Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/B5Hlo1otDC0ZbxYCwWvUkhVaWeI.roa
File: B5Hlo1otDC0ZbxYCwWvUkhVaWeI.roa (raw, json)
Hash identifier: IFdRMLSYdIMebuSnZDSpi9/X/6OZCL3EJ0P7/ht+TEw=
Subject key identifier: 07:91:E5:A3:5A:2D:0C:2D:19:6F:16:02:C1:6B:D4:92:15:5A:59:E2
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018DF6372FF31B2D66ACC71043A1C39FAB6C
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/B5Hlo1otDC0ZbxYCwWvUkhVaWeI.roa
Signing time: Thu 29 Feb 2024 18:53:48 +0000
ROA not before: Thu 29 Feb 2024 18:53:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216033
IP address blocks: 31.40.133.0/24 maxlen: 24
31.40.136.0/24 maxlen: 24
31.40.145.0/24 maxlen: 24
31.40.146.0/24 maxlen: 24
31.40.150.0/24 maxlen: 24
31.40.154.0/24 maxlen: 24
31.40.160.0/23 maxlen: 23
31.40.164.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 01 Mar 2024 17:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f6:37:2f:f3:1b:2d:66:ac:c7:10:43:a1:c3:9f:ab:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Feb 29 18:53:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0791e5a35a2d0c2d196f1602c16bd492155a59e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:47:5e:82:25:97:19:3e:29:ff:b8:d5:a1:
3a:60:ad:71:1e:b4:2e:15:35:f3:90:c3:eb:a8:df:
f9:be:4d:16:ec:d2:73:15:2c:0d:cb:88:05:b7:55:
78:a4:a2:c3:58:c8:b3:c4:b5:84:4b:94:ee:29:8c:
cb:e7:2b:ed:13:18:63:ec:67:80:06:b6:c8:c1:c6:
bd:7d:15:9b:b1:e5:06:e8:10:26:0e:09:a6:79:ee:
ca:9a:58:c9:56:8f:d1:f7:1f:5e:af:c8:90:7c:ed:
62:08:fc:7e:a3:9a:7c:15:ab:5f:c0:0a:94:81:b2:
41:8d:77:6b:83:e4:7b:3b:c0:0f:17:29:ff:87:e9:
0f:8b:df:57:db:fe:2a:2d:93:e5:3c:53:e5:eb:98:
44:a6:ab:fc:d0:bb:ba:cf:e9:3e:00:b1:e5:3f:88:
c4:fe:4d:38:6e:70:c3:21:81:ba:83:62:f5:f4:b4:
35:02:c3:58:ac:05:72:b1:dc:dc:22:80:ce:20:1b:
63:84:90:cc:ce:22:37:b9:d6:ef:8e:d9:c4:68:59:
ac:11:f8:44:fb:b4:89:46:bb:a6:20:d5:50:00:37:
b6:7c:6f:45:93:6d:ec:98:df:1f:59:4f:ee:b9:94:
fa:c8:7e:86:76:6a:4e:03:74:de:a4:4e:1e:a2:59:
b5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:91:E5:A3:5A:2D:0C:2D:19:6F:16:02:C1:6B:D4:92:15:5A:59:E2
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/B5Hlo1otDC0ZbxYCwWvUkhVaWeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.133.0/24
31.40.136.0/24
31.40.145.0-31.40.146.255
31.40.150.0/24
31.40.154.0/24
31.40.160.0/23
31.40.164.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:c1:ae:3e:a5:fb:28:ff:f1:36:e9:e6:b1:39:7e:67:39:af:
4a:29:e3:6d:77:66:bc:c7:c8:c4:0d:e3:38:c9:21:af:c7:70:
10:7b:70:65:ef:25:a9:15:b5:80:7a:89:9b:dd:7e:e8:a6:0e:
68:23:f4:6b:39:46:28:30:62:a4:e0:cb:77:b8:e8:33:da:e8:
4a:e8:f2:97:2d:98:48:4b:c4:db:ac:97:28:fe:a6:f4:a9:e8:
9e:b0:88:ce:72:8d:f4:ec:7a:fc:c3:3d:f2:f2:9c:09:70:3f:
b9:16:50:52:c1:dc:38:97:29:fd:56:aa:b5:07:e7:e4:62:e0:
f9:8c:78:51:ac:db:02:1e:ab:4e:b6:c5:8d:fd:6a:ac:3f:62:
24:3e:2c:8d:df:73:14:7b:83:90:74:d7:9d:2a:e2:dc:7b:3b:
83:47:d3:88:08:d7:c3:58:00:ee:8d:23:8f:64:02:83:7f:11:
82:6c:d3:6c:f3:cf:8c:03:8a:99:6b:7e:f9:c2:25:68:c2:20:
01:86:10:df:a8:64:2c:7c:7f:ec:c1:af:9c:a7:c6:44:2c:a6:
55:6c:75:53:60:b8:1b:74:3f:f5:33:90:9d:d3:24:53:b9:b2:
b8:ae:b1:6e:35:2f:45:ef:09:29:b3:a8:1e:79:32:f5:ca:a7:
0b:59:3b:9c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY32Ny/zGy1mrMcQQ6HDn6tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMjI5MTg1MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkxZTVhMzVhMmQwYzJkMTk2ZjE2MDJjMTZiZDQ5MjE1NWE1OWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BhHXoIllxk+Kf+41aE6YK1xHrQu
FTXzkMPrqN/5vk0W7NJzFSwNy4gFt1V4pKLDWMizxLWES5TuKYzL5yvtExhj7GeA
BrbIwca9fRWbseUG6BAmDgmmee7KmljJVo/R9x9er8iQfO1iCPx+o5p8FatfwAqU
gbJBjXdrg+R7O8APFyn/h+kPi99X2/4qLZPlPFPl65hEpqv80Lu6z+k+ALHlP4jE
/k04bnDDIYG6g2L19LQ1AsNYrAVysdzcIoDOIBtjhJDMziI3udbvjtnEaFmsEfhE
+7SJRrumINVQADe2fG9Fk23smN8fWU/uuZT6yH6GdmpOA3TepE4eolm1AwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAeR5aNaLQwtGW8WAsFr1JIVWlniMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvQjVIbG8xb3REQzBaYnhZQ3dXdlVraFZhV2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHyiFAwQA
HyiIMAwDBAAfKJEDBAAfKJIDBAAfKJYDBAAfKJoDBAEfKKADBAEfKKQwDQYJKoZI
hvcNAQELBQADggEBAD3Brj6l+yj/8Tbp5rE5fmc5r0op4213ZrzHyMQN4zjJIa/H
cBB7cGXvJakVtYB6iZvdfuimDmgj9Gs5RigwYqTgy3e46DPa6Ero8pctmEhLxNus
lyj+pvSp6J6wiM5yjfTsevzDPfLynAlwP7kWUFLB3DiXKf1WqrUH5+Ri4PmMeFGs
2wIeq062xY39aqw/YiQ+LI3fcxR7g5B0150q4tx7O4NH04gI18NYAO6NI49kAoN/
EYJs02zzz4wDiplrfvnCJWjCIAGGEN+oZCx8f+zBr5ynxkQsplVsdVNguBt0P/Uz
kJ3TJFO5sriusW41L0XvCSmzqB55MvXKpwtZO5w=
-----END CERTIFICATE-----
Generated at Fri Mar 1 19:29:18 2024 by rpki-client on console-ams.rpki-client.org