Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/Exr8UuuSI5FZEn6R23pJmxOlEzQ.roa
File: Exr8UuuSI5FZEn6R23pJmxOlEzQ.roa (raw, json)
Hash identifier: PytGDKboTqHFEaVuUKI41htDRBNl/U7N2i0KKEQaP34=
Subject key identifier: 13:1A:FC:52:EB:92:23:91:59:12:7E:91:DB:7A:49:9B:13:A5:13:34
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 018D7EF49894E0B1161A019B21C31DB99362
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/Exr8UuuSI5FZEn6R23pJmxOlEzQ.roa
Signing time: Tue 06 Feb 2024 15:06:15 +0000
ROA not before: Tue 06 Feb 2024 15:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 31.130.244.0/24 maxlen: 24
31.130.245.0/24 maxlen: 24
178.212.58.0/24 maxlen: 24
178.212.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 12:45:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:f4:98:94:e0:b1:16:1a:01:9b:21:c3:1d:b9:93:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Feb 6 15:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=131afc52eb92239159127e91db7a499b13a51334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c0:fa:2d:52:fd:cc:9d:a5:b5:b3:f1:e2:5b:
5e:00:c3:1c:7f:d6:fa:4c:71:46:41:92:44:0e:c2:
df:c3:9a:20:9a:94:e1:e3:35:d4:8a:d2:63:aa:77:
cf:dd:53:a1:bb:9e:19:f0:ec:b4:af:2a:06:e8:6a:
a8:e0:ff:6b:4c:f5:cb:9d:f4:e7:c4:30:93:bc:24:
ab:b0:e3:6d:5c:42:97:71:7c:df:c8:86:f5:6a:4e:
ac:c3:d3:21:25:1d:3c:1b:9a:d1:7b:6e:4f:0f:9f:
86:45:a6:b4:98:0b:48:8e:cc:05:06:9e:e0:8e:58:
8d:92:b4:4c:e2:b3:0c:78:16:4f:dd:3b:ab:5c:3e:
a1:3f:51:4d:db:3e:a6:dd:7f:e2:7d:0d:58:27:d4:
de:9d:19:b1:5d:39:5e:fe:f7:33:b6:6d:a7:b6:da:
ce:e5:5e:88:ec:5f:d0:29:bc:32:99:18:aa:5d:4e:
91:49:96:a0:68:bb:39:1c:48:45:76:06:0f:78:2e:
3c:1c:bc:8f:f9:10:15:80:5e:f1:57:78:40:ca:83:
62:56:12:13:73:a2:99:a6:80:f0:15:b9:8c:41:28:
5b:f1:72:79:27:38:be:82:e6:cb:ed:97:ea:21:cc:
8a:54:c4:67:1d:e3:5d:13:49:a5:95:9d:15:54:57:
d7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:1A:FC:52:EB:92:23:91:59:12:7E:91:DB:7A:49:9B:13:A5:13:34
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/Exr8UuuSI5FZEn6R23pJmxOlEzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.244.0/23
178.212.58.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:fa:af:1d:1e:ae:74:f7:9c:27:01:ba:52:04:b1:a4:79:d4:
6b:f0:1f:be:66:ab:bb:02:df:12:f7:01:d5:a1:ba:5c:be:d6:
85:74:94:0d:fe:e5:cd:64:88:a0:b3:5c:75:e1:00:99:20:42:
e0:3d:67:43:70:cd:c3:b5:22:ca:e6:8c:8a:c7:06:6f:cd:8a:
77:33:9a:79:66:e1:92:32:85:8d:44:65:17:df:81:08:9b:26:
d7:76:7d:44:4b:7b:84:16:b7:06:48:02:79:c7:e6:7d:64:e8:
ca:fd:b1:a4:28:67:f2:8d:10:4c:c3:cb:a6:31:b8:db:5e:ce:
66:80:75:e0:f7:50:80:45:4d:93:2c:4d:f3:a0:44:17:5d:3d:
3b:9b:12:d2:f1:a0:b3:a5:46:07:84:1a:7e:a7:bb:9e:5f:4c:
a4:45:0c:b8:a1:bb:c5:17:e3:b4:a1:c8:75:7e:aa:e2:90:ee:
f4:9e:22:2b:00:d7:07:f7:b5:58:10:6c:3b:ad:b8:f4:f1:54:
06:d6:a7:75:c3:80:e1:b7:6e:fb:e0:e9:27:c9:9e:f4:d7:63:
9f:d3:a0:40:80:eb:f7:c4:c6:28:01:6a:cf:54:99:6d:04:7f:
74:c2:e4:83:1a:ef:29:0d:56:7e:90:5e:fc:ce:45:88:54:fc:
b2:df:d1:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1+9JiU4LEWGgGbIcMduZNiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjQwMjA2MTUwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzFhZmM1MmViOTIyMzkxNTkxMjdlOTFkYjdhNDk5YjEzYTUxMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sD6LVL9zJ2ltbPx4lteAMMcf9b6
THFGQZJEDsLfw5ogmpTh4zXUitJjqnfP3VOhu54Z8Oy0ryoG6Gqo4P9rTPXLnfTn
xDCTvCSrsONtXEKXcXzfyIb1ak6sw9MhJR08G5rRe25PD5+GRaa0mAtIjswFBp7g
jliNkrRM4rMMeBZP3TurXD6hP1FN2z6m3X/ifQ1YJ9TenRmxXTle/vcztm2nttrO
5V6I7F/QKbwymRiqXU6RSZagaLs5HEhFdgYPeC48HLyP+RAVgF7xV3hAyoNiVhIT
c6KZpoDwFbmMQShb8XJ5Jzi+gubL7ZfqIcyKVMRnHeNdE0mllZ0VVFfXkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBMa/FLrkiORWRJ+kdt6SZsTpRM0MB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvRXhyOFV1dVNJNUZaRW42UjIzcEpteE9sRXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4L0AwQB
stQ6MA0GCSqGSIb3DQEBCwUAA4IBAQAK+q8dHq5095wnAbpSBLGkedRr8B++Zqu7
At8S9wHVobpcvtaFdJQN/uXNZIigs1x14QCZIELgPWdDcM3DtSLK5oyKxwZvzYp3
M5p5ZuGSMoWNRGUX34EImybXdn1ES3uEFrcGSAJ5x+Z9ZOjK/bGkKGfyjRBMw8um
MbjbXs5mgHXg91CARU2TLE3zoEQXXT07mxLS8aCzpUYHhBp+p7ueX0ykRQy4obvF
F+O0och1fqrikO70niIrANcH97VYEGw7rbj08VQG1qd1w4Dht2774OknyZ7012Of
06BAgOv3xMYoAWrPVJltBH90wuSDGu8pDVZ+kF78zkWIVPyy39HU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org