Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/pR6WTWyKuIWMX5JwE2BcCykN9pk.roa
File: pR6WTWyKuIWMX5JwE2BcCykN9pk.roa (raw, json)
Hash identifier: Du3TMdol0FzrSaAa7smjCqYCZ8EgKv6MM8sg3NLZRSQ=
Subject key identifier: A5:1E:96:4D:6C:8A:B8:85:8C:5F:92:70:13:60:5C:0B:29:0D:F6:99
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018DF4C0BD0A895D19C2631D109F2B60DE0C
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/pR6WTWyKuIWMX5JwE2BcCykN9pk.roa
Signing time: Thu 29 Feb 2024 12:04:48 +0000
ROA not before: Thu 29 Feb 2024 12:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216033
IP address blocks: 31.40.133.0/24 maxlen: 24
31.40.136.0/24 maxlen: 24
31.40.145.0/24 maxlen: 24
31.40.146.0/24 maxlen: 24
31.40.150.0/24 maxlen: 24
31.40.154.0/24 maxlen: 24
31.40.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 29 Feb 2024 18:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:c0:bd:0a:89:5d:19:c2:63:1d:10:9f:2b:60:de:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Feb 29 12:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a51e964d6c8ab8858c5f927013605c0b290df699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ce:46:0e:9e:c0:ce:12:ec:a3:2a:be:88:80:
98:7d:a0:b3:e4:8f:07:30:81:e9:1a:17:0d:c8:c2:
ad:cf:9d:4d:a9:49:af:56:de:e8:9d:b7:8a:a4:a9:
0b:25:97:52:6c:c3:95:fd:52:8f:04:82:ca:b8:cd:
46:22:81:6b:17:1a:aa:0b:1e:49:53:22:7c:9c:9c:
a0:83:9e:58:17:30:fe:33:93:91:14:c3:bc:42:f3:
33:08:1c:30:e1:66:de:df:71:af:39:ca:50:f3:4b:
a9:de:e4:08:69:d8:2d:d8:1d:e9:22:b1:ef:63:b4:
8c:fb:c7:4f:7d:63:53:4b:80:9b:b2:1b:9b:3b:c5:
7c:c4:4f:1e:08:30:29:2a:e5:d0:8c:64:0c:ad:33:
d6:bd:38:d9:2b:68:84:ad:a6:b2:dd:14:f3:0a:43:
f4:ec:a0:82:33:a0:d2:16:5f:e8:b8:c8:3e:36:13:
5d:70:a6:67:ba:83:b6:55:53:20:87:cc:0f:5b:cb:
c8:95:f2:a1:8a:d0:53:0c:1b:2c:61:d8:0a:d0:48:
e4:a5:e5:28:d9:e0:35:46:a1:ed:bc:e6:07:7d:4f:
f3:d4:64:08:be:da:cd:97:79:ed:44:e7:1f:06:48:
a4:da:5d:76:cd:99:d2:08:68:5e:cf:32:6a:b7:15:
7e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1E:96:4D:6C:8A:B8:85:8C:5F:92:70:13:60:5C:0B:29:0D:F6:99
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/pR6WTWyKuIWMX5JwE2BcCykN9pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.133.0/24
31.40.136.0/24
31.40.145.0-31.40.146.255
31.40.150.0/24
31.40.154.0/24
31.40.160.0/23
Signature Algorithm: sha256WithRSAEncryption
81:09:a5:17:1d:d9:63:47:ad:e7:b2:b1:41:32:68:64:69:e1:
cc:8d:87:62:c5:c1:03:c9:09:a9:b9:cd:b7:9a:70:e7:e9:5f:
50:97:5f:29:95:71:45:5b:62:c0:3c:0e:ca:ce:00:68:fa:02:
ba:31:00:d7:0a:e9:74:2c:4e:38:6d:4e:2b:40:5a:c1:fb:05:
17:84:c3:b4:8e:93:90:b7:e0:c4:5a:68:2e:39:c9:36:dd:ef:
16:67:ca:a7:60:38:b8:c4:91:ff:a5:8d:ed:e7:90:7f:05:19:
0f:92:c4:b2:a9:54:65:d2:02:9e:23:3e:2a:a4:6e:d1:4c:90:
a1:3e:9e:d3:ef:9b:10:77:f8:a9:93:0d:e2:ca:a5:8a:10:4b:
56:fb:56:e5:63:e7:b3:ae:9f:27:2e:c8:7c:b0:d0:85:4e:43:
fd:bc:6d:a5:ee:4a:a5:55:6c:bc:8c:9d:b1:74:b0:d6:47:2a:
d8:14:42:b4:7c:e7:be:10:39:ea:1d:a5:ee:11:16:6c:75:fe:
e2:f4:28:de:70:b9:ce:cf:d0:62:01:8d:ea:f5:57:eb:4d:1b:
45:f8:97:97:01:bc:f7:2b:1e:9c:9b:e2:1c:78:06:bd:9d:00:
03:56:4a:81:fe:af:0c:b1:37:d0:d1:b9:0a:72:27:63:98:a2:
92:53:a6:4c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY30wL0KiV0ZwmMdEJ8rYN4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjQwMjI5MTIwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFlOTY0ZDZjOGFiODg1OGM1ZjkyNzAxMzYwNWMwYjI5MGRmNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt85GDp7AzhLsoyq+iICYfaCz5I8H
MIHpGhcNyMKtz51NqUmvVt7onbeKpKkLJZdSbMOV/VKPBILKuM1GIoFrFxqqCx5J
UyJ8nJygg55YFzD+M5ORFMO8QvMzCBww4Wbe33GvOcpQ80up3uQIadgt2B3pIrHv
Y7SM+8dPfWNTS4CbshubO8V8xE8eCDApKuXQjGQMrTPWvTjZK2iEraay3RTzCkP0
7KCCM6DSFl/ouMg+NhNdcKZnuoO2VVMgh8wPW8vIlfKhitBTDBssYdgK0EjkpeUo
2eA1RqHtvOYHfU/z1GQIvtrNl3ntROcfBkik2l12zZnSCGhezzJqtxV+dQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKUelk1siriFjF+ScBNgXAspDfaZMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvcFI2V1RXeUt1SVdNWDVKd0UyQmNDeWtOOXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAHyiFAwQA
HyiIMAwDBAAfKJEDBAAfKJIDBAAfKJYDBAAfKJoDBAEfKKAwDQYJKoZIhvcNAQEL
BQADggEBAIEJpRcd2WNHreeysUEyaGRp4cyNh2LFwQPJCam5zbeacOfpX1CXXymV
cUVbYsA8DsrOAGj6AroxANcK6XQsTjhtTitAWsH7BReEw7SOk5C34MRaaC45yTbd
7xZnyqdgOLjEkf+lje3nkH8FGQ+SxLKpVGXSAp4jPiqkbtFMkKE+ntPvmxB3+KmT
DeLKpYoQS1b7VuVj57OunycuyHyw0IVOQ/28baXuSqVVbLyMnbF0sNZHKtgUQrR8
574QOeodpe4RFmx1/uL0KN5wuc7P0GIBjer1V+tNG0X4l5cBvPcrHpyb4hx4Br2d
AANWSoH+rwyxN9DRuQpyJ2OYopJTpkw=
-----END CERTIFICATE-----
Generated at Thu Feb 29 21:44:01 2024 by rpki-client on console-ams.rpki-client.org