Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iqGzA9_WjcN_AYprcIQaHlyQ-RQ.roa
File: iqGzA9_WjcN_AYprcIQaHlyQ-RQ.roa (raw, json)
Hash identifier: gBFn3yD3zvmd+CpTsNrdaRqtNJ45cdJboJc9FGQOlIs=
Subject key identifier: 8A:A1:B3:03:DF:D6:8D:C3:7F:01:8A:6B:70:84:1A:1E:5C:90:F9:14
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018F78175420EA15487BB301A132D4F5624C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iqGzA9_WjcN_AYprcIQaHlyQ-RQ.roa
Signing time: Tue 14 May 2024 17:12:25 +0000
ROA not before: Tue 14 May 2024 17:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43201
IP address blocks: 31.222.251.0/24 maxlen: 24
37.72.139.0/24 maxlen: 24
91.247.77.0/24 maxlen: 24
193.3.170.0/24 maxlen: 24
194.56.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 14:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:78:17:54:20:ea:15:48:7b:b3:01:a1:32:d4:f5:62:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 14 17:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8aa1b303dfd68dc37f018a6b70841a1e5c90f914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e2:f6:a7:12:7b:ce:02:4d:ab:19:94:90:4a:
f9:0d:2c:1e:58:3e:f2:56:ec:f1:35:1a:87:0e:b3:
75:00:26:00:85:f1:3c:bf:9a:0a:ef:0e:66:3e:75:
58:9c:78:0b:9b:51:24:7b:f2:18:07:cf:70:72:d6:
8e:8f:45:1a:60:08:8a:5e:84:25:a4:35:3e:14:f9:
64:48:43:6f:4e:bb:46:4a:ad:bc:0c:8e:ce:07:b8:
6c:f4:3c:ae:70:68:0f:16:d4:20:3c:51:b9:d1:d9:
77:e0:f3:37:d4:82:1a:47:59:6c:b0:57:f9:22:59:
23:47:e0:cc:a7:15:93:c6:30:2e:e8:65:92:84:0a:
3a:5c:bb:78:e0:7e:19:34:51:cf:c8:74:84:45:94:
78:c0:98:a5:f7:23:21:2c:5d:b0:e3:ed:27:3c:71:
63:dc:71:88:40:08:6f:f7:47:69:0b:86:cf:68:77:
3b:c8:e0:26:40:78:6a:4f:d9:6c:bf:c7:ee:05:63:
27:f8:0d:a4:c0:ad:91:ed:20:2e:d5:99:94:a1:2b:
6b:82:d8:b1:f5:0e:ae:e9:64:e5:4b:d0:aa:a9:32:
86:9a:a1:f1:ec:ca:fa:e7:64:03:ef:55:d0:d0:89:
09:4b:61:20:5c:9a:c4:71:2f:7a:3b:88:10:f4:35:
0f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A1:B3:03:DF:D6:8D:C3:7F:01:8A:6B:70:84:1A:1E:5C:90:F9:14
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/iqGzA9_WjcN_AYprcIQaHlyQ-RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.251.0/24
37.72.139.0/24
91.247.77.0/24
193.3.170.0/24
194.56.180.0/24
Signature Algorithm: sha256WithRSAEncryption
59:72:4d:a2:7b:a6:6b:a4:65:55:55:48:ed:68:09:63:2a:83:
0f:65:66:59:b5:5e:42:69:83:c6:5c:a4:06:7e:c0:63:5c:11:
a5:db:81:a0:12:29:e8:d4:82:c0:6e:43:10:99:7a:bd:4d:1d:
39:f5:c5:5a:2f:d9:99:21:46:92:31:78:70:33:c5:ee:5e:15:
cb:65:5d:9b:19:45:83:5c:92:18:2a:7b:fd:98:ca:39:df:ed:
b4:2a:44:33:2f:e8:22:11:fe:27:f8:b9:36:f8:9b:d5:8c:3a:
e6:a1:6e:d2:74:11:55:c1:81:ec:4b:cc:3d:68:bd:63:76:f6:
04:fe:28:f0:a4:cf:93:14:8f:f1:19:ac:f7:21:4e:49:31:a1:
31:e0:6e:9e:20:94:b5:ea:2c:9d:93:f1:89:54:19:26:5b:aa:
51:31:5e:73:c3:01:ab:9a:ad:4f:d6:32:71:43:e6:1e:89:6f:
3e:d8:27:94:9f:01:56:aa:93:78:e2:83:ed:ae:f2:00:84:3e:
68:38:ca:05:e2:ed:3b:4b:e9:3c:75:0e:89:14:f1:65:8a:a2:
07:94:a2:d4:97:34:ab:27:40:35:92:34:2c:5a:c2:30:85:5c:
9c:9c:d2:d2:03:cf:9b:bb:be:e8:92:2d:63:18:c9:ec:dd:4b:
ec:f3:1c:89
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY94F1Qg6hVIe7MBoTLU9WJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTE0MTcxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWExYjMwM2RmZDY4ZGMzN2YwMThhNmI3MDg0MWExZTVjOTBmOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuL2pxJ7zgJNqxmUkEr5DSweWD7y
VuzxNRqHDrN1ACYAhfE8v5oK7w5mPnVYnHgLm1Eke/IYB89wctaOj0UaYAiKXoQl
pDU+FPlkSENvTrtGSq28DI7OB7hs9DyucGgPFtQgPFG50dl34PM31IIaR1lssFf5
IlkjR+DMpxWTxjAu6GWShAo6XLt44H4ZNFHPyHSERZR4wJil9yMhLF2w4+0nPHFj
3HGIQAhv90dpC4bPaHc7yOAmQHhqT9lsv8fuBWMn+A2kwK2R7SAu1ZmUoStrgtix
9Q6u6WTlS9CqqTKGmqHx7Mr652QD71XQ0IkJS2EgXJrEcS96O4gQ9DUPEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIqhswPf1o3DfwGKa3CEGh5ckPkUMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvaXFHekE5X1dqY05fQVlwcmNJUWFIbHlRLVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH977AwQA
JUiLAwQAW/dNAwQAwQOqAwQAwji0MA0GCSqGSIb3DQEBCwUAA4IBAQBZck2ie6Zr
pGVVVUjtaAljKoMPZWZZtV5CaYPGXKQGfsBjXBGl24GgEino1ILAbkMQmXq9TR05
9cVaL9mZIUaSMXhwM8XuXhXLZV2bGUWDXJIYKnv9mMo53+20KkQzL+giEf4n+Lk2
+JvVjDrmoW7SdBFVwYHsS8w9aL1jdvYE/ijwpM+TFI/xGaz3IU5JMaEx4G6eIJS1
6iydk/GJVBkmW6pRMV5zwwGrmq1P1jJxQ+YeiW8+2CeUnwFWqpN44oPtrvIAhD5o
OMoF4u07S+k8dQ6JFPFliqIHlKLUlzSrJ0A1kjQsWsIwhVycnNLSA8+bu77oki1j
GMns3Uvs8xyJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:49 2024 by rpki-client on console-ams.rpki-client.org