Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/pNyk1YYsoJ68UDstg0kLS33AqWo.roa
File: pNyk1YYsoJ68UDstg0kLS33AqWo.roa (raw, json)
Hash identifier: bi/n+EbPlp410gmt4FckWh4hwS+WYHm1Gspf5XRZH58=
Subject key identifier: A4:DC:A4:D5:86:2C:A0:9E:BC:50:3B:2D:83:49:0B:4B:7D:C0:A9:6A
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 019121BD136575B5917D90DC9F577322F7CD
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/pNyk1YYsoJ68UDstg0kLS33AqWo.roa
Signing time: Mon 05 Aug 2024 08:52:04 +0000
ROA not before: Mon 05 Aug 2024 08:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 16:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:bd:13:65:75:b5:91:7d:90:dc:9f:57:73:22:f7:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Aug 5 08:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4dca4d5862ca09ebc503b2d83490b4b7dc0a96a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2f:9a:4e:5c:08:0d:50:f7:e4:d6:73:7f:b4:
e9:9b:62:ea:92:6c:86:df:20:ef:d1:b9:51:a5:26:
45:0a:fa:f5:fe:2f:10:55:37:24:66:d8:4d:17:ae:
76:c0:31:45:3b:74:5f:0a:55:55:81:f5:cb:fb:59:
a5:47:cc:f6:5e:5e:9e:bf:a4:d9:fc:2e:bf:93:0e:
72:c8:2e:7c:dd:05:f2:c2:02:1f:e0:c7:90:45:82:
19:d0:f4:a3:48:66:5c:87:20:26:2d:ef:66:0b:8c:
3f:78:97:2c:08:cc:f4:44:d9:84:ba:a0:04:98:90:
51:e0:62:a0:88:c2:a1:ff:5d:e9:5b:ac:7a:0a:a2:
8c:6b:cc:87:d0:ba:d4:7b:87:4f:5f:c7:51:1f:c0:
8a:ab:0b:cf:98:99:c6:1a:e4:ba:11:86:01:8f:c8:
8a:04:57:3c:e6:1c:98:2d:f4:16:ee:3b:c9:e6:84:
87:19:09:f3:0d:e1:91:7b:8e:37:bb:9d:c0:33:42:
e6:c1:2e:72:be:77:80:8f:6f:93:d4:a6:78:57:61:
ec:ef:95:9b:f7:61:a4:9e:ac:93:b4:39:96:6b:b0:
e6:06:23:81:d0:51:40:1a:93:e1:a9:ca:7e:d3:6a:
a8:e8:82:cd:70:73:ef:bb:14:21:ff:c2:5d:7e:ef:
7e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DC:A4:D5:86:2C:A0:9E:BC:50:3B:2D:83:49:0B:4B:7D:C0:A9:6A
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/pNyk1YYsoJ68UDstg0kLS33AqWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0/24
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
65:c3:df:31:d1:f1:c5:2b:54:30:73:74:ce:a1:c9:0f:8b:3a:
ad:82:22:dc:04:0c:5c:32:d8:a0:7f:32:4d:80:3d:0c:0a:0b:
03:b1:27:e3:7a:81:d9:6d:ec:50:84:3f:69:73:e8:b0:e2:1f:
fc:c1:92:97:c5:69:59:a1:41:b9:76:85:07:f3:7d:ae:68:2f:
11:95:19:21:a4:de:74:d2:d0:f4:4f:4b:ba:8b:bb:b8:58:25:
e3:cc:a4:26:6e:69:10:eb:7e:fc:7b:76:94:4a:2c:25:39:bf:
93:b8:0b:63:10:23:f8:57:23:84:61:e5:83:22:ec:af:76:95:
79:70:5e:36:7b:76:c6:02:b3:b2:e5:2b:5f:a3:8c:6e:6c:17:
41:dc:d3:0f:5d:ea:be:6e:1b:16:c8:7a:b9:1e:e0:08:bf:aa:
a4:60:58:be:6d:64:e0:95:fb:1f:e8:98:62:42:63:49:93:b1:
c0:26:ab:66:fc:fb:32:34:0a:97:f2:4a:15:8d:fe:5a:60:3e:
29:c1:fb:34:78:77:39:02:03:68:e4:a1:b9:60:34:e8:6d:24:
a0:91:fe:84:af:79:49:06:a3:95:16:4a:e2:2c:ee:21:08:d1:
13:07:ff:5b:fa:be:51:5b:fd:d6:d5:81:59:37:7c:fa:60:23:
4d:33:fd:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEhvRNldbWRfZDcn1dzIvfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjQwODA1MDg1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRjYTRkNTg2MmNhMDllYmM1MDNiMmQ4MzQ5MGI0YjdkYzBhOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC+aTlwIDVD35NZzf7Tpm2LqkmyG
3yDv0blRpSZFCvr1/i8QVTckZthNF652wDFFO3RfClVVgfXL+1mlR8z2Xl6ev6TZ
/C6/kw5yyC583QXywgIf4MeQRYIZ0PSjSGZchyAmLe9mC4w/eJcsCMz0RNmEuqAE
mJBR4GKgiMKh/13pW6x6CqKMa8yH0LrUe4dPX8dRH8CKqwvPmJnGGuS6EYYBj8iK
BFc85hyYLfQW7jvJ5oSHGQnzDeGRe443u53AM0LmwS5yvneAj2+T1KZ4V2Hs75Wb
92GknqyTtDmWa7DmBiOB0FFAGpPhqcp+02qo6ILNcHPvuxQh/8Jdfu9+swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKTcpNWGLKCevFA7LYNJC0t9wKlqMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvcE55azFZWXNvSjY4VURzdGcwa0xTMzNBcVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw4lAwQB
uZs2MA0GCSqGSIb3DQEBCwUAA4IBAQBlw98x0fHFK1Qwc3TOockPizqtgiLcBAxc
MtigfzJNgD0MCgsDsSfjeoHZbexQhD9pc+iw4h/8wZKXxWlZoUG5doUH832uaC8R
lRkhpN500tD0T0u6i7u4WCXjzKQmbmkQ6378e3aUSiwlOb+TuAtjECP4VyOEYeWD
IuyvdpV5cF42e3bGArOy5Stfo4xubBdB3NMPXeq+bhsWyHq5HuAIv6qkYFi+bWTg
lfsf6JhiQmNJk7HAJqtm/PsyNAqX8koVjf5aYD4pwfs0eHc5AgNo5KG5YDTobSSg
kf6Er3lJBqOVFkriLO4hCNETB/9b+r5RW/3W1YFZN3z6YCNNM/0Q
-----END CERTIFICATE-----
Generated at Mon Sep 9 18:03:30 2024 by rpki-client on console-fra.rpki-client.org