Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/hQ1IHsKfL2YrDK8UfkbtEKaGARg.roa
File: hQ1IHsKfL2YrDK8UfkbtEKaGARg.roa (raw, json)
Hash identifier: R31pGD/4Mn5zT2SdQSX7m4zGO7Pa5PRoyfiP9lUJ0bE=
Subject key identifier: 85:0D:48:1E:C2:9F:2F:66:2B:0C:AF:14:7E:46:ED:10:A6:86:01:18
Certificate issuer: /CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Certificate serial: 01903A6B62FCF4019497CD067D7CE858B579
Authority key identifier: 92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/hQ1IHsKfL2YrDK8UfkbtEKaGARg.roa
Signing time: Fri 21 Jun 2024 10:50:34 +0000
ROA not before: Fri 21 Jun 2024 10:50:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48327
IP address blocks: 31.135.32.0/23 maxlen: 23
31.135.34.0/23 maxlen: 23
31.135.36.0/22 maxlen: 22
31.135.40.0/21 maxlen: 21
31.135.48.0/21 maxlen: 21
31.135.56.0/21 maxlen: 21
94.232.104.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 09 Aug 2024 06:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:6b:62:fc:f4:01:94:97:cd:06:7d:7c:e8:58:b5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9218cd25ebf74cb1b004b01ee505503fff246d61
Validity
Not Before: Jun 21 10:50:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=850d481ec29f2f662b0caf147e46ed10a6860118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:ec:f7:a4:26:2b:f9:99:44:b5:83:2d:b6:
a0:28:ff:17:48:25:fc:e1:ff:50:38:c2:f1:31:95:
24:67:cc:4f:fb:d6:e7:81:d6:52:8b:d1:f2:82:70:
4b:26:48:b4:6b:88:66:d9:5a:d8:94:41:0d:52:dd:
bc:68:93:e3:d2:04:9f:82:09:51:11:30:b2:65:ca:
9c:62:a5:fc:0c:10:32:c5:54:6b:45:7a:ba:ca:c7:
1b:0a:f6:0a:82:5d:27:fc:68:fb:a2:7b:db:3f:09:
62:13:70:20:86:b3:29:9b:d6:71:6a:dc:27:07:d1:
e7:bd:9e:7e:a8:e5:74:a9:50:4c:4d:02:f3:3f:69:
21:63:d4:e5:31:f5:1e:00:86:fc:69:4e:2d:df:7e:
67:cf:49:6c:d5:c1:79:16:14:80:ce:c3:ba:ca:6f:
09:28:13:91:a0:4f:db:94:8c:48:14:a1:f4:94:a8:
91:bb:57:f5:fb:e8:b3:93:a1:aa:d2:09:06:9a:45:
90:32:89:d9:44:a1:0a:0d:60:80:95:90:b4:a7:66:
8f:aa:39:98:f9:81:6e:0d:78:aa:e9:99:18:54:18:
d9:7c:b3:0d:13:9a:5c:60:e1:dd:42:df:fc:9b:ca:
fc:1a:83:28:8d:fc:8b:40:3c:5d:df:aa:25:ed:d5:
c6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0D:48:1E:C2:9F:2F:66:2B:0C:AF:14:7E:46:ED:10:A6:86:01:18
X509v3 Authority Key Identifier:
keyid:92:18:CD:25:EB:F7:4C:B1:B0:04:B0:1E:E5:05:50:3F:FF:24:6D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khjNJev3TLGwBLAe5QVQP_8kbWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/hQ1IHsKfL2YrDK8UfkbtEKaGARg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/46e223-6d23-4795-9525-bc877ce9061a/1/khjNJev3TLGwBLAe5QVQP_8kbWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.32.0/19
