Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OL9u2cBzbBKLfxJqxfVU37BPIIw.roa
File: OL9u2cBzbBKLfxJqxfVU37BPIIw.roa (raw, json)
Hash identifier: wGqXWtx9Af9LEQ2y/UM4v0s08LIour7VNGFjLNkLDMA=
Subject key identifier: 38:BF:6E:D9:C0:73:6C:12:8B:7F:12:6A:C5:F5:54:DF:B0:4F:20:8C
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 0189FD3F11003D629A2BD15DFEEC2DCD888F
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OL9u2cBzbBKLfxJqxfVU37BPIIw.roa
Signing time: Wed 16 Aug 2023 07:28:36 +0000
ROA not before: Wed 16 Aug 2023 07:28:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52091
IP address blocks: 31.133.42.0/24 maxlen: 24
31.133.40.0/23 maxlen: 24
31.133.40.0/24 maxlen: 24
31.133.41.0/24 maxlen: 24
2a0d:df80::/31 maxlen: 31
2a0d:df80::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 29 Oct 2023 23:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:3f:11:00:3d:62:9a:2b:d1:5d:fe:ec:2d:cd:88:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Aug 16 07:28:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38bf6ed9c0736c128b7f126ac5f554dfb04f208c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9f:e5:ce:cd:26:62:38:79:20:d8:53:4f:a6:
60:32:26:a6:52:b4:14:52:63:2d:33:6e:6f:61:23:
43:36:12:f6:e9:74:6d:d0:34:0b:bf:a1:0a:4e:59:
b5:d4:c7:75:4d:bd:3f:d7:08:91:9d:5d:da:79:f3:
90:6c:73:8c:07:d3:b7:3a:f3:2c:25:ca:7f:b9:2e:
1f:a4:74:5e:d6:42:e8:ac:22:6c:98:0f:46:c2:b2:
3b:82:a5:40:a1:26:4b:1d:32:46:3f:d3:bc:84:20:
b3:72:24:7b:e7:78:d8:e6:a1:57:5c:d8:d8:06:63:
18:14:31:20:40:ce:6a:ed:d5:e6:e8:72:74:1e:0f:
14:37:09:d9:9f:81:49:67:18:e7:b3:93:fb:f2:3b:
22:14:cb:6a:41:65:38:46:fc:e4:f2:25:b8:6a:09:
52:b4:4e:f7:b2:6d:cb:7d:c8:fd:00:a6:a3:bc:5c:
b8:2d:46:80:06:bf:a3:db:95:d9:7d:76:45:61:d5:
8a:a3:81:f7:24:80:32:0c:e2:7e:85:0a:bc:5f:ee:
04:b9:1e:b4:25:db:84:3c:31:79:af:bf:44:9f:18:
fc:c4:d8:15:fe:b1:e4:2e:dc:e5:15:31:00:99:29:
07:04:6d:0a:15:76:8d:14:58:81:a7:fe:07:6d:e9:
32:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BF:6E:D9:C0:73:6C:12:8B:7F:12:6A:C5:F5:54:DF:B0:4F:20:8C
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/OL9u2cBzbBKLfxJqxfVU37BPIIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.40.0-31.133.42.255
IPv6:
2a0d:df80::/29
Signature Algorithm: sha256WithRSAEncryption
60:cf:49:2a:db:ee:36:23:4a:3d:0e:95:7c:34:a6:e2:72:e3:
bc:be:a2:60:b5:f8:26:86:29:45:e4:37:b6:dd:10:f0:69:9a:
f1:d1:c7:80:9c:cd:91:34:8f:da:c2:c3:8e:86:48:5c:68:fe:
10:c7:bf:a7:bb:d4:00:54:a8:84:04:ab:ee:f8:bf:93:2a:22:
28:6c:d6:7a:bb:eb:9e:0d:b6:c6:11:1b:74:24:2e:f6:81:1e:
b3:da:76:32:c3:c5:35:d4:5a:a9:34:67:56:51:33:ae:b6:91:
e0:ab:83:a7:fd:6d:57:35:dd:eb:78:02:85:30:f9:08:99:f1:
2a:46:1b:83:ab:b9:ef:5a:1e:6a:0d:86:51:ac:99:63:d8:e9:
0c:c3:20:95:32:49:5d:bc:a9:79:22:e4:41:3c:42:a2:3a:95:
be:e7:52:d0:43:c9:d7:2a:3d:99:8a:de:52:6c:48:4f:98:f2:
26:1c:38:44:bb:af:5d:9c:44:f4:0d:37:d9:b3:6d:5d:18:cd:
11:8d:76:d3:3e:ee:8d:12:ce:9f:46:26:2f:13:ec:99:ea:8e:
7d:01:2e:c8:80:9d:90:be:ea:47:a0:2f:f0:e4:e9:bb:e0:7e:
ee:e0:15:69:0b:ca:83:2a:64:58:84:e5:0a:32:cf:f7:6b:ac:
b8:2b:90:d0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYn9PxEAPWKaK9Fd/uwtzYiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwODE2MDcyODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJmNmVkOWMwNzM2YzEyOGI3ZjEyNmFjNWY1NTRkZmIwNGYyMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5/lzs0mYjh5INhTT6ZgMiamUrQU
UmMtM25vYSNDNhL26XRt0DQLv6EKTlm11Md1Tb0/1wiRnV3aefOQbHOMB9O3OvMs
Jcp/uS4fpHRe1kLorCJsmA9GwrI7gqVAoSZLHTJGP9O8hCCzciR753jY5qFXXNjY
BmMYFDEgQM5q7dXm6HJ0Hg8UNwnZn4FJZxjns5P78jsiFMtqQWU4Rvzk8iW4aglS
tE73sm3Lfcj9AKajvFy4LUaABr+j25XZfXZFYdWKo4H3JIAyDOJ+hQq8X+4EuR60
JduEPDF5r79Enxj8xNgV/rHkLtzlFTEAmSkHBG0KFXaNFFiBp/4HbekypQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDi/btnAc2wSi38SasX1VN+wTyCMMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvT0w5dTJjQnpiQktMZnhKcXhmVlUzN0JQSUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMfhSgD
BAAfhSowDQQCAAIwBwMFAyoN34AwDQYJKoZIhvcNAQELBQADggEBAGDPSSrb7jYj
Sj0OlXw0puJy47y+omC1+CaGKUXkN7bdEPBpmvHRx4CczZE0j9rCw46GSFxo/hDH
v6e71ABUqIQEq+74v5MqIihs1nq7654NtsYRG3QkLvaBHrPadjLDxTXUWqk0Z1ZR
M662keCrg6f9bVc13et4AoUw+QiZ8SpGG4Orue9aHmoNhlGsmWPY6QzDIJUySV28
qXki5EE8QqI6lb7nUtBDydcqPZmK3lJsSE+Y8iYcOES7r12cRPQNN9mzbV0YzRGN
dtM+7o0Szp9GJi8T7Jnqjn0BLsiAnZC+6kegL/Dk6bvgfu7gFWkLyoMqZFiE5Qoy
z/drrLgrkNA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:41 2024 by rpki-client on console-ams.rpki-client.org