Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/ZqprI-WgX-ngUiXTdCYoJrwW_7k.roa
File: ZqprI-WgX-ngUiXTdCYoJrwW_7k.roa (raw, json)
Hash identifier: NIgc5lkV/DkifJE7MU+SBBJwmnHiosqujor7i/oHS5g=
Subject key identifier: 66:AA:6B:23:E5:A0:5F:E9:E0:52:25:D3:74:26:28:26:BC:16:FF:B9
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 018A1CEA6D208BAE2BB3BE633A88970DBE84
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/ZqprI-WgX-ngUiXTdCYoJrwW_7k.roa
Signing time: Tue 22 Aug 2023 11:03:59 +0000
ROA not before: Tue 22 Aug 2023 11:03:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
5.180.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 06:32:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:ea:6d:20:8b:ae:2b:b3:be:63:3a:88:97:0d:be:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Aug 22 11:03:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66aa6b23e5a05fe9e05225d374262826bc16ffb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:76:71:87:cd:e1:33:7d:d1:0b:c1:fc:a1:6b:
fc:e7:db:44:93:13:d5:94:ff:a8:53:06:a6:52:29:
ac:ee:b3:30:a8:14:62:81:49:da:23:00:46:f0:20:
9b:9f:a8:75:6f:4b:36:37:a7:08:20:74:04:9a:08:
19:8c:0e:38:78:67:d5:92:3e:75:ea:d0:09:84:c9:
a5:50:90:02:33:54:34:1f:bc:ad:a5:75:57:87:b5:
ad:2c:d2:ec:be:da:67:23:9e:e4:9a:4a:53:50:1a:
0b:80:2e:d3:1e:f4:73:17:4a:fb:2b:c5:b1:cb:1b:
0d:2a:40:1b:28:9d:64:9a:9c:81:af:89:60:15:aa:
f8:02:53:17:aa:6d:84:26:62:9d:57:c6:6a:d8:a8:
7e:2a:2a:be:34:01:f4:fa:f0:36:2a:2f:41:15:4a:
c3:e4:7c:a1:8b:dc:9e:a4:08:c1:79:8f:fd:05:85:
dd:56:ed:d6:1f:63:f0:38:34:b1:2d:1b:ca:b8:f8:
4f:6a:b4:83:9d:c8:2a:92:51:e2:58:af:92:f3:19:
a0:82:f9:09:51:5b:5c:5b:c1:c5:55:65:4e:20:36:
e5:ed:1c:db:39:ff:cf:c3:b0:91:4d:54:6a:f2:e1:
64:49:a9:bb:0c:52:7a:d5:7e:78:85:b4:41:cc:8f:
a2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AA:6B:23:E5:A0:5F:E9:E0:52:25:D3:74:26:28:26:BC:16:FF:B9
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/ZqprI-WgX-ngUiXTdCYoJrwW_7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
Signature Algorithm: sha256WithRSAEncryption
28:56:da:fc:8d:30:24:d7:fb:27:ec:f2:2c:59:aa:7c:92:b5:
52:5b:c8:02:8c:c1:fd:bf:aa:00:f8:3f:3b:71:51:62:10:a1:
1c:49:55:eb:e5:5d:17:8a:08:cf:6d:17:10:e3:6c:23:98:cf:
3f:c9:40:31:0b:b9:a9:61:ec:28:95:bb:1a:8d:d9:90:43:3c:
f1:05:db:2d:70:0a:ed:d6:a3:0f:2a:fd:51:c4:ae:05:5b:01:
9c:c9:38:93:d0:cd:ca:78:e0:bc:bc:71:e9:53:07:c0:7f:fc:
3f:63:72:fa:b1:da:6f:17:2f:43:61:0d:e9:19:34:a6:6c:3f:
f9:f4:e0:41:2f:b3:bf:bd:df:8c:2f:86:bf:0a:3e:02:40:86:
7c:85:eb:53:ec:60:b3:b1:3f:7c:d3:01:f0:0b:d4:26:b7:d8:
89:9d:07:f9:5e:ee:2f:90:bc:e4:2a:82:5f:f5:f9:8a:ed:83:
7d:f8:89:29:94:9b:cc:68:87:bc:c8:a3:cb:af:e4:1d:e0:cc:
68:a9:50:80:82:13:d0:e1:23:71:d9:d4:1d:2c:8c:b9:a8:18:
3d:41:47:51:3a:4a:fa:1c:dd:83:b2:38:78:f8:f2:8e:19:e7:
67:ce:35:78:48:a9:6d:6b:94:fd:3c:97:40:5e:57:19:6d:dd:
df:0c:3f:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoc6m0gi64rs75jOoiXDb6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMwODIyMTEwMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFhNmIyM2U1YTA1ZmU5ZTA1MjI1ZDM3NDI2MjgyNmJjMTZmZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnZxh83hM33RC8H8oWv859tEkxPV
lP+oUwamUims7rMwqBRigUnaIwBG8CCbn6h1b0s2N6cIIHQEmggZjA44eGfVkj51
6tAJhMmlUJACM1Q0H7ytpXVXh7WtLNLsvtpnI57kmkpTUBoLgC7THvRzF0r7K8Wx
yxsNKkAbKJ1kmpyBr4lgFar4AlMXqm2EJmKdV8Zq2Kh+Kiq+NAH0+vA2Ki9BFUrD
5Hyhi9yepAjBeY/9BYXdVu3WH2PwODSxLRvKuPhParSDncgqklHiWK+S8xmggvkJ
UVtcW8HFVWVOIDbl7RzbOf/Pw7CRTVRq8uFkSam7DFJ61X54hbRBzI+iCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGaqayPloF/p4FIl03QmKCa8Fv+5MB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvWnFwckktV2dYLW5nVWlYVGRDWW9KcndXXzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbSzAwQA
H9n4AwQAuYmkMA0GCSqGSIb3DQEBCwUAA4IBAQAoVtr8jTAk1/sn7PIsWap8krVS
W8gCjMH9v6oA+D87cVFiEKEcSVXr5V0XigjPbRcQ42wjmM8/yUAxC7mpYewolbsa
jdmQQzzxBdstcArt1qMPKv1RxK4FWwGcyTiT0M3KeOC8vHHpUwfAf/w/Y3L6sdpv
Fy9DYQ3pGTSmbD/59OBBL7O/vd+ML4a/Cj4CQIZ8hetT7GCzsT980wHwC9Qmt9iJ
nQf5Xu4vkLzkKoJf9fmK7YN9+IkplJvMaIe8yKPLr+Qd4MxoqVCAghPQ4SNx2dQd
LIy5qBg9QUdROkr6HN2Dsjh4+PKOGednzjV4SKlta5T9PJdAXlcZbd3fDD+b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org