Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/5wPhatd38HVAurgUQwq7lZN2hp4.roa
File: 5wPhatd38HVAurgUQwq7lZN2hp4.roa (raw, json)
Hash identifier: nkLlmF2P2T5AeZxKkx223nvLV4Q9cmLYrzof9bUWc00=
Subject key identifier: E7:03:E1:6A:D7:77:F0:75:40:BA:B8:14:43:0A:BB:95:93:76:86:9E
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018A3B3D7AA1E7464C1EC0A63F42328AEA85
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/5wPhatd38HVAurgUQwq7lZN2hp4.roa
Signing time: Mon 28 Aug 2023 08:23:19 +0000
ROA not before: Mon 28 Aug 2023 08:23:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 91.196.240.0/22 maxlen: 24
91.196.240.0/23 maxlen: 24
91.196.242.0/23 maxlen: 24
217.16.192.0/20 maxlen: 24
31.25.64.0/21 maxlen: 24
31.25.64.0/22 maxlen: 24
31.25.68.0/22 maxlen: 24
2a02:7720::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:3d:7a:a1:e7:46:4c:1e:c0:a6:3f:42:32:8a:ea:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Aug 28 08:23:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e703e16ad777f07540bab814430abb959376869e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:50:3b:05:85:21:b0:8f:23:cb:e8:96:d8:93:
e2:1d:54:72:ec:28:5f:61:e5:3b:1d:f2:94:16:1d:
b4:c9:79:ca:08:8f:47:e6:e4:f5:b1:94:35:f0:8f:
39:26:3e:3d:7b:37:35:16:f9:ff:96:71:38:0a:8b:
d0:ee:6f:fd:63:fd:89:15:80:f8:92:f8:67:e1:1e:
4b:80:bf:47:a2:1c:3a:cb:2f:11:c8:0f:78:a4:86:
12:01:1f:05:dd:f1:e2:24:d3:02:73:5d:18:5b:0e:
1e:fd:4a:6c:29:ec:f0:34:b0:5b:a1:e3:64:81:f3:
6b:70:36:3d:41:7b:19:ac:d1:a8:c8:1e:95:b9:49:
95:27:da:87:4b:05:97:18:ba:25:b9:0e:b9:30:da:
5e:b2:a2:ec:81:25:75:ac:a2:1a:3c:ea:1c:fa:8e:
75:98:fb:4e:d2:02:61:1b:e9:10:f2:23:99:60:b0:
16:57:0c:d7:6e:be:8d:91:ba:36:fe:c2:d4:7c:80:
c0:38:94:86:a5:6f:83:1e:ce:90:20:03:91:b9:8f:
e4:df:2c:b3:5e:e7:dc:cc:90:48:d2:aa:f4:e9:9e:
31:58:b9:8b:20:6e:c6:3d:88:d9:4c:d0:ea:77:86:
54:02:1b:88:f0:35:40:70:60:a6:ec:cd:6e:0d:cb:
d0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:03:E1:6A:D7:77:F0:75:40:BA:B8:14:43:0A:BB:95:93:76:86:9E
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/5wPhatd38HVAurgUQwq7lZN2hp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
91.196.240.0/22
217.16.192.0/20
IPv6:
2a02:7720::/32
Signature Algorithm: sha256WithRSAEncryption
0a:ee:cd:b4:6f:dd:20:23:08:da:ec:f8:73:a0:48:8e:07:76:
f7:d0:2f:77:ac:8b:a1:c9:cc:93:27:54:74:6c:93:6f:84:12:
0a:b2:24:ae:ea:9b:94:f3:16:a9:ce:e4:93:6c:23:3c:ce:62:
1c:3d:35:51:5d:9f:34:44:12:1a:db:57:1d:72:e1:4a:49:af:
f0:5d:b6:d4:b7:1d:70:77:48:24:2b:eb:c4:9d:09:8e:aa:4f:
6f:f3:59:44:ff:7d:73:23:e3:9a:59:a9:7f:8a:76:a3:92:d1:
ea:be:46:a6:65:88:96:6b:00:32:d7:fd:89:60:f0:12:d0:fc:
6e:ef:c1:a2:17:24:f7:58:da:69:66:0e:1d:34:5a:7a:2a:cc:
af:59:e8:94:32:a3:65:6c:0b:3e:1b:13:3a:a3:de:93:3e:28:
c5:1c:78:f6:d6:49:8e:51:73:d6:58:45:45:a9:e5:4b:6b:f1:
2d:b6:b9:61:a4:95:c4:e8:e6:e6:3b:5d:b8:c1:b6:13:51:4a:
2c:4e:b3:58:24:9d:3d:9a:d6:76:ef:a9:bb:63:ee:15:f8:b5:
1d:ce:3b:c2:42:42:fd:47:a5:92:26:4a:d9:4c:8a:1b:da:43:
6b:51:16:67:99:27:26:be:36:47:c4:f8:39:32:fe:c8:af:3e:
49:2c:9e:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYo7PXqh50ZMHsCmP0IyiuqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjMwODI4MDgyMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAzZTE2YWQ3NzdmMDc1NDBiYWI4MTQ0MzBhYmI5NTkzNzY4NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFA7BYUhsI8jy+iW2JPiHVRy7Chf
YeU7HfKUFh20yXnKCI9H5uT1sZQ18I85Jj49ezc1Fvn/lnE4CovQ7m/9Y/2JFYD4
kvhn4R5LgL9Hohw6yy8RyA94pIYSAR8F3fHiJNMCc10YWw4e/UpsKezwNLBboeNk
gfNrcDY9QXsZrNGoyB6VuUmVJ9qHSwWXGLoluQ65MNpesqLsgSV1rKIaPOoc+o51
mPtO0gJhG+kQ8iOZYLAWVwzXbr6Nkbo2/sLUfIDAOJSGpW+DHs6QIAORuY/k3yyz
XufczJBI0qr06Z4xWLmLIG7GPYjZTNDqd4ZUAhuI8DVAcGCm7M1uDcvQ0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOcD4WrXd/B1QLq4FEMKu5WTdoaeMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvNXdQaGF0ZDM4SFZBdXJnVVF3cTdsWk4yaHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHxlAAwQC
W8TwAwQE2RDAMA0EAgACMAcDBQAqAncgMA0GCSqGSIb3DQEBCwUAA4IBAQAK7s20
b90gIwja7PhzoEiOB3b30C93rIuhycyTJ1R0bJNvhBIKsiSu6puU8xapzuSTbCM8
zmIcPTVRXZ80RBIa21cdcuFKSa/wXbbUtx1wd0gkK+vEnQmOqk9v81lE/31zI+Oa
Wal/inajktHqvkamZYiWawAy1/2JYPAS0Pxu78GiFyT3WNppZg4dNFp6KsyvWeiU
MqNlbAs+GxM6o96TPijFHHj21kmOUXPWWEVFqeVLa/EttrlhpJXE6ObmO124wbYT
UUosTrNYJJ09mtZ276m7Y+4V+LUdzjvCQkL9R6WSJkrZTIob2kNrURZnmScmvjZH
xPg5Mv7Irz5JLJ4s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:38 2024 by rpki-client on console-ams.rpki-client.org