Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/aGEr5e5cQQsVYM-A8-nED7QIfUw.roa
File: aGEr5e5cQQsVYM-A8-nED7QIfUw.roa (raw, json)
Hash identifier: i8a1HoDixstv4FEo68WnxLuAAJYyVfi6XRTRrVOR5TE=
Subject key identifier: 68:61:2B:E5:EE:5C:41:0B:15:60:CF:80:F3:E9:C4:0F:B4:08:7D:4C
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 018EF1B74E0D54A470FEAFF1D54F61A2EBB4
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/aGEr5e5cQQsVYM-A8-nED7QIfUw.roa
Signing time: Thu 18 Apr 2024 14:58:25 +0000
ROA not before: Thu 18 Apr 2024 14:58:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210541
IP address blocks: 31.42.112.0/21 maxlen: 23
31.42.116.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 19 Apr 2024 14:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f1:b7:4e:0d:54:a4:70:fe:af:f1:d5:4f:61:a2:eb:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Apr 18 14:58:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68612be5ee5c410b1560cf80f3e9c40fb4087d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:d5:e7:10:77:a2:fa:66:54:39:7d:b8:0a:
9a:4d:56:eb:a3:cc:e1:57:12:f9:a7:8e:75:0f:7b:
12:22:01:69:06:5d:40:6b:63:df:18:6c:fd:7a:15:
05:f0:73:a4:e7:6c:b5:fb:c0:bb:e2:33:e6:7b:d6:
e7:09:60:1b:ed:86:67:c3:8f:b2:98:be:00:7c:91:
bc:75:c3:90:46:75:ee:5e:04:7d:ef:db:40:8d:06:
95:00:d7:2f:06:8f:5a:11:6f:ad:15:b6:6e:c0:52:
3c:f3:e6:71:5c:28:61:67:66:27:28:0a:f3:83:1d:
47:2f:3f:fc:df:45:67:b4:c8:6c:c0:3b:d0:4c:61:
c5:b1:7a:5e:51:b0:46:b6:63:8c:1d:c2:09:88:58:
9b:ac:5e:0f:16:1e:f8:55:a9:47:9c:34:a5:8b:23:
95:7c:be:94:44:2c:8e:61:f4:3e:46:79:ba:f8:24:
7e:a3:99:9b:c5:e1:66:73:a5:a4:43:a3:d6:c8:e2:
14:9b:10:dd:d6:5b:f5:9d:7f:a7:12:52:8d:cf:d3:
2b:51:2c:19:47:a2:b4:8a:39:94:40:d8:55:7b:5a:
32:5d:98:10:a5:f9:6e:bd:4c:8a:2a:ea:d9:46:9c:
aa:cc:3e:cb:5b:bc:6d:36:be:36:5a:63:43:20:47:
8b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:61:2B:E5:EE:5C:41:0B:15:60:CF:80:F3:E9:C4:0F:B4:08:7D:4C
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/aGEr5e5cQQsVYM-A8-nED7QIfUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.112.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:ca:e6:5c:d4:7f:b7:9c:ca:a2:83:7d:b8:08:48:f0:7c:2a:
5e:2b:14:79:3e:81:28:e8:ab:16:47:c5:69:8c:61:c7:63:b1:
54:d3:82:8f:43:3f:7b:a6:bf:73:37:24:c4:aa:41:6e:b1:86:
5c:9a:a5:5d:79:be:ea:71:0d:e0:b5:18:e9:5f:93:9a:44:7c:
55:22:fa:e5:d9:b3:a7:3e:e1:32:db:3d:df:c5:c2:79:67:02:
6f:40:d3:3e:69:d8:fe:9c:00:d9:1a:eb:69:71:0c:7e:e6:d8:
d3:18:92:e0:54:ea:db:26:62:17:e0:c8:56:83:96:21:57:0d:
d3:55:35:fa:25:e5:a0:0e:25:f2:f8:3b:6b:1f:ea:e1:0f:cf:
47:e9:70:5b:bd:71:1e:61:bf:73:b8:ba:bc:a6:e8:df:5f:a2:
c9:e9:aa:60:df:3c:49:24:26:50:80:a3:d6:f5:36:39:0a:65:
95:ef:c6:29:19:7f:b5:6c:4d:bf:77:11:89:82:1e:71:e5:fe:
3e:4d:39:1a:9a:ea:7d:a4:fd:1b:67:d5:e2:34:32:5e:03:8e:
b1:40:78:14:d3:fb:6a:cb:59:89:cb:28:de:2e:aa:c4:29:81:
3c:3a:77:e9:af:2c:54:58:ae:0d:65:82:0d:94:03:7c:b2:c6:
6f:16:58:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7xt04NVKRw/q/x1U9houu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjQwNDE4MTQ1ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODYxMmJlNWVlNWM0MTBiMTU2MGNmODBmM2U5YzQwZmI0MDg3ZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFvV5xB3ovpmVDl9uAqaTVbro8zh
VxL5p451D3sSIgFpBl1Aa2PfGGz9ehUF8HOk52y1+8C74jPme9bnCWAb7YZnw4+y
mL4AfJG8dcOQRnXuXgR979tAjQaVANcvBo9aEW+tFbZuwFI88+ZxXChhZ2YnKArz
gx1HLz/830VntMhswDvQTGHFsXpeUbBGtmOMHcIJiFibrF4PFh74ValHnDSliyOV
fL6URCyOYfQ+Rnm6+CR+o5mbxeFmc6WkQ6PWyOIUmxDd1lv1nX+nElKNz9MrUSwZ
R6K0ijmUQNhVe1oyXZgQpfluvUyKKurZRpyqzD7LW7xtNr42WmNDIEeLfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhhK+XuXEELFWDPgPPpxA+0CH1MMB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEvYUdFcjVlNWNRUXNWWU0tQTgtbkVEN1FJZlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHypwMA0G
CSqGSIb3DQEBCwUAA4IBAQBMyuZc1H+3nMqig324CEjwfCpeKxR5PoEo6KsWR8Vp
jGHHY7FU04KPQz97pr9zNyTEqkFusYZcmqVdeb7qcQ3gtRjpX5OaRHxVIvrl2bOn
PuEy2z3fxcJ5ZwJvQNM+adj+nADZGutpcQx+5tjTGJLgVOrbJmIX4MhWg5YhVw3T
VTX6JeWgDiXy+DtrH+rhD89H6XBbvXEeYb9zuLq8pujfX6LJ6apg3zxJJCZQgKPW
9TY5CmWV78YpGX+1bE2/dxGJgh5x5f4+TTkamup9pP0bZ9XiNDJeA46xQHgU0/tq
y1mJyyjeLqrEKYE8OnfpryxUWK4NZYINlAN8ssZvFlhH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:22 2024 by rpki-client on console-fra.rpki-client.org