Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/3tkn2cC_vinGHWMwIDAmC9fuk4k.roa
File: 3tkn2cC_vinGHWMwIDAmC9fuk4k.roa (raw, json)
Hash identifier: pGoTuVFKRWm2qCdA61tDg8pHG0Q9DF9D2ritlCrCQaU=
Subject key identifier: DE:D9:27:D9:C0:BF:BE:29:C6:1D:63:30:20:30:26:0B:D7:EE:93:89
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018573220A822913A01B352E8E525D5DEB4F
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/3tkn2cC_vinGHWMwIDAmC9fuk4k.roa
Signing time: Mon 02 Jan 2023 15:38:08 +0000
ROA not before: Mon 02 Jan 2023 15:38:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39529
IP address blocks: 194.50.9.0/24 maxlen: 24
91.214.83.0/24 maxlen: 24
91.214.82.0/24 maxlen: 24
91.214.81.0/24 maxlen: 24
31.40.144.0/24 maxlen: 24
31.40.152.0/24 maxlen: 24
31.40.148.0/24 maxlen: 24
31.40.149.0/24 maxlen: 24
31.40.147.0/24 maxlen: 24
31.40.155.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:0a:82:29:13:a0:1b:35:2e:8e:52:5d:5d:eb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ded927d9c0bfbe29c61d63302030260bd7ee9389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:45:84:f1:87:4e:dc:d1:6f:32:4e:90:63:a3:
a1:a1:e7:d2:9f:c5:e2:44:e3:c8:ec:c2:22:0a:71:
b7:bf:5f:4a:61:37:46:70:b3:47:a2:a6:9d:16:62:
13:97:ac:1e:5a:18:59:5d:4a:8b:c8:92:d7:c9:88:
01:c7:68:3d:49:91:5c:46:d4:98:8b:5f:2b:f8:85:
ff:bd:a9:51:5f:c9:7a:97:a8:5d:f1:74:b2:a2:a3:
53:eb:3d:da:da:53:51:ce:f7:67:b6:0d:9e:cb:3f:
a4:39:e5:e4:ac:b5:51:43:1f:67:d8:52:12:a2:db:
e8:70:a1:5e:a6:c2:7f:d5:b1:6a:a0:ea:51:e2:2b:
f4:d3:f9:2e:e5:c1:5a:f0:b2:d4:75:78:04:f8:3e:
d6:86:9f:fd:d8:61:c3:8c:d8:b3:40:f5:bf:3a:1a:
f9:5f:3e:10:22:8a:5e:aa:87:e5:a1:0f:45:f0:ea:
0a:d1:f4:90:30:a4:52:a2:b7:31:d8:34:79:ff:e2:
52:49:5b:2a:b8:c8:47:2f:bc:b7:27:ac:1b:08:af:
8a:44:19:c1:7e:0b:1f:ee:b7:6f:b8:bc:59:ba:ed:
29:bb:e0:fb:d5:c8:69:f4:44:95:e3:9a:90:67:c6:
98:4e:bc:76:47:55:78:4c:92:41:c2:b8:c7:23:3e:
f0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D9:27:D9:C0:BF:BE:29:C6:1D:63:30:20:30:26:0B:D7:EE:93:89
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/3tkn2cC_vinGHWMwIDAmC9fuk4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.144.0/24
31.40.147.0-31.40.149.255
31.40.152.0/24
31.40.155.0/24
91.214.81.0-91.214.83.255
194.50.9.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ba:ac:8f:d0:e3:aa:58:02:4b:69:f6:1a:5e:7b:01:78:27:
aa:f4:ac:61:ea:9b:50:96:82:94:21:52:ca:70:69:af:5b:73:
78:e2:86:4e:0e:77:72:23:e6:e3:e6:54:33:ce:e0:18:73:7f:
0a:05:53:c5:75:42:e2:ab:23:3d:46:6c:02:0e:ab:3e:ea:24:
a2:ee:ca:0d:ab:ce:a7:f6:11:52:df:81:7b:69:f3:5f:16:84:
19:c4:c4:15:c1:18:cd:0e:b6:2c:d8:26:d9:9c:07:93:e2:d6:
e6:ca:cc:70:d2:fd:cc:04:d2:db:fb:f5:c9:ee:12:2e:8b:88:
53:2e:a0:cf:f3:24:6b:e7:22:a2:bc:41:a8:21:58:a6:44:06:
d2:9f:11:21:00:2b:b3:54:38:ab:10:92:77:bb:8c:bb:20:91:
25:37:06:0b:c0:c5:a1:6f:71:18:ca:49:de:97:ac:94:47:a5:
e6:d3:80:11:fd:b3:23:b9:3a:90:df:35:ec:63:98:48:4d:ec:
88:d8:2e:77:ed:7b:04:1d:6f:15:5f:01:fa:0c:fd:08:b4:fa:
f0:12:d8:12:aa:14:d1:fe:49:f8:d9:65:03:c8:ee:c9:c2:f5:
5f:eb:b7:e0:b0:c5:a8:ec:bd:d8:89:4d:a9:1a:fc:15:22:4a:
14:2a:84:79
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVzIgqCKROgGzUujlJdXetPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ5MjdkOWMwYmZiZTI5YzYxZDYzMzAyMDMwMjYwYmQ3ZWU5Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0WE8YdO3NFvMk6QY6OhoefSn8Xi
ROPI7MIiCnG3v19KYTdGcLNHoqadFmITl6weWhhZXUqLyJLXyYgBx2g9SZFcRtSY
i18r+IX/valRX8l6l6hd8XSyoqNT6z3a2lNRzvdntg2eyz+kOeXkrLVRQx9n2FIS
otvocKFepsJ/1bFqoOpR4iv00/ku5cFa8LLUdXgE+D7Whp/92GHDjNizQPW/Ohr5
Xz4QIopeqofloQ9F8OoK0fSQMKRSorcx2DR5/+JSSVsquMhHL7y3J6wbCK+KRBnB
fgsf7rdvuLxZuu0pu+D71chp9ESV45qQZ8aYTrx2R1V4TJJBwrjHIz7wzQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFN7ZJ9nAv74pxh1jMCAwJgvX7pOJMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvM3RrbjJjQ192aW5HSFdNd0lEQW1DOWZ1azRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAHyiQMAwD
BAAfKJMDBAEfKJQDBAAfKJgDBAAfKJswDAMEAFvWUQMEAlvWUAMEAMIyCTANBgkq
hkiG9w0BAQsFAAOCAQEAZrqsj9DjqlgCS2n2Gl57AXgnqvSsYeqbUJaClCFSynBp
r1tzeOKGTg53ciPm4+ZUM87gGHN/CgVTxXVC4qsjPUZsAg6rPuokou7KDavOp/YR
Ut+Be2nzXxaEGcTEFcEYzQ62LNgm2ZwHk+LW5srMcNL9zATS2/v1ye4SLouIUy6g
z/Mka+ciorxBqCFYpkQG0p8RIQArs1Q4qxCSd7uMuyCRJTcGC8DFoW9xGMpJ3pes
lEel5tOAEf2zI7k6kN817GOYSE3siNgud+17BB1vFV8B+gz9CLT68BLYEqoU0f5J
+NllA8juycL1X+u34LDFqOy92IlNqRr8FSJKFCqEeQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:04 2023 by rpki-client on console-fra.rpki-client.org