Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mh0341J3AD8S-vqT_KRgJWKMokg.roa
File: mh0341J3AD8S-vqT_KRgJWKMokg.roa (raw, json)
Hash identifier: IEoggh9ZX0Byj6Vczvo3Jd4jhDdOM11s5zDDa/eYwgM=
Subject key identifier: 9A:1D:37:E3:52:77:00:3F:12:FA:FA:93:FC:A4:60:25:62:8C:A2:48
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 018D120240EA116A2CFA0E02BC418843C0FB
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mh0341J3AD8S-vqT_KRgJWKMokg.roa
Signing time: Tue 16 Jan 2024 11:22:34 +0000
ROA not before: Tue 16 Jan 2024 11:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213250
IP address blocks: 31.214.240.0/24 maxlen: 32
134.255.221.0/24 maxlen: 32
134.255.235.0/24 maxlen: 24
134.255.236.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 13:23:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:02:40:ea:11:6a:2c:fa:0e:02:bc:41:88:43:c0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 16 11:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1d37e35277003f12fafa93fca46025628ca248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:cb:02:ae:ee:d7:9a:53:4c:06:52:8f:3c:
e2:47:05:31:c3:33:06:83:da:9c:93:21:70:ea:c7:
2f:33:13:76:69:6c:fe:56:09:8e:0d:c1:18:8f:6d:
ff:aa:de:91:11:34:e4:52:0e:fd:12:02:fe:c0:bd:
5e:bd:b5:3d:e8:c0:79:0f:15:38:8a:a2:bd:2f:33:
0a:40:e5:ca:53:3d:eb:88:a4:03:b2:68:6a:1f:5e:
ca:12:ea:09:c6:d3:57:09:53:67:6a:d8:75:d2:62:
f5:70:79:9b:37:55:df:8d:d2:0b:94:ae:fb:15:47:
bf:74:0c:bf:c9:f7:8f:65:33:91:f0:f8:91:14:01:
a1:34:79:f3:15:0e:75:05:b6:e7:30:e6:ea:02:c8:
4d:6f:a1:19:e6:b3:e9:de:18:92:ff:ae:cd:7b:ec:
42:7b:14:67:95:d7:77:8d:0c:1b:c7:dd:cd:2c:82:
ec:d7:05:1d:f7:0d:ac:0e:ce:10:d4:7a:e5:9a:bf:
1e:35:ef:ed:51:ae:7a:d8:df:6c:77:ec:f6:d6:8e:
6a:fa:6c:ea:18:51:fa:4b:96:a0:e0:de:e2:9a:88:
2f:6f:ec:2a:0b:a6:d2:55:98:26:90:44:36:af:08:
df:fc:64:cd:cf:e3:16:1d:f1:02:b9:f3:b2:c7:df:
ec:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1D:37:E3:52:77:00:3F:12:FA:FA:93:FC:A4:60:25:62:8C:A2:48
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/mh0341J3AD8S-vqT_KRgJWKMokg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.240.0/24
134.255.221.0/24
134.255.235.0-134.255.236.255
Signature Algorithm: sha256WithRSAEncryption
a1:13:15:a2:36:2e:a8:1c:17:70:3b:b6:d9:ec:a9:0a:5c:01:
48:1d:58:bb:09:2b:a7:06:76:56:fc:93:b1:79:c6:a9:73:e6:
c0:10:22:07:51:90:ed:8f:d6:68:bb:d7:a6:15:da:eb:92:1f:
eb:7d:7f:50:e0:6f:29:27:73:7f:ad:cb:72:b7:cc:eb:35:3a:
4b:1f:ba:90:ce:8f:8f:18:c8:ef:45:b5:f1:a2:16:1a:e0:ac:
f2:fc:1c:38:18:74:7d:cb:59:c2:59:63:8e:fc:a1:51:93:d1:
a9:fb:43:37:5c:55:a3:05:82:65:5e:af:a1:aa:22:c2:7c:0d:
04:b2:ef:9e:b8:ce:90:48:13:e3:bd:55:24:40:64:e6:63:cd:
fd:d7:84:85:c5:a2:57:e2:d8:be:14:0e:04:b3:b4:d9:f8:76:
dd:dd:3c:9f:48:5c:46:ca:36:ed:e1:5c:3f:db:06:92:ec:9f:
3c:b3:bd:07:1e:c6:d5:ea:96:55:ce:99:72:c9:8b:77:bb:59:
6b:13:b6:db:ee:7b:9c:59:3e:24:d4:36:bd:64:bb:dd:a5:8a:
cd:0f:df:db:13:02:d6:12:39:a8:60:0b:9e:ec:c9:7f:c2:ea:
c8:18:01:98:80:11:3e:dd:5e:69:a6:41:33:dc:b7:e4:58:70:
c2:b5:d8:f6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY0SAkDqEWos+g4CvEGIQ8D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjQwMTE2MTEyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFkMzdlMzUyNzcwMDNmMTJmYWZhOTNmY2E0NjAyNTYyOGNhMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6nLAq7u15pTTAZSjzziRwUxwzMG
g9qckyFw6scvMxN2aWz+VgmODcEYj23/qt6RETTkUg79EgL+wL1evbU96MB5DxU4
iqK9LzMKQOXKUz3riKQDsmhqH17KEuoJxtNXCVNnath10mL1cHmbN1XfjdILlK77
FUe/dAy/yfePZTOR8PiRFAGhNHnzFQ51BbbnMObqAshNb6EZ5rPp3hiS/67Ne+xC
exRnldd3jQwbx93NLILs1wUd9w2sDs4Q1Hrlmr8eNe/tUa562N9sd+z21o5q+mzq
GFH6S5ag4N7imogvb+wqC6bSVZgmkEQ2rwjf/GTNz+MWHfECufOyx9/srQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJodN+NSdwA/Evr6k/ykYCVijKJIMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvbWgwMzQxSjNBRDhTLXZxVF9LUmdKV0tNb2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAH9bwAwQA
hv/dMAwDBACG/+sDBACG/+wwDQYJKoZIhvcNAQELBQADggEBAKETFaI2LqgcF3A7
ttnsqQpcAUgdWLsJK6cGdlb8k7F5xqlz5sAQIgdRkO2P1mi716YV2uuSH+t9f1Dg
byknc3+ty3K3zOs1OksfupDOj48YyO9FtfGiFhrgrPL8HDgYdH3LWcJZY478oVGT
0an7QzdcVaMFgmVer6GqIsJ8DQSy7564zpBIE+O9VSRAZOZjzf3XhIXFolfi2L4U
DgSztNn4dt3dPJ9IXEbKNu3hXD/bBpLsnzyzvQcextXqllXOmXLJi3e7WWsTttvu
e5xZPiTUNr1ku92lis0P39sTAtYSOahgC57syX/C6sgYAZiAET7dXmmmQTPct+RY
cMK12PY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:28 2024 by rpki-client on console-ams.rpki-client.org