Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/I6KRBUExqRQ5h_W_dMDHjY12soc.roa
File: I6KRBUExqRQ5h_W_dMDHjY12soc.roa (raw, json)
Hash identifier: pnP0tv/86nFeewdvzSvKvZLowjE/ozS91lrGmqhdOes=
Subject key identifier: 23:A2:91:05:41:31:A9:14:39:87:F5:BF:74:C0:C7:8D:8D:76:B2:87
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 018CC492CD3E73C38B2A37937811C788910D
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/I6KRBUExqRQ5h_W_dMDHjY12soc.roa
Signing time: Mon 01 Jan 2024 10:30:04 +0000
ROA not before: Mon 01 Jan 2024 10:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.68.0/26 maxlen: 26
31.169.68.0/24 maxlen: 24
31.169.68.224/28 maxlen: 28
31.169.68.160/28 maxlen: 28
31.169.68.192/28 maxlen: 28
31.169.68.128/28 maxlen: 28
31.169.68.96/28 maxlen: 28
31.169.68.64/28 maxlen: 28
31.169.68.240/28 maxlen: 28
31.169.68.208/28 maxlen: 28
31.169.68.176/28 maxlen: 28
31.169.68.144/28 maxlen: 28
31.169.68.112/28 maxlen: 28
31.169.68.80/28 maxlen: 28
Validation: Failed, certificate revoked on Thu 30 May 2024 13:46:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:cd:3e:73:c3:8b:2a:37:93:78:11:c7:88:91:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: Jan 1 10:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a291054131a9143987f5bf74c0c78d8d76b287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d5:fc:75:0a:f6:00:a2:17:54:81:b4:8e:52:
fb:f4:d8:3b:b4:9b:61:f7:a8:ed:e2:7c:46:af:b4:
37:3a:0d:89:58:32:6f:03:43:4c:48:77:b3:45:bb:
16:39:ca:93:a9:6b:fc:e1:fc:55:3a:45:86:b3:9e:
db:fd:9d:97:eb:a7:71:c8:27:52:01:32:5e:15:9d:
e3:1d:32:d2:b2:66:59:68:2d:5a:60:05:5c:cb:ed:
7a:1b:97:02:71:de:9e:4c:44:16:08:c8:c6:f0:af:
25:c3:53:5b:75:ce:51:4b:0b:4e:dd:67:66:c7:9f:
60:dd:f6:95:6e:2a:be:cb:3e:94:8e:58:cc:e4:0b:
da:52:4a:2b:60:49:95:40:d4:b2:99:74:bb:40:6c:
44:e3:5a:0d:75:6a:9a:11:7c:02:d2:58:c4:94:1f:
0d:6f:01:56:da:71:b8:7a:18:6e:8c:a9:35:f6:c5:
b2:ca:c6:ce:34:1c:38:13:c3:91:b9:95:f0:8a:8c:
05:68:59:27:ca:26:bc:5c:8d:6c:46:e5:f1:d4:5c:
e6:d4:76:c3:de:2b:48:cc:cf:4b:42:b4:d3:57:a8:
db:78:3c:33:e3:17:86:17:55:73:98:43:ef:0a:3e:
d3:e5:ee:c3:b0:7d:85:bd:00:46:b9:03:7e:90:36:
46:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A2:91:05:41:31:A9:14:39:87:F5:BF:74:C0:C7:8D:8D:76:B2:87
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/I6KRBUExqRQ5h_W_dMDHjY12soc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.68.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:c2:75:42:f6:41:57:a5:b2:2b:6a:f6:84:ad:3a:f3:c4:fd:
ed:9b:3c:1d:6f:22:2f:9d:a2:74:eb:45:bf:b7:5c:f1:a8:15:
1f:01:f0:e0:f5:6e:cd:d9:34:07:33:81:ae:0b:e2:6a:b6:b5:
18:ed:d2:d8:40:3c:99:57:b6:2d:23:81:12:89:67:bd:7a:8c:
67:18:5b:33:c6:22:f7:e2:06:4a:bf:c8:2a:68:9d:95:de:9e:
2b:79:ae:7c:92:00:17:44:6c:b9:20:70:ba:7b:47:3b:c5:19:
f7:6f:86:99:19:08:46:91:de:dd:7a:1c:e0:d0:4f:6a:a7:36:
dd:4d:3a:e6:01:95:85:37:80:bf:33:4f:74:09:b4:f6:1d:33:
d6:5b:4d:43:f5:8b:16:9e:a6:63:fb:1b:cf:86:a8:2b:c4:67:
f7:d4:7c:bb:be:18:a4:50:5f:6e:10:1e:8a:cf:0b:c8:bc:c8:
4e:88:07:20:22:f6:7b:87:06:9c:3a:ef:51:84:bc:5d:62:cd:
e8:f4:ed:96:c5:94:de:cf:7b:2e:30:1c:1c:25:4d:1e:bb:a1:
d1:5e:6a:51:fd:43:7c:e7:cd:ac:ac:4b:0d:76:03:64:ab:5d:
68:0a:fd:2f:35:b8:03:79:be:f5:1d:45:12:30:a5:13:97:22:
8f:24:71:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEks0+c8OLKjeTeBHHiJENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjQwMTAxMTAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2EyOTEwNTQxMzFhOTE0Mzk4N2Y1YmY3NGMwYzc4ZDhkNzZiMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNX8dQr2AKIXVIG0jlL79Ng7tJth
96jt4nxGr7Q3Og2JWDJvA0NMSHezRbsWOcqTqWv84fxVOkWGs57b/Z2X66dxyCdS
ATJeFZ3jHTLSsmZZaC1aYAVcy+16G5cCcd6eTEQWCMjG8K8lw1Nbdc5RSwtO3Wdm
x59g3faVbiq+yz6UjljM5AvaUkorYEmVQNSymXS7QGxE41oNdWqaEXwC0ljElB8N
bwFW2nG4ehhujKk19sWyysbONBw4E8ORuZXwiowFaFknyia8XI1sRuXx1Fzm1HbD
3itIzM9LQrTTV6jbeDwz4xeGF1VzmEPvCj7T5e7DsH2FvQBGuQN+kDZG9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOikQVBMakUOYf1v3TAx42NdrKHMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvSTZLUkJVRXhxUlE1aF9XX2RNREhqWTEyc29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6lEMA0G
CSqGSIb3DQEBCwUAA4IBAQCkwnVC9kFXpbIravaErTrzxP3tmzwdbyIvnaJ060W/
t1zxqBUfAfDg9W7N2TQHM4GuC+JqtrUY7dLYQDyZV7YtI4ESiWe9eoxnGFszxiL3
4gZKv8gqaJ2V3p4rea58kgAXRGy5IHC6e0c7xRn3b4aZGQhGkd7dehzg0E9qpzbd
TTrmAZWFN4C/M090CbT2HTPWW01D9YsWnqZj+xvPhqgrxGf31Hy7vhikUF9uEB6K
zwvIvMhOiAcgIvZ7hwacOu9RhLxdYs3o9O2WxZTez3suMBwcJU0eu6HRXmpR/UN8
582srEsNdgNkq11oCv0vNbgDeb71HUUSMKUTlyKPJHGE
-----END CERTIFICATE-----
Generated at Thu May 30 17:52:21 2024 by rpki-client on console-ams.rpki-client.org