Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/AgBt8YpWF9srfuioXhWB7nVn5Pg.roa
File: AgBt8YpWF9srfuioXhWB7nVn5Pg.roa (raw, json)
Hash identifier: NMN2x5MDE6JjMnz+6ufyHEWB6meQSkcaq2Sx5YA7wx0=
Subject key identifier: 02:00:6D:F1:8A:56:17:DB:2B:7E:E8:A8:5E:15:81:EE:75:67:E4:F8
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 019184D69BA0CEA945B07667046790E50A8C
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/AgBt8YpWF9srfuioXhWB7nVn5Pg.roa
Signing time: Sat 24 Aug 2024 14:42:22 +0000
ROA not before: Sat 24 Aug 2024 14:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.92.0/22 maxlen: 22
31.25.92.0/24 maxlen: 24
31.25.93.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.95.0/24 maxlen: 24
178.236.32.0/22 maxlen: 22
178.236.32.0/24 maxlen: 24
178.236.33.0/24 maxlen: 24
178.236.34.0/24 maxlen: 24
178.236.35.0/24 maxlen: 24
185.118.13.0/24 maxlen: 24
185.118.14.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 07:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:d6:9b:a0:ce:a9:45:b0:76:67:04:67:90:e5:0a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Aug 24 14:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02006df18a5617db2b7ee8a85e1581ee7567e4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:fd:be:72:56:e2:ac:c7:47:56:ed:a5:0b:
14:9a:7a:94:e7:4c:73:e5:64:0d:9d:16:a3:8d:bc:
29:a2:4b:72:ce:f9:31:37:c2:2f:41:23:d8:b4:fc:
00:8d:ae:fc:0b:c3:68:10:b9:ab:72:12:17:cf:a6:
b0:51:3d:6a:50:4f:c0:11:c1:6d:6a:fd:eb:f4:d2:
af:5e:52:26:bf:71:e6:04:5f:0c:b1:4b:95:3a:d8:
ec:d2:84:48:7c:f2:e3:a3:69:32:e1:ef:f2:8f:45:
98:da:35:41:a5:ee:82:5d:ca:85:16:74:15:09:26:
7d:8b:eb:89:47:c3:2c:8f:a4:ae:1a:e9:db:47:bb:
96:cb:16:fb:1b:3f:84:4d:45:b6:f8:13:9a:0e:ac:
79:d6:92:38:0b:31:60:93:a5:03:af:07:d9:e6:84:
bb:f6:80:6d:06:22:b5:c2:a3:7a:65:f7:5b:04:8e:
d3:24:97:6b:ba:a7:d3:b5:3c:22:b5:02:41:94:2f:
2c:d0:25:5c:34:9f:bf:3b:df:6d:64:33:ca:62:75:
45:0a:83:79:81:a4:53:80:d6:40:31:fe:ce:46:87:
6e:01:77:2b:0c:bb:77:f8:79:75:cd:90:b8:ce:57:
51:34:78:49:84:5f:ed:e4:13:fe:62:e1:fe:ec:c9:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:00:6D:F1:8A:56:17:DB:2B:7E:E8:A8:5E:15:81:EE:75:67:E4:F8
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/AgBt8YpWF9srfuioXhWB7nVn5Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
178.236.32.0/22
185.118.13.0-185.118.14.255
Signature Algorithm: sha256WithRSAEncryption
28:c4:4a:3d:e9:49:00:6d:e7:ea:0d:f8:f2:f4:46:ab:3c:98:
70:9a:e4:40:dc:86:bc:79:5a:b4:56:a9:5b:60:22:40:9d:6e:
1f:e8:97:a1:e9:20:3e:c5:90:45:ff:ee:a8:10:95:4c:ec:37:
d6:7b:da:2e:54:b1:22:8f:d6:b7:21:09:e7:8b:58:a8:ce:ee:
0a:06:81:a2:43:1b:d9:6a:50:7b:06:28:bc:67:a9:fd:6d:1c:
27:c5:4f:66:93:55:67:44:25:9a:09:62:97:c5:75:ee:38:35:
a5:ff:9e:b9:18:e9:9e:27:f6:cb:d9:55:47:99:8d:3c:9e:6d:
ee:02:0c:39:b9:35:92:0e:d5:64:d6:7d:e8:3c:73:f1:53:18:
cd:85:53:f2:ce:08:1d:0d:fb:43:1e:ea:01:66:4e:e9:66:23:
d2:b3:92:58:56:7f:1f:59:02:36:01:5a:83:3f:4b:bb:c8:7c:
53:62:c3:f9:98:51:f3:1d:3d:91:c4:c4:ec:a7:6e:05:0f:c4:
4a:6c:1f:e5:e7:42:42:1f:32:1c:ad:1c:43:14:ac:b4:58:37:
e5:4c:a2:ec:c6:2e:2b:71:90:36:0c:c7:14:82:68:e4:de:7a:
ac:2a:96:88:66:10:df:21:b1:9a:1c:43:42:bf:3d:d2:27:fa:
52:70:8e:a9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZGE1pugzqlFsHZnBGeQ5QqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjQwODI0MTQ0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAwNmRmMThhNTYxN2RiMmI3ZWU4YTg1ZTE1ODFlZTc1NjdlNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvr9vnJW4qzHR1btpQsUmnqU50xz
5WQNnRajjbwpoktyzvkxN8IvQSPYtPwAja78C8NoELmrchIXz6awUT1qUE/AEcFt
av3r9NKvXlImv3HmBF8MsUuVOtjs0oRIfPLjo2ky4e/yj0WY2jVBpe6CXcqFFnQV
CSZ9i+uJR8Msj6SuGunbR7uWyxb7Gz+ETUW2+BOaDqx51pI4CzFgk6UDrwfZ5oS7
9oBtBiK1wqN6ZfdbBI7TJJdruqfTtTwitQJBlC8s0CVcNJ+/O99tZDPKYnVFCoN5
gaRTgNZAMf7ORoduAXcrDLt3+Hl1zZC4zldRNHhJhF/t5BP+YuH+7MlfPQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAIAbfGKVhfbK37oqF4Vge51Z+T4MB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL0FnQnQ4WXBXRjlzcmZ1aW9YaFdCN25WbjVQZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBAIfGVwD
BAKy7CAwDAMEALl2DQMEALl2DjANBgkqhkiG9w0BAQsFAAOCAQEAKMRKPelJAG3n
6g348vRGqzyYcJrkQNyGvHlatFapW2AiQJ1uH+iXoekgPsWQRf/uqBCVTOw31nva
LlSxIo/WtyEJ54tYqM7uCgaBokMb2WpQewYovGep/W0cJ8VPZpNVZ0Qlmglil8V1
7jg1pf+euRjpnif2y9lVR5mNPJ5t7gIMObk1kg7VZNZ96Dxz8VMYzYVT8s4IHQ37
Qx7qAWZO6WYj0rOSWFZ/H1kCNgFagz9Lu8h8U2LD+ZhR8x09kcTE7KduBQ/ESmwf
5edCQh8yHK0cQxSstFg35Uyi7MYuK3GQNgzHFIJo5N56rCqWiGYQ3yGxmhxDQr89
0if6UnCOqQ==
-----END CERTIFICATE-----
Generated at Tue Sep 17 08:50:24 2024 by rpki-client on console-ams.rpki-client.org