Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/vqrI8oqj_Doc890cbx_ZXqfXDuI.roa
File: vqrI8oqj_Doc890cbx_ZXqfXDuI.roa (raw, json)
Hash identifier: 5bl8/X6TPBeF093ycfH86BFKIFUmREiCtSqbJhn7njI=
Subject key identifier: BE:AA:C8:F2:8A:A3:FC:3A:1C:F3:DD:1C:6F:1F:D9:5E:A7:D7:0E:E2
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018573220ECBBD3BDDF243167FDAE41857D7
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/vqrI8oqj_Doc890cbx_ZXqfXDuI.roa
Signing time: Mon 02 Jan 2023 15:38:09 +0000
ROA not before: Mon 02 Jan 2023 15:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204144
IP address blocks: 31.40.160.0/23 maxlen: 23
195.20.118.0/24 maxlen: 24
31.40.136.0/24 maxlen: 24
31.40.133.0/24 maxlen: 24
31.40.145.0/24 maxlen: 24
31.40.150.0/24 maxlen: 24
31.40.146.0/24 maxlen: 24
31.40.154.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:0e:cb:bd:3b:dd:f2:43:16:7f:da:e4:18:57:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=beaac8f28aa3fc3a1cf3dd1c6f1fd95ea7d70ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fa:27:7e:df:0c:28:6b:3c:2e:c8:a5:e0:27:
3d:9f:56:e8:d4:08:05:26:21:7a:4b:5c:5d:f0:af:
45:62:80:30:c9:02:e2:06:31:b4:ab:0e:00:4f:cc:
a9:b1:28:e6:14:65:a0:f8:6a:14:74:4e:87:eb:c6:
c2:56:3a:08:4f:1f:b1:6a:e4:ef:a1:36:7c:ad:da:
88:f4:38:c5:f1:a2:f6:5d:b9:65:13:28:00:05:3f:
0a:6a:d1:c3:1a:92:44:6d:10:0a:14:75:11:de:d4:
6d:8e:e5:4d:e8:19:99:fa:91:0a:8f:99:c6:0a:1d:
54:77:8f:0c:11:de:10:1e:8e:cf:05:24:4e:30:e1:
cd:0f:57:34:63:53:fe:7c:da:e9:a0:65:56:b4:d7:
ef:d2:74:62:0d:f5:53:9d:63:f0:69:ec:ee:7c:56:
f9:1d:69:79:d5:c2:59:46:c9:ca:56:06:9e:ed:10:
7d:15:74:2a:8b:d3:4d:db:f0:9e:08:04:8c:ae:98:
96:8b:c4:87:32:9f:a7:7a:65:e0:fe:2c:07:f6:99:
33:d7:8f:61:f0:54:df:36:c1:2a:ef:ff:89:4e:21:
95:fc:fa:59:c3:cc:a0:2c:c5:82:26:19:81:fe:0d:
89:b3:b1:7d:8c:87:18:eb:1f:17:30:9d:d6:df:1d:
33:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:AA:C8:F2:8A:A3:FC:3A:1C:F3:DD:1C:6F:1F:D9:5E:A7:D7:0E:E2
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/vqrI8oqj_Doc890cbx_ZXqfXDuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.133.0/24
31.40.136.0/24
31.40.145.0-31.40.146.255
31.40.150.0/24
31.40.154.0/24
31.40.160.0/23
195.20.118.0/24
Signature Algorithm: sha256WithRSAEncryption
23:99:2d:9a:e3:cc:75:62:d4:4b:41:9d:9f:49:ff:83:c5:41:
2c:91:50:40:bc:84:4f:d1:29:2e:4e:96:83:f7:47:48:e0:fd:
7e:e4:cd:06:ad:81:fd:69:07:4c:22:94:a2:50:37:29:85:24:
d6:f2:65:e9:7b:fe:88:4e:bc:f4:b0:83:9e:74:cf:26:b7:85:
10:bf:33:99:9d:3a:ef:41:b1:91:bb:0e:25:68:ce:ad:34:aa:
b2:fb:3a:55:6f:77:b5:e7:c4:ff:e6:83:b1:18:f0:af:9c:30:
c3:0f:39:af:f2:ef:5b:36:5c:ef:eb:33:a5:5c:ee:c1:60:c5:
a7:1f:93:8d:36:15:31:d7:5e:7f:fd:4a:18:65:42:d1:13:e3:
1b:54:65:8b:f9:15:16:bf:6a:37:ef:10:bd:7f:77:5d:1c:c5:
9a:fc:d7:a6:25:2d:e1:44:72:e5:e5:ba:96:8b:ff:a5:fa:a2:
da:d5:72:1c:0c:1c:43:da:54:1f:5a:02:87:d6:49:c2:bb:20:
4a:21:ab:49:ba:6d:d2:fd:86:da:32:34:97:10:6d:fa:64:8d:
b3:70:c0:86:03:97:c3:54:fa:3d:a2:47:35:3b:5e:f3:bb:12:
7c:d0:c2:3e:61:44:d1:e4:70:ae:71:1b:37:d3:e6:64:1e:10:
d9:9b:cf:53
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVzIg7LvTvd8kMWf9rkGFfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWFhYzhmMjhhYTNmYzNhMWNmM2RkMWM2ZjFmZDk1ZWE3ZDcwZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfonft8MKGs8Lsil4Cc9n1bo1AgF
JiF6S1xd8K9FYoAwyQLiBjG0qw4AT8ypsSjmFGWg+GoUdE6H68bCVjoITx+xauTv
oTZ8rdqI9DjF8aL2XbllEygABT8KatHDGpJEbRAKFHUR3tRtjuVN6BmZ+pEKj5nG
Ch1Ud48MEd4QHo7PBSROMOHND1c0Y1P+fNrpoGVWtNfv0nRiDfVTnWPwaezufFb5
HWl51cJZRsnKVgae7RB9FXQqi9NN2/CeCASMrpiWi8SHMp+nemXg/iwH9pkz149h
8FTfNsEq7/+JTiGV/PpZw8ygLMWCJhmB/g2Js7F9jIcY6x8XMJ3W3x0zcwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFL6qyPKKo/w6HPPdHG8f2V6n1w7iMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvdnFySThvcWpfRG9jODkwY2J4X1pYcWZYRHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHyiFAwQA
HyiIMAwDBAAfKJEDBAAfKJIDBAAfKJYDBAAfKJoDBAEfKKADBADDFHYwDQYJKoZI
hvcNAQELBQADggEBACOZLZrjzHVi1EtBnZ9J/4PFQSyRUEC8hE/RKS5OloP3R0jg
/X7kzQatgf1pB0wilKJQNymFJNbyZel7/ohOvPSwg550zya3hRC/M5mdOu9BsZG7
DiVozq00qrL7OlVvd7XnxP/mg7EY8K+cMMMPOa/y71s2XO/rM6Vc7sFgxacfk402
FTHXXn/9ShhlQtET4xtUZYv5FRa/ajfvEL1/d10cxZr816YlLeFEcuXlupaL/6X6
otrVchwMHEPaVB9aAofWScK7IEohq0m6bdL9htoyNJcQbfpkjbNwwIYDl8NU+j2i
RzU7XvO7EnzQwj5hRNHkcK5xGzfT5mQeENmbz1M=
-----END CERTIFICATE-----
Generated at Fri Nov 17 19:38:55 2023 by rpki-client on console-ams.rpki-client.org