Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/xggBVLH2QcIEwjlkWAkdKY519Sw.roa
File: xggBVLH2QcIEwjlkWAkdKY519Sw.roa (raw, json)
Hash identifier: O/fpoxLFDko1+75ADAbmlauRkMyuvJqy7KZT1rO2T/M=
Subject key identifier: C6:08:01:54:B1:F6:41:C2:04:C2:39:64:58:09:1D:29:8E:75:F5:2C
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 0191AC14B04C807C6AED3766D433612E33AE
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/xggBVLH2QcIEwjlkWAkdKY519Sw.roa
Signing time: Sun 01 Sep 2024 05:35:22 +0000
ROA not before: Sun 01 Sep 2024 05:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41789
IP address blocks: 31.129.0.0/20 maxlen: 24
31.129.16.0/24 maxlen: 24
31.129.17.0/24 maxlen: 24
31.129.18.0/24 maxlen: 24
31.129.19.0/24 maxlen: 24
31.129.20.0/24 maxlen: 24
31.129.23.0/24 maxlen: 24
31.129.24.0/24 maxlen: 24
31.129.25.0/24 maxlen: 24
31.129.26.0/24 maxlen: 24
31.129.27.0/24 maxlen: 24
31.129.28.0/24 maxlen: 24
31.129.29.0/24 maxlen: 24
31.129.31.0/24 maxlen: 24
37.220.80.0/22 maxlen: 22
46.19.64.0/22 maxlen: 24
81.200.144.0/21 maxlen: 24
81.200.152.0/22 maxlen: 24
81.200.156.0/23 maxlen: 24
89.191.234.0/24 maxlen: 24
94.198.216.0/22 maxlen: 24
141.98.234.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
185.166.196.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 14:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ac:14:b0:4c:80:7c:6a:ed:37:66:d4:33:61:2e:33:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Sep 1 05:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6080154b1f641c204c2396458091d298e75f52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:dc:cc:e9:e1:22:74:f4:07:11:54:e3:01:
ed:88:69:de:3c:d6:cc:1a:5a:64:4d:7e:55:df:fb:
a4:de:3c:60:c7:79:b6:42:08:3b:58:da:47:6d:1d:
3c:45:36:2e:ea:be:2f:56:58:dc:e8:d5:77:cd:47:
c3:97:b1:62:f3:9f:ed:82:cb:83:9e:99:ea:73:06:
c2:88:01:ee:e5:2a:2a:09:bb:bf:8b:7a:c8:74:37:
5b:8f:a0:ca:72:35:41:3d:c3:7e:f7:cf:fa:51:f1:
f9:c6:76:35:d9:9a:74:a0:5a:dd:64:7e:89:3f:26:
58:9b:ae:e8:d9:e9:80:d1:ff:13:b5:61:7a:52:14:
6b:07:c9:b8:0a:3d:7e:21:13:c4:e4:49:1b:2d:2d:
c2:93:0f:c0:d3:67:16:02:b7:26:b0:c9:a2:42:64:
67:05:c0:12:5d:15:cd:ea:9c:92:f6:61:40:1c:87:
fa:ac:78:3d:b2:d8:a8:77:12:ad:35:6d:6c:82:82:
a1:3a:80:8e:1b:4e:b4:1c:d9:74:f3:2a:f2:f0:29:
ed:e1:b7:a1:ab:88:c8:84:45:2b:7f:53:f8:e8:ea:
91:e4:75:bd:e3:6c:82:54:24:ff:65:e5:99:59:df:
3e:d4:a2:2a:aa:3d:39:7a:4e:36:56:2e:62:10:ba:
c9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:08:01:54:B1:F6:41:C2:04:C2:39:64:58:09:1D:29:8E:75:F5:2C
