Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/DrA9k6HhgDCbLrQ2iq5RX9kz2Sg.roa
File: DrA9k6HhgDCbLrQ2iq5RX9kz2Sg.roa (raw, json)
Hash identifier: dxQIGqD4uC53CMdH7TH09Ruo4wdIVGN/tL3Mrokhlwk=
Subject key identifier: 0E:B0:3D:93:A1:E1:80:30:9B:2E:B4:36:8A:AE:51:5F:D9:33:D9:28
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018CC801B07EA81976900A9569E0D5E38CF1
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/DrA9k6HhgDCbLrQ2iq5RX9kz2Sg.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204144
IP address blocks: 195.20.118.0/24 maxlen: 24
31.40.136.0/24 maxlen: 24
31.40.133.0/24 maxlen: 24
31.40.145.0/24 maxlen: 24
31.40.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b0:7e:a8:19:76:90:0a:95:69:e0:d5:e3:8c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eb03d93a1e180309b2eb4368aae515fd933d928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5e:98:7f:53:3c:e4:e1:bd:2a:b9:42:de:4d:
4e:66:e4:b8:28:28:38:85:37:53:bf:4e:1f:be:a4:
55:bb:97:b9:61:4d:3c:f1:89:bd:80:c4:97:bf:d6:
b3:eb:31:99:2c:19:dd:b9:ec:c5:a5:a8:42:db:36:
6a:d2:7d:46:0b:c1:5c:ff:b5:ca:95:87:22:66:95:
22:da:e0:67:a4:d9:01:d4:16:a2:58:1e:0c:0a:71:
f1:9d:71:7e:bd:97:39:2d:84:27:59:1f:6e:4c:b0:
4c:f5:5c:6d:09:e0:4a:f9:c4:69:e0:61:c6:8b:0b:
aa:75:b1:f7:b0:ab:7f:d2:77:26:7d:d7:2d:06:7c:
4a:d0:2f:15:b9:48:f9:3e:90:5e:00:a7:d7:51:25:
97:e0:b6:fd:6c:1e:80:d9:53:a4:da:81:fc:da:09:
5a:6f:42:f8:9f:36:29:50:3c:11:5d:09:37:58:aa:
86:21:28:e2:9e:eb:24:21:76:b3:eb:54:dd:bc:e2:
bc:11:c4:c5:7d:e1:80:6b:c8:e4:03:85:d1:8c:9c:
4c:70:d8:09:59:49:cf:ca:f7:57:99:36:9f:2a:91:
fe:a8:32:26:61:b7:6d:05:36:7e:3c:37:ab:16:f1:
6f:ac:f2:07:ea:a8:dc:b8:d8:0c:d2:6e:36:84:8d:
22:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:B0:3D:93:A1:E1:80:30:9B:2E:B4:36:8A:AE:51:5F:D9:33:D9:28
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/DrA9k6HhgDCbLrQ2iq5RX9kz2Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.133.0/24
31.40.136.0/24
31.40.145.0-31.40.146.255
195.20.118.0/24
Signature Algorithm: sha256WithRSAEncryption
73:8f:b5:96:33:62:8f:b3:e9:cd:91:91:ad:06:15:e8:b5:d4:
2c:11:1f:27:7d:8e:c2:94:8b:73:91:42:2b:29:ee:5d:bd:98:
b7:00:95:b2:19:85:f8:54:18:08:73:25:72:f3:34:43:0f:7d:
e3:20:74:25:80:02:97:34:a3:86:6f:d0:28:2c:db:e7:ea:74:
a8:cc:9f:e8:7e:1b:2a:6d:fc:b2:2e:54:f8:0c:c8:87:29:e4:
95:0f:05:9d:7f:3c:2e:90:ff:ef:30:80:ad:28:dc:e6:19:a0:
09:04:1a:ea:27:e2:fe:a2:c5:06:f4:89:fe:0c:63:c1:a6:63:
f3:7f:65:ef:af:a9:21:37:65:e2:44:1b:91:3c:3b:26:00:f6:
74:e1:ed:4a:34:40:a8:de:46:15:2b:28:cd:f8:98:42:93:34:
b3:f8:a7:63:fa:ff:77:4c:f2:97:4f:cb:02:00:c1:07:48:29:
5c:10:0b:7d:89:7e:71:40:1e:78:28:1c:99:33:42:d1:20:0d:
40:da:2f:d6:64:6f:7f:54:32:72:18:6a:dd:fd:63:36:84:68:
27:da:2e:10:c5:a1:03:9c:45:76:5a:1e:04:95:14:95:7c:9c:
68:04:ed:86:dc:74:f6:7e:70:bc:76:6d:73:1e:3a:23:49:58:
9e:f1:11:0a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIAbB+qBl2kAqVaeDV44zxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWIwM2Q5M2ExZTE4MDMwOWIyZWI0MzY4YWFlNTE1ZmQ5MzNkOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF6Yf1M85OG9KrlC3k1OZuS4KCg4
hTdTv04fvqRVu5e5YU088Ym9gMSXv9az6zGZLBnduezFpahC2zZq0n1GC8Fc/7XK
lYciZpUi2uBnpNkB1BaiWB4MCnHxnXF+vZc5LYQnWR9uTLBM9VxtCeBK+cRp4GHG
iwuqdbH3sKt/0ncmfdctBnxK0C8VuUj5PpBeAKfXUSWX4Lb9bB6A2VOk2oH82gla
b0L4nzYpUDwRXQk3WKqGISjinuskIXaz61TdvOK8EcTFfeGAa8jkA4XRjJxMcNgJ
WUnPyvdXmTafKpH+qDImYbdtBTZ+PDerFvFvrPIH6qjcuNgM0m42hI0iiQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA6wPZOh4YAwmy60NoquUV/ZM9koMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvRHJBOWs2SGhnRENiTHJRMmlxNVJYOWt6MlNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHyiFAwQA
HyiIMAwDBAAfKJEDBAAfKJIDBADDFHYwDQYJKoZIhvcNAQELBQADggEBAHOPtZYz
Yo+z6c2Rka0GFei11CwRHyd9jsKUi3ORQisp7l29mLcAlbIZhfhUGAhzJXLzNEMP
feMgdCWAApc0o4Zv0Cgs2+fqdKjMn+h+Gypt/LIuVPgMyIcp5JUPBZ1/PC6Q/+8w
gK0o3OYZoAkEGuon4v6ixQb0if4MY8GmY/N/Ze+vqSE3ZeJEG5E8OyYA9nTh7Uo0
QKjeRhUrKM34mEKTNLP4p2P6/3dM8pdPywIAwQdIKVwQC32JfnFAHngoHJkzQtEg
DUDaL9Zkb39UMnIYat39YzaEaCfaLhDFoQOcRXZaHgSVFJV8nGgE7YbcdPZ+cLx2
bXMeOiNJWJ7xEQo=
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:45 2024 by rpki-client on console-ams.rpki-client.org