Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/eaOZVtN8CBrazALlAe7blPyaE2I.roa
File: eaOZVtN8CBrazALlAe7blPyaE2I.roa (raw, json)
Hash identifier: I8TGZnsx0/PLkl0Ko5CwpTY8cnX0dJSOgoEHRdY8i2w=
Subject key identifier: 79:A3:99:56:D3:7C:08:1A:DA:CC:02:E5:01:EE:DB:94:FC:9A:13:62
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018780FE767C49600F08BDC76768BCE07EA2
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/eaOZVtN8CBrazALlAe7blPyaE2I.roa
Signing time: Fri 14 Apr 2023 18:19:32 +0000
ROA not before: Fri 14 Apr 2023 18:19:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.192.0/18 maxlen: 19
31.202.0.0/17 maxlen: 17
46.160.88.0/21 maxlen: 21
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Apr 2023 11:14:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:fe:76:7c:49:60:0f:08:bd:c7:67:68:bc:e0:7e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Apr 14 18:19:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=79a39956d37c081adacc02e501eedb94fc9a1362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:df:6c:08:f9:1a:67:5a:00:53:d0:ff:cf:69:
73:7e:c8:13:41:16:39:00:bc:75:fc:85:9e:b3:13:
52:91:bc:7d:6b:c5:aa:c6:d3:5b:0d:37:75:95:ce:
d0:a9:f8:31:c4:33:d0:65:aa:63:d8:14:0a:2d:4d:
57:c6:35:f9:19:32:89:4e:14:bd:7f:0b:bf:e6:32:
37:c0:8b:1b:1e:56:b1:c7:f5:87:42:ee:c1:74:5f:
20:28:20:e5:45:ab:7b:05:71:ef:3b:16:32:5f:32:
ca:4c:37:10:fb:0e:f3:c4:e2:c0:ba:e0:06:29:33:
e1:07:e3:1e:d8:76:6b:b3:5f:8a:bb:c2:52:30:b5:
76:1b:12:3d:e3:74:cd:92:5d:e2:04:00:26:16:29:
eb:0f:dd:45:0c:f3:57:49:c7:40:9a:ff:e3:76:f2:
a4:d4:8a:2e:38:b5:2a:44:e7:26:15:47:95:ec:4b:
e7:65:f8:bc:9f:2c:a3:8e:18:a3:85:0d:41:47:ae:
ee:29:79:23:de:ae:d5:7e:f4:2f:54:b1:4e:64:f2:
46:49:c1:90:8e:b8:19:82:f5:a0:36:ae:96:ee:31:
11:77:2f:80:69:9a:4d:6f:0a:ef:ad:8e:60:e9:07:
f3:10:5e:3e:6d:4f:36:3d:09:68:3d:5e:0e:3e:89:
31:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A3:99:56:D3:7C:08:1A:DA:CC:02:E5:01:EE:DB:94:FC:9A:13:62
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/eaOZVtN8CBrazALlAe7blPyaE2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0/16
46.160.88.0/21
79.171.120.0/21
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
a1:04:2c:23:f3:5a:d3:3a:0f:d2:5f:e0:51:fe:db:61:88:ad:
9f:fe:76:02:81:52:76:fc:75:0d:3c:6c:69:32:d9:e7:9e:f5:
a9:c4:80:98:be:52:28:1b:55:49:ff:7c:f7:49:35:16:18:80:
06:57:9c:39:a1:54:c3:bc:ce:c8:27:22:68:15:b7:dc:ed:84:
96:f6:9c:27:81:0d:a1:62:c4:6b:da:a7:14:40:b6:a5:bb:d9:
2b:8b:a8:d0:e0:8c:96:37:9b:58:10:66:3c:09:78:e4:0c:ad:
8f:fe:9b:9e:78:29:4d:09:42:84:5c:66:3d:f7:4f:c3:85:5d:
42:1a:00:21:be:c8:9e:83:97:e0:34:6c:2a:3a:17:8c:a9:95:
15:ce:56:f7:84:93:9a:49:ca:f2:e6:27:9f:df:52:75:a5:c5:
1b:05:5d:a7:2a:b6:3f:2f:d4:8e:ea:8f:19:4c:b1:fd:c9:d2:
bc:29:d6:57:78:06:e9:d9:55:a8:e3:5e:47:ea:da:98:da:43:
af:25:a8:f1:b2:53:a6:53:45:17:cb:f5:a6:37:fa:7f:14:17:
00:d1:56:36:80:db:10:00:85:95:3d:94:37:32:11:d4:ff:d8:
7e:e5:76:b3:3c:b4:e0:a8:62:56:a5:9a:cc:1e:aa:af:37:7b:
66:84:e1:7d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYeA/nZ8SWAPCL3HZ2i84H6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMwNDE0MTgxOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWEzOTk1NmQzN2MwODFhZGFjYzAyZTUwMWVlZGI5NGZjOWExMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN9sCPkaZ1oAU9D/z2lzfsgTQRY5
ALx1/IWesxNSkbx9a8WqxtNbDTd1lc7QqfgxxDPQZapj2BQKLU1XxjX5GTKJThS9
fwu/5jI3wIsbHlaxx/WHQu7BdF8gKCDlRat7BXHvOxYyXzLKTDcQ+w7zxOLAuuAG
KTPhB+Me2HZrs1+Ku8JSMLV2GxI943TNkl3iBAAmFinrD91FDPNXScdAmv/jdvKk
1IouOLUqROcmFUeV7EvnZfi8nyyjjhijhQ1BR67uKXkj3q7VfvQvVLFOZPJGScGQ
jrgZgvWgNq6W7jERdy+AaZpNbwrvrY5g6QfzEF4+bU82PQloPV4OPokx/QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHmjmVbTfAga2swC5QHu25T8mhNiMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvZWFPWlZ0TjhDQnJhekFMbEFlN2JsUHlhRTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQEBf+gAwMA
H8oDBAMuoFgDBANPq3gDBAeypQADBAK5k2AwDQQCAAIwBwMFACoAEhAwDQYJKoZI
hvcNAQELBQADggEBAKEELCPzWtM6D9Jf4FH+22GIrZ/+dgKBUnb8dQ08bGky2eee
9anEgJi+UigbVUn/fPdJNRYYgAZXnDmhVMO8zsgnImgVt9zthJb2nCeBDaFixGva
pxRAtqW72SuLqNDgjJY3m1gQZjwJeOQMrY/+m554KU0JQoRcZj33T8OFXUIaACG+
yJ6Dl+A0bCo6F4yplRXOVveEk5pJyvLmJ5/fUnWlxRsFXacqtj8v1I7qjxlMsf3J
0rwp1ld4BunZVajjXkfq2pjaQ68lqPGyU6ZTRRfL9aY3+n8UFwDRVjaA2xAAhZU9
lDcyEdT/2H7ldrM8tOCoYlalmsweqq83e2aE4X0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:04 2024 by rpki-client on console-ams.rpki-client.org