Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/hs6cGy4S2QMF9MVUZyC02-g-WpI.roa
File: hs6cGy4S2QMF9MVUZyC02-g-WpI.roa (raw, json)
Hash identifier: S9rA7WuSl9jgx7c1NIiBUTdgPs+H/1W5XZZR019ZWUQ=
Subject key identifier: 86:CE:9C:1B:2E:12:D9:03:05:F4:C5:54:67:20:B4:DB:E8:3E:5A:92
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018F0FD01FD6A66591D0EB905B7A13DE8665
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/hs6cGy4S2QMF9MVUZyC02-g-WpI.roa
Signing time: Wed 24 Apr 2024 11:14:08 +0000
ROA not before: Wed 24 Apr 2024 11:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17675
IP address blocks: 31.193.240.0/22 maxlen: 24
31.193.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 16:09:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:d0:1f:d6:a6:65:91:d0:eb:90:5b:7a:13:de:86:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Apr 24 11:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86ce9c1b2e12d90305f4c5546720b4dbe83e5a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2f:84:71:75:94:ed:20:c8:8f:91:43:03:fe:
2c:cc:cb:40:a2:b0:19:91:38:38:b5:f9:e2:3b:fe:
36:72:a1:d6:d1:29:d3:9b:4b:49:da:f7:67:07:c9:
2c:5c:a8:28:5d:e5:71:b9:95:4c:27:3a:56:d7:38:
a3:df:d7:09:53:15:67:85:85:75:a9:4d:2b:45:06:
3c:64:c3:1c:ff:94:73:c2:81:a1:93:15:36:67:fc:
78:3e:9a:5a:ea:da:49:91:2b:21:a1:bf:97:61:e6:
87:09:7c:a6:86:8c:f3:7a:37:62:b8:e7:a0:d9:3e:
c1:35:96:c1:f6:34:bc:26:56:81:82:49:f2:a1:ee:
68:db:89:0d:d9:1d:75:5f:aa:6f:e2:63:83:0c:a8:
ff:54:f4:f7:1d:f3:6f:86:73:b3:22:df:32:c0:91:
9d:24:57:86:f4:33:db:2f:28:b5:c1:72:ea:76:35:
c6:9a:85:31:ee:ac:3e:23:df:b1:b8:f1:e8:a0:c7:
16:b5:ed:d0:fc:df:ac:a0:da:4b:c8:53:29:0b:45:
1c:bd:85:4a:c6:27:a2:f6:57:73:b6:fd:2b:3d:35:
67:89:28:a6:b8:72:b2:1f:81:bc:4d:17:c1:c3:bb:
ca:eb:65:64:5e:b2:bd:19:af:84:ca:4d:f3:64:f0:
bb:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CE:9C:1B:2E:12:D9:03:05:F4:C5:54:67:20:B4:DB:E8:3E:5A:92
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/hs6cGy4S2QMF9MVUZyC02-g-WpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
Signature Algorithm: sha256WithRSAEncryption
42:32:60:c7:a2:83:79:5d:88:b1:d0:f6:0c:3e:f1:bc:3b:48:
ec:35:13:1c:0f:1d:34:cd:45:6b:61:36:65:b2:15:a8:91:fc:
34:4a:f2:d3:d8:48:df:87:20:ed:0b:aa:68:7b:d8:9d:34:d2:
a6:e9:88:70:b0:6d:27:6d:31:5a:2c:be:74:35:6e:a0:04:57:
46:da:a9:73:2d:09:74:11:f6:84:f7:58:a3:6d:8e:ef:c4:20:
b0:d7:65:a8:7b:cd:c5:12:3e:23:49:b6:f7:a8:56:65:c9:6d:
16:03:73:50:89:75:51:d6:29:a3:5e:78:b4:a1:83:bb:e0:41:
cd:8e:d2:ba:d8:0b:43:67:11:5a:29:3e:cd:94:14:5e:25:bf:
1d:4a:cc:0c:11:fe:db:70:a1:59:d5:0a:44:5a:55:c6:7d:32:
6f:6e:e6:e9:23:15:91:3b:72:83:94:f7:3c:89:08:91:c5:2d:
33:2e:61:e4:12:e3:52:d1:94:c8:df:3a:20:7f:85:bd:21:47:
39:c4:ee:a5:70:f7:73:f2:88:93:84:33:14:c6:6f:af:1a:05:
4b:b6:e6:ed:c4:14:02:15:a9:de:c3:d6:79:67:f0:28:f7:77:
85:ef:97:85:92:70:f2:51:df:5e:19:96:00:8f:f1:56:18:a9:
47:9c:08:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8P0B/WpmWR0OuQW3oT3oZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQwNDI0MTExNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmNlOWMxYjJlMTJkOTAzMDVmNGM1NTQ2NzIwYjRkYmU4M2U1YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC+EcXWU7SDIj5FDA/4szMtAorAZ
kTg4tfniO/42cqHW0SnTm0tJ2vdnB8ksXKgoXeVxuZVMJzpW1zij39cJUxVnhYV1
qU0rRQY8ZMMc/5RzwoGhkxU2Z/x4Pppa6tpJkSshob+XYeaHCXymhozzejdiuOeg
2T7BNZbB9jS8JlaBgknyoe5o24kN2R11X6pv4mODDKj/VPT3HfNvhnOzIt8ywJGd
JFeG9DPbLyi1wXLqdjXGmoUx7qw+I9+xuPHooMcWte3Q/N+soNpLyFMpC0UcvYVK
xiei9ldztv0rPTVniSimuHKyH4G8TRfBw7vK62VkXrK9Ga+Eyk3zZPC78wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbOnBsuEtkDBfTFVGcgtNvoPlqSMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvaHM2Y0d5NFMyUU1GOU1WVVp5QzAyLWctV3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH8HwMA0G
CSqGSIb3DQEBCwUAA4IBAQBCMmDHooN5XYix0PYMPvG8O0jsNRMcDx00zUVrYTZl
shWokfw0SvLT2EjfhyDtC6poe9idNNKm6YhwsG0nbTFaLL50NW6gBFdG2qlzLQl0
EfaE91ijbY7vxCCw12Woe83FEj4jSbb3qFZlyW0WA3NQiXVR1imjXni0oYO74EHN
jtK62AtDZxFaKT7NlBReJb8dSswMEf7bcKFZ1QpEWlXGfTJvbubpIxWRO3KDlPc8
iQiRxS0zLmHkEuNS0ZTI3zogf4W9IUc5xO6lcPdz8oiThDMUxm+vGgVLtubtxBQC
Fanew9Z5Z/Ao93eF75eFknDyUd9eGZYAj/FWGKlHnAjA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org