Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/UijUMhrA5WW_Z5IeHyZA-azxYe8.roa
File: UijUMhrA5WW_Z5IeHyZA-azxYe8.roa (raw, json)
Hash identifier: 9wSPK5cym6CAgt/0aN8A4dKBykf+wP86QODaFS++EKI=
Subject key identifier: 52:28:D4:32:1A:C0:E5:65:BF:67:92:1E:1F:26:40:F9:AC:F1:61:EF
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018CC801AF25ACA7CE78A19C86DAD0311721
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/UijUMhrA5WW_Z5IeHyZA-azxYe8.roa
Signing time: Tue 02 Jan 2024 02:30:02 +0000
ROA not before: Tue 02 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57679
IP address blocks: 31.40.152.0/24 maxlen: 24
31.40.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 11:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:af:25:ac:a7:ce:78:a1:9c:86:da:d0:31:17:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5228d4321ac0e565bf67921e1f2640f9acf161ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fa:c9:be:7a:0d:d1:a8:9a:4b:42:64:1c:97:
69:bc:c6:23:e1:f5:94:94:0d:6a:62:17:65:d2:2a:
4c:0d:e4:22:ab:41:29:9d:c1:21:3b:19:70:65:01:
56:07:d9:db:b8:3a:a7:59:45:27:2d:ed:70:e6:38:
85:79:2c:06:a0:91:f1:40:4f:19:80:e5:22:86:a8:
76:2e:b5:6f:73:48:9a:49:4a:71:53:2e:49:47:7b:
00:ee:5f:75:ee:10:d4:16:e4:34:7b:cc:37:b7:50:
5b:31:4d:e6:ac:8b:37:44:0b:67:02:34:a9:5c:02:
07:ea:71:f8:3b:c4:64:74:e3:04:14:03:b9:37:60:
32:a9:f6:f9:03:d5:7b:33:2d:20:7d:57:9a:73:fd:
b9:d6:d6:c4:c6:a4:d9:c9:fb:1f:02:bb:03:1e:06:
8c:4f:e9:5a:63:41:13:23:b9:a6:ba:57:82:b9:79:
5c:f3:b7:83:92:f9:b6:69:0e:83:cb:bd:10:38:b3:
7c:08:b1:e8:39:6d:bb:27:bc:b0:a5:a4:c2:05:96:
3b:d5:28:0a:e6:32:63:ab:15:3a:21:93:fe:a8:2f:
60:09:02:b0:09:fb:8b:49:ee:95:ae:cf:67:50:8a:
31:db:7a:fc:a4:1f:f9:60:74:09:51:0f:67:2f:bb:
82:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:28:D4:32:1A:C0:E5:65:BF:67:92:1E:1F:26:40:F9:AC:F1:61:EF
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/UijUMhrA5WW_Z5IeHyZA-azxYe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.152.0/24
31.40.159.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ed:3e:5f:e6:2a:25:0d:3a:67:7a:c1:3e:b0:ee:f3:60:9d:
2e:40:17:2a:62:6d:e0:bc:47:57:15:a1:02:0e:02:9f:f2:d0:
e4:2e:79:88:4e:d4:ed:f2:b4:20:d6:47:1c:f9:43:b7:69:5d:
05:ac:2b:ab:68:a7:ff:a7:cf:b4:ea:6a:26:e0:ba:d7:d3:9b:
6d:90:a1:db:95:b4:92:9d:8c:2a:8e:2d:5c:8f:3b:0c:9f:ab:
a6:86:f9:cd:c9:0d:e0:70:ee:89:8c:2b:ab:08:63:6d:f0:87:
d1:0f:f8:ee:2a:d6:ab:5d:50:91:a6:4d:98:77:19:d3:4b:6e:
e1:55:14:5b:8c:47:f3:dd:39:32:9c:d8:39:12:f1:60:fe:e0:
5c:2e:2d:94:97:2d:3a:db:4c:66:90:d3:4b:17:fe:9f:6f:f0:
e2:1f:7f:c1:fa:4b:a6:5f:98:73:66:8d:ed:2f:bc:17:36:64:
c6:11:44:16:74:d9:90:0b:89:fc:28:d4:cf:05:5d:63:df:2b:
e9:fe:ca:f7:76:60:73:70:6a:12:2f:d5:8d:8a:70:d5:c7:c3:
47:19:a6:d0:78:d8:22:84:21:a9:bc:e8:cd:37:ba:8d:bf:90:
5d:18:0b:66:80:e5:b8:ef:14:49:e6:ef:a3:11:20:3e:ef:04:
ba:a4:c8:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAa8lrKfOeKGchtrQMRchMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI4ZDQzMjFhYzBlNTY1YmY2NzkyMWUxZjI2NDBmOWFjZjE2MWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfrJvnoN0aiaS0JkHJdpvMYj4fWU
lA1qYhdl0ipMDeQiq0EpncEhOxlwZQFWB9nbuDqnWUUnLe1w5jiFeSwGoJHxQE8Z
gOUihqh2LrVvc0iaSUpxUy5JR3sA7l917hDUFuQ0e8w3t1BbMU3mrIs3RAtnAjSp
XAIH6nH4O8RkdOMEFAO5N2Ayqfb5A9V7My0gfVeac/251tbExqTZyfsfArsDHgaM
T+laY0ETI7mmuleCuXlc87eDkvm2aQ6Dy70QOLN8CLHoOW27J7ywpaTCBZY71SgK
5jJjqxU6IZP+qC9gCQKwCfuLSe6Vrs9nUIox23r8pB/5YHQJUQ9nL7uCSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFIo1DIawOVlv2eSHh8mQPms8WHvMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvVWlqVU1ockE1V1dfWjVJZUh5WkEtYXp4WWU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHyiYAwQA
HyifMA0GCSqGSIb3DQEBCwUAA4IBAQAN7T5f5iolDTpnesE+sO7zYJ0uQBcqYm3g
vEdXFaECDgKf8tDkLnmITtTt8rQg1kcc+UO3aV0FrCuraKf/p8+06mom4LrX05tt
kKHblbSSnYwqji1cjzsMn6umhvnNyQ3gcO6JjCurCGNt8IfRD/juKtarXVCRpk2Y
dxnTS27hVRRbjEfz3TkynNg5EvFg/uBcLi2Uly0620xmkNNLF/6fb/DiH3/B+kum
X5hzZo3tL7wXNmTGEUQWdNmQC4n8KNTPBV1j3yvp/sr3dmBzcGoSL9WNinDVx8NH
GabQeNgihCGpvOjNN7qNv5BdGAtmgOW47xRJ5u+jESA+7wS6pMhq
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:45 2024 by rpki-client on console-ams.rpki-client.org