Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/iLVi5yaMkIV0_y_3EdRFt6mRgf0.roa
File: iLVi5yaMkIV0_y_3EdRFt6mRgf0.roa (raw, json)
Hash identifier: D2kyjQ9rlVUGv/K0ErGbKD6oLb4d+vWvSI0OVFUXO0s=
Subject key identifier: 88:B5:62:E7:26:8C:90:85:74:FF:2F:F7:11:D4:45:B7:A9:91:81:FD
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018DF4A19C55274F07BEE2061A1DA53E27D7
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/iLVi5yaMkIV0_y_3EdRFt6mRgf0.roa
Signing time: Thu 29 Feb 2024 11:30:48 +0000
ROA not before: Thu 29 Feb 2024 11:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216033
IP address blocks: 31.40.145.0/24 maxlen: 24
31.40.146.0/24 maxlen: 24
31.40.150.0/24 maxlen: 24
31.40.154.0/24 maxlen: 24
31.40.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 29 Feb 2024 12:04:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:a1:9c:55:27:4f:07:be:e2:06:1a:1d:a5:3e:27:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Feb 29 11:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88b562e7268c908574ff2ff711d445b7a99181fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:58:97:9e:56:16:7d:4a:20:6b:e0:f1:bf:
1f:f1:e6:41:24:cb:e1:b0:44:78:95:3e:dd:b6:00:
8f:35:51:2c:6e:a4:b6:39:9a:b4:72:78:05:9f:df:
ab:16:7c:2b:8e:cc:91:cf:bb:8f:87:0c:19:0b:0f:
f5:1e:7e:ad:53:eb:1f:59:e9:02:c7:b7:9c:3c:f6:
9a:38:f2:bb:e7:93:d8:a8:0c:35:d5:68:f4:4d:02:
04:68:65:21:ad:5d:20:15:0a:69:28:06:3a:df:40:
92:b7:db:bc:97:ef:ba:42:b5:bd:af:69:c4:88:14:
40:43:93:da:2a:f0:87:61:6f:e3:df:ff:64:1d:df:
41:29:17:fd:c1:1c:ac:1d:ab:7c:bb:01:30:ff:c2:
06:a8:ee:5d:e5:aa:b9:fb:7e:28:d8:e9:e7:1b:63:
0d:b7:0e:9c:33:bd:b3:a2:a5:d7:1a:72:cf:b1:1d:
54:56:33:69:d8:08:7d:43:40:99:b4:23:d7:0c:29:
79:7c:26:b2:c8:36:d0:fa:cf:93:c3:02:ec:41:6f:
e8:1e:9a:9d:1c:71:1a:2b:33:de:a5:b3:4f:b5:46:
a7:3b:bc:44:74:89:42:fb:94:5a:5c:ec:bf:60:bb:
94:c4:b5:05:b3:5a:20:e8:d8:86:6a:63:1b:ad:20:
c5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B5:62:E7:26:8C:90:85:74:FF:2F:F7:11:D4:45:B7:A9:91:81:FD
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/iLVi5yaMkIV0_y_3EdRFt6mRgf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.145.0-31.40.146.255
31.40.150.0/24
31.40.154.0/24
31.40.160.0/23
Signature Algorithm: sha256WithRSAEncryption
18:d0:23:2e:3b:5b:00:c2:74:63:74:52:fa:79:1e:8c:e7:ff:
27:94:09:e1:b2:54:ae:68:a1:d8:c1:d7:3b:2e:c8:94:32:47:
9b:37:0e:a5:1b:4e:81:27:e6:f7:f7:69:0b:b9:f3:17:ef:db:
d5:9c:bd:77:69:e2:cd:d1:e0:0f:a2:9d:24:fb:04:2b:3c:c0:
f4:2b:4c:b0:c7:2c:df:eb:d8:d4:c2:c0:19:d5:78:a2:17:83:
3f:b8:7c:28:fc:54:cd:c6:80:ad:c8:90:e4:58:ff:44:87:35:
ae:8c:4d:90:64:16:a8:d0:58:51:15:0b:c4:d5:1e:93:bf:c4:
1b:a3:30:80:d5:97:e2:ac:26:03:d8:d9:e7:58:c0:df:a8:3f:
b4:c2:d9:41:7a:c2:60:28:16:71:26:6d:54:a6:5a:9d:83:b6:
5c:e6:98:d8:09:7c:2b:49:22:a9:f6:98:1a:5d:84:82:3a:c7:
7e:7a:21:2c:36:46:7b:7b:3a:02:44:01:0b:58:fa:fe:75:b7:
8d:ea:70:37:f7:f6:37:fd:47:e6:27:f1:c3:5f:74:66:b9:b4:
be:83:40:5c:50:99:2f:05:d7:77:84:53:ab:9c:f4:61:9f:ca:
ce:25:1a:f7:67:1d:ef:3e:b9:47:ab:2d:0d:e9:a1:e9:bb:15:
b6:66:0f:d7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY30oZxVJ08HvuIGGh2lPifXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMjI5MTEzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGI1NjJlNzI2OGM5MDg1NzRmZjJmZjcxMWQ0NDViN2E5OTE4MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusZYl55WFn1KIGvg8b8f8eZBJMvh
sER4lT7dtgCPNVEsbqS2OZq0cngFn9+rFnwrjsyRz7uPhwwZCw/1Hn6tU+sfWekC
x7ecPPaaOPK755PYqAw11Wj0TQIEaGUhrV0gFQppKAY630CSt9u8l++6QrW9r2nE
iBRAQ5PaKvCHYW/j3/9kHd9BKRf9wRysHat8uwEw/8IGqO5d5aq5+34o2OnnG2MN
tw6cM72zoqXXGnLPsR1UVjNp2Ah9Q0CZtCPXDCl5fCayyDbQ+s+TwwLsQW/oHpqd
HHEaKzPepbNPtUanO7xEdIlC+5RaXOy/YLuUxLUFs1og6NiGamMbrSDFnwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIi1YucmjJCFdP8v9xHURbepkYH9MB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvaUxWaTV5YU1rSVYwX3lfM0VkUkZ0Nm1SZ2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAfKJED
BAAfKJIDBAAfKJYDBAAfKJoDBAEfKKAwDQYJKoZIhvcNAQELBQADggEBABjQIy47
WwDCdGN0Uvp5Hozn/yeUCeGyVK5oodjB1zsuyJQyR5s3DqUbToEn5vf3aQu58xfv
29WcvXdp4s3R4A+inST7BCs8wPQrTLDHLN/r2NTCwBnVeKIXgz+4fCj8VM3GgK3I
kORY/0SHNa6MTZBkFqjQWFEVC8TVHpO/xBujMIDVl+KsJgPY2edYwN+oP7TC2UF6
wmAoFnEmbVSmWp2DtlzmmNgJfCtJIqn2mBpdhII6x356ISw2Rnt7OgJEAQtY+v51
t43qcDf39jf9R+Yn8cNfdGa5tL6DQFxQmS8F13eEU6uc9GGfys4lGvdnHe8+uUer
LQ3poem7FbZmD9c=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:57 2025 by rpki-client