGExOTVlN2E3NmNiMGZhOWU4Y2EwMmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJGnZjoxNAitRDt1sx+8aCEwvjTz
HJvdUExLswKf4kifTTdwdtuYDVxSzeeWf/tCQ63N1Yxz3pA4l9zs6IPApyQEIEEI
GpbfGO3PAhSV5EntY96hOV9ASZy+CAXeo4hPY915YAAJeLAvt2mCUt1vCwzojKKv
F8c75d1Y0JtBLdgeew1h5cQoRAMPjHvCmjUQQMQQUw+oNOkyjhOs+tpRmQUbPfdS
WGw7hvxXHjc2hb4wFzAFE2X1oy3aGmXc4AefKWZd9K6v2Iu+JknJ/t+WMW4EI+KY
N1OJhZL3TGJP6rThBryo5uaJCbYi2hGBSBvAiqM/ZeNTbNncOkkcP3CssQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHk1r1rgDTX6ihleenbLD6noygLmMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZVRXdld1QU5OZnFLR1Y1NmRzc1BxZWpLQXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4cCAwQA
QCtAAwQBwSTIMA0GCSqGSIb3DQEBCwUAA4IBAQCMvEWU3Tox+bGFcJvK5B9fhPQC
uKMREZH9m9+BItzAU8lCMRQQ67SkIMhZhfbkwgfT5yvfthg/gK5p2EQNX6UJ9Vv6
1kEmUFhbC38wStNyT1N3MI8DlkS+MDyvfj6UaUpoqKnGhPUt+K+eimPdQUlNoUQx
9KsLvvmY3g+feqdSZ3SmY+VeFq54OM7uQPJcYUEOlQsO+yGaJUcXVfYrVENQIfo6
9Ntvlb/AZmFp3cMm8hwpQCW4Kv0C6hISNK+r9/NcW/pUmBWrl5wYchxI4K2agk78
Kcg0byaYNstUqyt+bQfO15mX77HTJ4OPhu8WYLLkheHW5qI/g3PnEmOq4j+w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org