Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mGuoKeMAEMN6CljhwESyq6no85Q.roa
File: mGuoKeMAEMN6CljhwESyq6no85Q.roa (raw, json)
Hash identifier: mRqx9ocqej/L1cjAMupFkjp21/3MIfNm1U3Iqfo0qtA=
Subject key identifier: 98:6B:A8:29:E3:00:10:C3:7A:0A:58:E1:C0:44:B2:AB:A9:E8:F3:94
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01856E2664EFD650EEAB8A62C6FAD12EAC72
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mGuoKeMAEMN6CljhwESyq6no85Q.roa
Signing time: Sun 01 Jan 2023 16:24:47 +0000
ROA not before: Sun 01 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52091
IP address blocks: 31.133.40.0/23 maxlen: 23
31.133.40.0/24 maxlen: 24
31.133.41.0/24 maxlen: 24
2a0d:df80::/31 maxlen: 31
2a0d:df80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 23 May 2023 07:50:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:64:ef:d6:50:ee:ab:8a:62:c6:fa:d1:2e:ac:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=986ba829e30010c37a0a58e1c044b2aba9e8f394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:2e:5e:68:02:62:2e:6b:6e:9e:cb:6f:d5:
38:81:83:01:5d:a6:a3:b3:a8:b8:e2:d0:fc:4c:65:
3b:d2:20:50:3a:75:8e:f8:dd:17:3f:44:ca:34:5c:
3b:d4:38:c0:46:c8:bb:f8:0d:d7:9c:62:1e:7f:04:
9e:b0:d4:87:3e:68:5d:c1:66:f4:85:c1:02:3f:0e:
ea:ed:58:f5:e9:d3:f9:7e:03:89:5e:50:33:e1:c5:
70:c2:6b:77:37:a4:6b:a0:89:32:cd:b1:ff:03:20:
db:93:0b:e9:fe:61:c5:b1:95:dd:f7:fd:61:a0:f7:
e3:2c:64:84:34:ab:ae:dd:48:d0:54:7f:74:97:b5:
90:8d:33:97:f9:8b:b4:90:6f:6b:9d:2a:c0:55:fe:
57:54:46:20:23:d2:93:73:ec:a6:e3:91:6a:23:3d:
51:35:3c:6f:b6:0b:a2:e8:2e:96:57:d8:3c:3b:90:
e1:bb:e1:0a:4f:b4:bd:73:c5:b8:aa:76:d0:5f:0a:
61:ff:30:4d:bd:3e:de:c0:17:1d:87:c1:53:80:0b:
a2:41:fb:b0:fd:de:59:cc:a2:ef:09:f4:bd:d2:d3:
19:9e:e1:65:f7:43:62:4c:3b:13:7c:5f:f2:ef:b0:
95:2c:08:24:21:a6:6f:54:b0:06:6f:e6:d7:c0:01:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6B:A8:29:E3:00:10:C3:7A:0A:58:E1:C0:44:B2:AB:A9:E8:F3:94
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/mGuoKeMAEMN6CljhwESyq6no85Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.40.0/23
IPv6:
2a0d:df80::/29
Signature Algorithm: sha256WithRSAEncryption
04:97:b7:9e:5d:92:27:ec:a4:93:ae:fe:e6:45:97:75:98:69:
31:84:06:b7:61:52:86:4c:f6:0d:3a:4b:a1:6f:82:9a:fe:29:
af:56:f8:70:14:6c:44:60:97:b5:0a:91:6f:26:56:eb:b3:6c:
fb:bb:89:cd:27:77:d0:ba:24:9c:22:48:66:be:f4:4a:27:d4:
5f:c4:96:1e:1f:06:65:e9:60:b6:49:d4:65:76:68:63:0c:44:
3a:bb:64:a6:40:f7:0e:50:c8:7b:9b:2c:94:15:16:30:cc:6e:
95:99:f3:76:53:97:bd:c5:7b:46:4d:08:9b:82:41:dd:46:7c:
06:37:18:d9:09:41:71:ab:9a:a2:8b:9c:57:16:a5:78:90:02:
3e:81:92:6d:af:bb:c9:f4:df:41:6f:b2:3c:82:e2:c4:c7:51:
7e:48:92:95:7f:1d:f0:12:52:aa:62:56:cd:eb:c1:b2:03:d0:
fb:b3:cc:11:70:d0:7d:c3:ca:46:e9:3f:8d:6b:ea:58:f2:bc:
14:91:a6:b3:e9:55:5f:e5:b5:66:ae:f6:59:20:90:6d:f2:86:
7f:84:9e:2d:cd:f6:72:18:b3:ab:8e:62:de:03:fc:1a:50:ee:
3f:7b:2b:e7:f0:95:cc:1f:f8:35:07:c4:93:bf:5f:07:56:5f:
4c:86:43:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJmTv1lDuq4pixvrRLqxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwMTAxMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZiYTgyOWUzMDAxMGMzN2EwYTU4ZTFjMDQ0YjJhYmE5ZThmMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUIuXmgCYi5rbp7Lb9U4gYMBXaaj
s6i44tD8TGU70iBQOnWO+N0XP0TKNFw71DjARsi7+A3XnGIefwSesNSHPmhdwWb0
hcECPw7q7Vj16dP5fgOJXlAz4cVwwmt3N6RroIkyzbH/AyDbkwvp/mHFsZXd9/1h
oPfjLGSENKuu3UjQVH90l7WQjTOX+Yu0kG9rnSrAVf5XVEYgI9KTc+ym45FqIz1R
NTxvtgui6C6WV9g8O5Dhu+EKT7S9c8W4qnbQXwph/zBNvT7ewBcdh8FTgAuiQfuw
/d5ZzKLvCfS90tMZnuFl90NiTDsTfF/y77CVLAgkIaZvVLAGb+bXwAFztQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJhrqCnjABDDegpY4cBEsqup6POUMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvbUd1b0tlTUFFTU42Q2xqaHdFU3lxNm5vODVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBH4UoMA0E
AgACMAcDBQMqDd+AMA0GCSqGSIb3DQEBCwUAA4IBAQAEl7eeXZIn7KSTrv7mRZd1
mGkxhAa3YVKGTPYNOkuhb4Ka/imvVvhwFGxEYJe1CpFvJlbrs2z7u4nNJ3fQuiSc
IkhmvvRKJ9RfxJYeHwZl6WC2SdRldmhjDEQ6u2SmQPcOUMh7myyUFRYwzG6VmfN2
U5e9xXtGTQibgkHdRnwGNxjZCUFxq5qii5xXFqV4kAI+gZJtr7vJ9N9Bb7I8guLE
x1F+SJKVfx3wElKqYlbN68GyA9D7s8wRcNB9w8pG6T+Na+pY8rwUkaaz6VVf5bVm
rvZZIJBt8oZ/hJ4tzfZyGLOrjmLeA/waUO4/eyvn8JXMH/g1B8STv18HVl9MhkOG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org