Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9bjkCgjtfn_JMB_S9qJfu_xF5Yw.roa
File: 9bjkCgjtfn_JMB_S9qJfu_xF5Yw.roa (raw, json)
Hash identifier: SRbI2kLEJLC/VyfVgqt2ibOQTYZAWS92TseWpJFq4e4=
Subject key identifier: F5:B8:E4:0A:08:ED:7E:7F:C9:30:1F:D2:F6:A2:5F:BB:FC:45:E5:8C
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 018CC348D87DEA7B5F5762851C87D2E7459A
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9bjkCgjtfn_JMB_S9qJfu_xF5Yw.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.36.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.32.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Aug 2024 09:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d8:7d:ea:7b:5f:57:62:85:1c:87:d2:e7:45:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b8e40a08ed7e7fc9301fd2f6a25fbbfc45e58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f3:8f:48:ac:7f:81:9a:93:a2:56:3d:50:c3:
9d:1b:cb:97:6c:b2:01:2a:83:7e:d4:2e:f5:41:6f:
50:48:f9:4f:86:88:c4:62:d3:3a:b8:cb:d5:70:fa:
eb:6f:67:b3:b3:dc:48:32:f5:c6:e6:bc:f1:e5:d0:
93:22:b8:4c:1b:3c:b8:af:e6:a5:21:a3:fd:a4:83:
48:b9:7c:6b:3f:f1:da:74:1f:59:c1:56:64:ef:91:
0d:06:53:3a:23:fd:a8:45:ee:f6:85:4d:2e:68:8a:
40:e0:03:4d:5d:5f:3d:de:46:f3:48:3b:85:d2:03:
6e:77:cf:50:13:a9:52:fb:c8:15:7c:63:77:08:30:
16:36:5a:0e:76:ff:60:9f:97:d1:34:96:c6:20:94:
e3:ca:68:23:f2:50:5d:9d:83:a7:54:23:c1:99:95:
49:b8:54:a2:12:aa:80:2c:5e:6d:db:7d:34:65:96:
d0:d4:53:b0:ea:ec:51:78:f8:06:62:a8:6b:89:0e:
bb:da:93:dd:71:9d:1c:16:84:cd:06:1b:57:04:7c:
e4:d2:ee:0f:a7:a1:0c:c4:a4:87:c5:f4:41:bc:02:
01:35:1c:de:d9:db:68:3e:1a:31:b8:57:bd:43:3f:
2f:56:a0:44:1b:8d:3c:7b:75:59:97:b7:69:42:fe:
7c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B8:E4:0A:08:ED:7E:7F:C9:30:1F:D2:F6:A2:5F:BB:FC:45:E5:8C
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/9bjkCgjtfn_JMB_S9qJfu_xF5Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
6c:1b:af:77:08:52:7e:88:34:d8:b4:a5:82:5f:08:9b:92:79:
e2:84:1c:63:2a:90:c5:86:49:dd:a6:73:16:73:eb:21:b5:9d:
48:41:0b:be:08:7e:e1:74:3a:47:58:c3:aa:09:33:6f:af:6c:
bf:5e:d5:59:39:59:13:30:a1:e6:99:ee:d2:7b:b0:1b:dd:ea:
70:bc:7c:a8:06:0c:38:e1:3a:55:97:0e:b8:62:be:12:a1:d3:
ec:12:28:83:78:1f:d9:20:59:b2:ba:71:e7:10:f6:91:2f:64:
33:f7:ec:0a:f2:aa:5f:ec:c9:51:85:18:0c:80:16:57:0c:c2:
5f:5d:df:d7:6c:f3:24:2b:da:19:56:15:1c:45:f0:40:83:7b:
29:fe:95:a3:e2:83:50:ba:1c:18:9d:be:4d:bc:76:ce:f8:d6:
da:88:69:4a:49:75:c2:02:c7:09:8d:cd:57:6e:4a:68:16:e8:
e8:ea:61:94:90:39:2b:8d:23:68:c9:f4:97:19:e9:8d:6f:46:
cf:9b:45:e7:66:bb:a6:f4:61:c3:c8:5e:18:c8:04:66:b9:54:
2c:93:07:f2:5b:de:a0:3b:d2:c4:d2:d3:66:da:97:4b:e2:2c:
5e:58:45:d9:46:d5:03:25:05:9d:3e:ed:b2:30:d1:dd:db:db:
79:15:fb:86
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSNh96ntfV2KFHIfS50WaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWI4ZTQwYTA4ZWQ3ZTdmYzkzMDFmZDJmNmEyNWZiYmZjNDVlNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPOPSKx/gZqTolY9UMOdG8uXbLIB
KoN+1C71QW9QSPlPhojEYtM6uMvVcPrrb2ezs9xIMvXG5rzx5dCTIrhMGzy4r+al
IaP9pINIuXxrP/HadB9ZwVZk75ENBlM6I/2oRe72hU0uaIpA4ANNXV893kbzSDuF
0gNud89QE6lS+8gVfGN3CDAWNloOdv9gn5fRNJbGIJTjymgj8lBdnYOnVCPBmZVJ
uFSiEqqALF5t2300ZZbQ1FOw6uxRePgGYqhriQ672pPdcZ0cFoTNBhtXBHzk0u4P
p6EMxKSHxfRBvAIBNRze2dtoPhoxuFe9Qz8vVqBEG408e3VZl7dpQv58JQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPW45AoI7X5/yTAf0vaiX7v8ReWMMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvOWJqa0NnanRmbl9KTUJfUzlxSmZ1X3hGNVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcgAwQC
uYx8MA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQBsG693CFJ+iDTY
tKWCXwibknnihBxjKpDFhkndpnMWc+shtZ1IQQu+CH7hdDpHWMOqCTNvr2y/XtVZ
OVkTMKHmme7Se7Ab3epwvHyoBgw44TpVlw64Yr4SodPsEiiDeB/ZIFmyunHnEPaR
L2Qz9+wK8qpf7MlRhRgMgBZXDMJfXd/XbPMkK9oZVhUcRfBAg3sp/pWj4oNQuhwY
nb5NvHbO+NbaiGlKSXXCAscJjc1XbkpoFujo6mGUkDkrjSNoyfSXGemNb0bPm0Xn
Zrum9GHDyF4YyARmuVQskwfyW96gO9LE0tNm2pdL4ixeWEXZRtUDJQWdPu2yMNHd
29t5FfuG
-----END CERTIFICATE-----
Generated at Tue Aug 20 13:32:11 2024 by rpki-client on console-ams.rpki-client.org