Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/w5W2Zy5mLgVcUwqJ2fJyOihwurU.roa
File: w5W2Zy5mLgVcUwqJ2fJyOihwurU.roa (raw, json)
Hash identifier: sJOYHUCkK2hvsfe5/hCLrfjM1UrIz46daLRGLobSU5U=
Subject key identifier: C3:95:B6:67:2E:66:2E:05:5C:53:0A:89:D9:F2:72:3A:28:70:BA:B5
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 0191D7B1083AC6BC77C1D14B1902FFF57778
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/w5W2Zy5mLgVcUwqJ2fJyOihwurU.roa
Signing time: Mon 09 Sep 2024 16:49:49 +0000
ROA not before: Mon 09 Sep 2024 16:49:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
31.14.38.0/23 maxlen: 23
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d7:b1:08:3a:c6:bc:77:c1:d1:4b:19:02:ff:f5:77:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Sep 9 16:49:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c395b6672e662e055c530a89d9f2723a2870bab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d6:aa:cb:96:3d:aa:20:e2:69:e5:2d:64:ff:
c6:dc:32:45:ef:5b:f5:87:7b:83:55:dc:16:48:4a:
67:9c:19:eb:08:95:09:08:bd:8c:00:8d:ca:3e:d9:
54:26:ae:3e:79:32:b0:94:57:e7:a2:20:06:96:9d:
97:bb:80:0a:fc:f9:2b:1b:d0:43:ef:c3:d9:d7:48:
db:fe:18:43:d0:95:52:65:02:37:7b:2f:c3:46:26:
f7:69:63:60:6b:20:bc:fa:a9:ff:19:ad:1e:38:ff:
ad:66:55:74:66:03:dd:03:d6:d7:dd:c9:e0:30:85:
ec:0e:49:60:ee:62:36:a1:f0:f6:de:a8:06:9d:e6:
d4:d1:76:be:21:02:d0:7a:20:6b:ce:b3:d0:e6:75:
0f:cf:96:93:32:1e:45:59:6d:6e:79:10:10:2f:dc:
70:8f:09:fb:2d:61:d9:b0:6d:18:8f:78:e0:54:2c:
5e:04:7b:ea:a6:b6:6b:a5:59:6b:27:31:ad:ae:4f:
d5:7a:fb:49:8a:5d:8d:b7:dc:45:65:e5:33:9d:76:
78:18:52:65:d8:83:7c:a1:e1:74:2c:7a:d4:05:21:
23:3f:d6:d3:05:32:b0:23:58:c1:28:c9:b6:97:90:
35:c4:ba:67:04:5c:da:9d:67:39:fd:5b:a0:39:8c:
d5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:95:B6:67:2E:66:2E:05:5C:53:0A:89:D9:F2:72:3A:28:70:BA:B5
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/w5W2Zy5mLgVcUwqJ2fJyOihwurU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0-31.14.39.255
185.155.54.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:5f:14:50:71:24:47:f3:56:2e:d3:af:87:db:ff:bf:df:e8:
d6:d9:b8:0e:d7:b0:a6:c1:c9:e6:37:75:7f:7b:fa:a8:73:15:
63:52:19:b1:6e:8e:b0:92:72:c0:92:06:cf:9f:6b:c9:f7:43:
09:24:f8:b4:2d:79:72:1a:46:f7:f3:76:24:9a:1f:61:14:ef:
f7:f2:22:94:5c:5f:37:69:b4:ee:07:10:5c:42:47:26:72:6a:
b3:28:16:d2:32:42:43:9e:9d:37:5a:21:82:fd:41:7d:fa:84:
e9:a2:09:08:89:e3:36:ae:c7:c2:68:fe:f9:7b:5f:35:72:e6:
9d:49:ce:aa:b3:ae:8d:96:37:4c:28:62:32:c7:79:ea:54:d9:
57:23:3c:e4:ad:5e:c7:48:6a:04:dd:ad:e1:1a:ca:e2:37:4b:
c0:d8:23:17:25:cf:0a:a5:2a:bf:b4:a5:6b:2e:10:7f:9a:4a:
b2:17:30:17:4d:64:71:e8:bc:eb:5d:89:55:5d:cc:3a:e2:83:
d0:5c:c7:72:76:7f:03:5d:a2:37:24:72:ec:16:39:ae:40:f5:
d8:83:3d:6b:03:99:2f:c5:f5:f2:00:c6:13:92:06:81:9f:d3:
a3:25:25:e5:11:3e:09:2b:5d:32:21:7f:c1:5d:1f:0d:6b:79:
76:6d:a1:cf
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHXsQg6xrx3wdFLGQL/9Xd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjQwOTA5MTY0OTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk1YjY2NzJlNjYyZTA1NWM1MzBhODlkOWYyNzIzYTI4NzBiYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtaqy5Y9qiDiaeUtZP/G3DJF71v1
h3uDVdwWSEpnnBnrCJUJCL2MAI3KPtlUJq4+eTKwlFfnoiAGlp2Xu4AK/PkrG9BD
78PZ10jb/hhD0JVSZQI3ey/DRib3aWNgayC8+qn/Ga0eOP+tZlV0ZgPdA9bX3cng
MIXsDklg7mI2ofD23qgGnebU0Xa+IQLQeiBrzrPQ5nUPz5aTMh5FWW1ueRAQL9xw
jwn7LWHZsG0Yj3jgVCxeBHvqprZrpVlrJzGtrk/VevtJil2Nt9xFZeUznXZ4GFJl
2IN8oeF0LHrUBSEjP9bTBTKwI1jBKMm2l5A1xLpnBFzanWc5/VugOYzViwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMOVtmcuZi4FXFMKidnycjoocLq1MB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvdzVXMlp5NW1MZ1ZjVXdxSjJmSnlPaWh3dXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfDiUD
BAMfDiADBAG5mzYwDQYJKoZIhvcNAQELBQADggEBAJ5fFFBxJEfzVi7Tr4fb/7/f
6NbZuA7XsKbByeY3dX97+qhzFWNSGbFujrCScsCSBs+fa8n3Qwkk+LQteXIaRvfz
diSaH2EU7/fyIpRcXzdptO4HEFxCRyZyarMoFtIyQkOenTdaIYL9QX36hOmiCQiJ
4zaux8Jo/vl7XzVy5p1Jzqqzro2WN0woYjLHeepU2VcjPOStXsdIagTdreEayuI3
S8DYIxclzwqlKr+0pWsuEH+aSrIXMBdNZHHovOtdiVVdzDrig9Bcx3J2fwNdojck
cuwWOa5A9diDPWsDmS/F9fIAxhOSBoGf06MlJeURPgkrXTIhf8FdHw1reXZtoc8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:19 2025 by rpki-client