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/xggBVLH2QcIEwjlkWAkdKY519Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.0.0-31.129.20.255
31.129.23.0-31.129.29.255
31.129.31.0/24
37.220.80.0/22
46.19.64.0/22
81.200.144.0-81.200.157.255
89.191.234.0/24
94.198.216.0/22
141.98.234.0/23
185.166.196.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:e8:69:62:e9:a9:2f:93:eb:01:a9:7b:b8:14:11:68:f6:cd:
f7:2a:8d:81:0a:f2:90:db:7d:c5:5f:22:19:f5:91:2f:32:c4:
77:ad:35:20:2d:9a:62:9f:d3:c2:a4:57:06:46:f5:c2:2a:5d:
13:85:7f:b3:5e:56:35:be:75:22:a3:d1:51:f1:9a:9d:95:cb:
01:b2:29:aa:26:61:fb:96:6d:5b:84:03:82:a7:2c:15:01:f3:
fe:0f:31:02:c5:85:9f:ba:71:80:c8:07:d2:21:be:27:f2:91:
09:36:5c:db:10:2e:51:74:86:0c:08:60:5b:c7:c6:cd:62:39:
fb:5f:ef:ce:68:2a:15:34:da:59:d7:03:34:63:6f:15:6c:bf:
c4:f3:60:1d:ab:fc:69:59:18:45:22:de:5d:1c:38:dc:5f:b8:
83:87:15:f3:9d:78:c6:a9:92:88:58:85:46:d3:7e:eb:30:f5:
7c:4e:1b:7b:0f:a0:6e:a7:22:3b:00:3d:60:9f:92:5c:4d:54:
be:d7:c2:e4:43:10:fb:00:f9:25:26:1c:0d:72:7e:4c:f0:f2:
b8:10:6d:2b:46:84:db:f3:c1:37:77:fc:53:f6:ae:ab:79:37:
45:ff:c3:5c:18:5e:ad:a5:71:03:6d:0c:5b:5a:64:98:fe:ac:
cc:a8:54:50
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZGsFLBMgHxq7Tdm1DNhLjOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwOTAxMDUzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA4MDE1NGIxZjY0MWMyMDRjMjM5NjQ1ODA5MWQyOThlNzVmNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5/czOnhInT0BxFU4wHtiGnePNbM
GlpkTX5V3/uk3jxgx3m2Qgg7WNpHbR08RTYu6r4vVljc6NV3zUfDl7Fi85/tgsuD
npnqcwbCiAHu5SoqCbu/i3rIdDdbj6DKcjVBPcN+98/6UfH5xnY12Zp0oFrdZH6J
PyZYm67o2emA0f8TtWF6UhRrB8m4Cj1+IRPE5EkbLS3Ckw/A02cWArcmsMmiQmRn
BcASXRXN6pyS9mFAHIf6rHg9stiodxKtNW1sgoKhOoCOG060HNl08yry8Cnt4beh
q4jIhEUrf1P46OqR5HW942yCVCT/ZeWZWd8+1KIqqj05ek42Vi5iELrJkwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFMYIAVSx9kHCBMI5ZFgJHSmOdfUsMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEveGdnQlZMSDJRY0lFd2psa1dBa2RLWTUxOVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAsDAwAfgQME
AB+BFDAMAwQAH4EXAwQBH4EcAwQAH4EfAwQCJdxQAwQCLhNAMAwDBARRyJADBAFR
yJwDBABZv+oDBAJextgDBAGNYuoDBAG5psQwDQYJKoZIhvcNAQELBQADggEBAE3o
aWLpqS+T6wGpe7gUEWj2zfcqjYEK8pDbfcVfIhn1kS8yxHetNSAtmmKf08KkVwZG
9cIqXROFf7NeVjW+dSKj0VHxmp2VywGyKaomYfuWbVuEA4KnLBUB8/4PMQLFhZ+6
cYDIB9IhvifykQk2XNsQLlF0hgwIYFvHxs1iOftf785oKhU02lnXAzRjbxVsv8Tz
YB2r/GlZGEUi3l0cONxfuIOHFfOdeMapkohYhUbTfusw9XxOG3sPoG6nIjsAPWCf
klxNVL7XwuRDEPsA+SUmHA1yfkzw8rgQbStGhNvzwTd3/FP2rqt5N0X/w1wYXq2l
cQNtDFtaZJj+rMyoVFA=
-----END CERTIFICATE-----
Generated at Mon Sep 2 18:31:11 2024 by rpki-client on console-ams.rpki-client.org