Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/39rFdbOTbyHZARa8iRrLzvvBxck.roa
File: 39rFdbOTbyHZARa8iRrLzvvBxck.roa (raw, json)
Hash identifier: 2X5o4fcIQxmwcU2tG7FdsvXiop6s293gczpEg3CNF64=
Subject key identifier: DF:DA:C5:75:B3:93:6F:21:D9:01:16:BC:89:1A:CB:CE:FB:C1:C5:C9
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018D8CE8FC92E2A531C23C0A325A6C6DD7B9
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/39rFdbOTbyHZARa8iRrLzvvBxck.roa
Signing time: Fri 09 Feb 2024 08:08:15 +0000
ROA not before: Fri 09 Feb 2024 08:08:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.193.240.0/22 maxlen: 24
31.193.244.0/22 maxlen: 24
45.84.112.0/23 maxlen: 24
45.84.114.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 11:14:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:e8:fc:92:e2:a5:31:c2:3c:0a:32:5a:6c:6d:d7:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Feb 9 08:08:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfdac575b3936f21d90116bc891acbcefbc1c5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:49:91:07:80:81:64:dc:b5:57:8d:16:5c:e2:
08:86:2e:55:63:01:de:4c:a9:3f:7f:0a:0e:eb:3f:
ff:0a:58:2f:8a:0d:28:c7:9c:93:b8:01:ee:d2:38:
78:70:a2:aa:6d:c7:11:7a:d7:5f:e4:33:b6:62:74:
d2:d7:ea:bb:ef:97:40:c6:ff:44:e4:4b:51:b9:1b:
a7:6c:45:a6:86:f3:67:33:4a:3c:f7:c4:b4:de:98:
00:6b:1f:18:d9:14:35:6e:ba:9f:a7:13:8b:44:cb:
e1:60:c9:46:1b:69:74:7f:f2:63:7a:07:93:68:f6:
03:4c:47:af:81:d5:46:9f:c2:29:71:0a:98:a1:14:
82:c7:06:e1:65:45:04:0f:ed:2e:af:50:b6:ef:9f:
85:83:78:95:62:5b:8d:e1:15:de:91:a6:ce:dc:12:
b4:6b:06:3e:17:3a:a0:0a:6c:df:e2:71:22:80:14:
cb:53:ae:19:16:f0:0c:20:b2:09:8f:a8:66:a1:ab:
9a:a6:c6:61:58:ac:9b:67:58:5d:d7:60:bb:9a:c2:
7c:3f:8c:8e:19:67:de:be:d1:4e:5c:2d:90:25:1f:
cf:4a:29:92:ac:b0:22:18:ba:77:38:ad:bf:55:c9:
9f:c2:d0:f2:34:ea:c0:e2:bf:af:0a:42:e3:fd:96:
e2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DA:C5:75:B3:93:6F:21:D9:01:16:BC:89:1A:CB:CE:FB:C1:C5:C9
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/39rFdbOTbyHZARa8iRrLzvvBxck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
45.84.112.0/22
Signature Algorithm: sha256WithRSAEncryption
66:4a:1a:71:25:aa:38:a0:ba:74:9f:75:66:91:33:6c:21:e5:
15:74:78:af:60:3d:d7:0e:c4:3f:05:23:2e:c0:53:8f:14:c3:
21:03:d1:be:02:ba:41:d4:e1:07:24:eb:dd:7e:d9:59:ba:4f:
ae:43:1c:c1:f1:98:c3:03:a8:7c:11:d1:73:13:38:7a:cb:e8:
b5:64:e5:b4:bc:50:cc:f1:bc:ee:11:b0:1b:41:db:6b:29:0d:
86:03:a0:5b:d8:a4:34:05:0a:a2:a9:bf:39:4d:0c:c9:0c:93:
15:16:44:d8:cf:72:46:bd:db:82:4a:b0:3e:ab:05:e5:0d:c8:
4d:54:07:b5:df:26:14:fc:fd:3b:75:5e:96:4c:81:99:b0:ae:
83:ec:42:20:75:d4:46:0e:d9:95:f6:6d:4b:b4:97:d7:6c:70:
69:79:55:c4:5c:f1:a3:48:73:71:70:bb:e0:c5:7f:0a:16:50:
38:e4:83:e9:36:0a:5a:ca:92:c8:47:66:cc:44:3e:26:b2:87:
ad:cf:b7:da:5f:8d:a9:b7:80:5a:40:ba:50:56:21:42:00:73:
ef:70:33:79:c6:e1:85:6e:41:cf:b0:0d:4e:54:cd:f2:73:ce:
9d:14:d3:c4:9a:11:01:cb:46:7b:9a:c4:8f:d4:81:d9:b1:0e:
f2:59:07:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2M6PyS4qUxwjwKMlpsbde5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQwMjA5MDgwODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRhYzU3NWIzOTM2ZjIxZDkwMTE2YmM4OTFhY2JjZWZiYzFjNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0mRB4CBZNy1V40WXOIIhi5VYwHe
TKk/fwoO6z//Clgvig0ox5yTuAHu0jh4cKKqbccRetdf5DO2YnTS1+q775dAxv9E
5EtRuRunbEWmhvNnM0o898S03pgAax8Y2RQ1brqfpxOLRMvhYMlGG2l0f/JjegeT
aPYDTEevgdVGn8IpcQqYoRSCxwbhZUUED+0ur1C275+Fg3iVYluN4RXekabO3BK0
awY+FzqgCmzf4nEigBTLU64ZFvAMILIJj6hmoauapsZhWKybZ1hd12C7msJ8P4yO
GWfevtFOXC2QJR/PSimSrLAiGLp3OK2/VcmfwtDyNOrA4r+vCkLj/ZbipwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/axXWzk28h2QEWvIkay877wcXJMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvMzlyRmRiT1RieUhaQVJhOGlSckx6dnZCeGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH8HwAwQC
LVRwMA0GCSqGSIb3DQEBCwUAA4IBAQBmShpxJao4oLp0n3VmkTNsIeUVdHivYD3X
DsQ/BSMuwFOPFMMhA9G+ArpB1OEHJOvdftlZuk+uQxzB8ZjDA6h8EdFzEzh6y+i1
ZOW0vFDM8bzuEbAbQdtrKQ2GA6Bb2KQ0BQqiqb85TQzJDJMVFkTYz3JGvduCSrA+
qwXlDchNVAe13yYU/P07dV6WTIGZsK6D7EIgddRGDtmV9m1LtJfXbHBpeVXEXPGj
SHNxcLvgxX8KFlA45IPpNgpaypLIR2bMRD4msoetz7faX42pt4BaQLpQViFCAHPv
cDN5xuGFbkHPsA1OVM3yc86dFNPEmhEBy0Z7msSP1IHZsQ7yWQdl
-----END CERTIFICATE-----
Generated at Wed Apr 24 14:49:15 2024 by rpki-client on console-ams.rpki-client.org