94.232.104.0/21
Signature Algorithm: sha256WithRSAEncryption
85:1b:15:88:71:15:41:5f:21:44:7b:94:cd:e6:8e:e5:9f:67:
1e:5e:36:dd:11:12:b2:59:6b:30:eb:fa:a4:04:7d:b3:45:a9:
c0:3b:3f:26:df:ee:6d:f3:ad:d5:59:5c:40:e6:e6:38:8e:6a:
98:ee:c5:88:19:c2:2d:50:86:ec:04:1b:06:34:1d:ba:82:04:
77:29:8a:a5:7f:43:f6:e5:20:09:1a:ae:4c:23:23:74:d1:e2:
e2:a1:20:df:2e:5c:ae:2a:5a:e1:cf:ce:98:1d:10:32:0d:60:
85:36:50:2b:37:5a:d4:23:d3:cd:33:8f:2c:5d:57:03:2e:d2:
0d:ac:4f:fe:7e:e5:91:ed:20:2d:3c:30:75:ef:09:c8:99:9b:
fe:86:42:c1:31:aa:ab:24:76:82:1a:6f:96:bd:68:a7:68:c3:
ef:f6:c8:36:55:59:ab:80:c0:eb:a0:4f:ca:ac:46:34:dc:2b:
26:9f:fa:44:e0:6a:63:77:0c:37:b3:3e:db:a7:e4:22:3c:19:
6e:6a:b6:34:65:63:f5:cc:bd:24:01:13:42:94:57:e3:86:6c:
93:f8:4a:ae:78:af:0d:75:56:e9:c7:27:90:7a:4f:00:4b:07:
b3:4c:d8:2f:20:1e:11:45:3f:da:22:34:c2:ec:ca:8f:30:73:
31:b8:e6:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZA6a2L89AGUl80GfXzoWLV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMThjZDI1ZWJmNzRjYjFiMDA0YjAxZWU1MDU1MDNmZmYy
NDZkNjEwHhcNMjQwNjIxMTA1MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBkNDgxZWMyOWYyZjY2MmIwY2FmMTQ3ZTQ2ZWQxMGE2ODYwMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNfs96QmK/mZRLWDLbagKP8XSCX8
4f9QOMLxMZUkZ8xP+9bngdZSi9HygnBLJki0a4hm2VrYlEENUt28aJPj0gSfgglR
ETCyZcqcYqX8DBAyxVRrRXq6yscbCvYKgl0n/Gj7onvbPwliE3AghrMpm9Zxatwn
B9HnvZ5+qOV0qVBMTQLzP2khY9TlMfUeAIb8aU4t335nz0ls1cF5FhSAzsO6ym8J
KBORoE/blIxIFKH0lKiRu1f1++izk6Gq0gkGmkWQMonZRKEKDWCAlZC0p2aPqjmY
+YFuDXiq6ZkYVBjZfLMNE5pcYOHdQt/8m8r8GoMojfyLQDxd36ol7dXG3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUNSB7Cny9mKwyvFH5G7RCmhgEYMB8GA1UdIwQY
MBaAFJIYzSXr90yxsASwHuUFUD//JG1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUt
YmM4NzdjZTkwNjFhLzEvaFExSUhzS2ZMMllyREs4VWZrYnRFS2FHQVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NmUyMjMtNmQyMy00Nzk1LTk1MjUtYmM4NzdjZTkwNjFh
LzEva2hqTkpldjNUTEd3QkxBZTVRVlFQXzhrYldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFH4cgAwQD
XuhoMA0GCSqGSIb3DQEBCwUAA4IBAQCFGxWIcRVBXyFEe5TN5o7ln2ceXjbdERKy
WWsw6/qkBH2zRanAOz8m3+5t863VWVxA5uY4jmqY7sWIGcItUIbsBBsGNB26ggR3
KYqlf0P25SAJGq5MIyN00eLioSDfLlyuKlrhz86YHRAyDWCFNlArN1rUI9PNM48s
XVcDLtINrE/+fuWR7SAtPDB17wnImZv+hkLBMaqrJHaCGm+WvWinaMPv9sg2VVmr
gMDroE/KrEY03Csmn/pE4Gpjdww3sz7bp+QiPBluarY0ZWP1zL0kARNClFfjhmyT
+EqueK8NdVbpxyeQek8ASwezTNgvIB4RRT/aIjTC7MqPMHMxuOZm
-----END CERTIFICATE-----
Generated at Fri Aug 9 07:52:03 2024 by rpki-client on console-fra.rpki-client.org