Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/aF4saS7JngRMgPtK_azpuh15Bxw.roa
File: aF4saS7JngRMgPtK_azpuh15Bxw.roa (raw, json)
Hash identifier: PDG8cRYhnwY1+iTyvMwUua2el0OTRWr3pjYeaLRIgXo=
Subject key identifier: 68:5E:2C:69:2E:C9:9E:04:4C:80:FB:4A:FD:AC:E9:BA:1D:79:07:1C
Certificate issuer: /CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Certificate serial: 018A026893237E27B989592D92AEFC4A446F
Authority key identifier: 5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/aF4saS7JngRMgPtK_azpuh15Bxw.roa
Signing time: Thu 17 Aug 2023 07:32:02 +0000
ROA not before: Thu 17 Aug 2023 07:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41175
IP address blocks: 91.196.240.0/22 maxlen: 24
91.196.240.0/23 maxlen: 24
91.196.242.0/23 maxlen: 24
217.16.192.0/20 maxlen: 24
31.25.64.0/22 maxlen: 24
31.25.64.0/21 maxlen: 24
31.25.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:68:93:23:7e:27:b9:89:59:2d:92:ae:fc:4a:44:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c746e9f12c2c0e5459fe4e3d413c1c89de6db0e
Validity
Not Before: Aug 17 07:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685e2c692ec99e044c80fb4afdace9ba1d79071c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fd:d0:4c:60:cb:3e:6d:66:7e:a8:ef:93:ad:
23:6a:c6:82:61:99:ec:65:f6:ed:ec:ae:20:d3:06:
23:94:23:28:a4:b8:e6:89:6c:ea:c4:5c:80:f6:28:
af:92:1c:63:d4:01:e7:74:21:39:5f:36:ee:e0:86:
b2:e3:cc:a3:7e:8b:1a:bd:e5:e4:1a:55:89:c5:58:
b6:0d:5b:83:ee:8f:5a:0b:6b:1e:a5:11:8d:7d:9e:
91:ce:93:b2:e3:dc:e0:8a:00:f1:66:de:18:26:5d:
af:45:ca:1a:73:53:69:9a:94:af:5f:30:3f:31:1d:
3b:de:40:8f:79:f4:49:93:74:ab:6e:c1:c8:c9:9f:
2a:a7:26:81:58:4f:9b:5a:9b:ce:b5:28:60:d7:6d:
36:e1:1f:ab:21:c7:38:3b:c2:04:69:6c:2e:7d:3b:
90:24:af:e0:af:34:f0:82:7c:00:de:a4:1a:b7:d4:
22:e4:ae:b4:4e:8a:28:89:0d:0f:63:52:e8:04:ac:
a4:fe:5f:f1:36:35:f3:b0:f5:85:61:8d:ca:73:f4:
20:ae:fd:89:3a:9f:71:e6:3f:3e:c6:80:c3:fd:a1:
00:fb:d9:ad:a3:86:f9:ae:5c:89:0f:5c:75:54:3c:
cd:2a:b0:fd:b2:82:e7:5f:b1:57:54:90:77:6a:49:
c6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:2C:69:2E:C9:9E:04:4C:80:FB:4A:FD:AC:E9:BA:1D:79:07:1C
X509v3 Authority Key Identifier:
keyid:5C:74:6E:9F:12:C2:C0:E5:45:9F:E4:E3:D4:13:C1:C8:9D:E6:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHRunxLCwOVFn-Tj1BPByJ3m2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/aF4saS7JngRMgPtK_azpuh15Bxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/d6bf5e-4812-430e-9a13-e5947614ef3f/1/XHRunxLCwOVFn-Tj1BPByJ3m2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.64.0/21
91.196.240.0/22
217.16.192.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:57:13:22:3f:d9:7e:e9:be:24:1e:e1:1d:bf:54:00:bd:72:
10:17:a4:a6:7b:52:6e:e1:13:bc:52:6c:b4:32:4f:b3:8f:3b:
a8:03:94:c4:89:52:80:b2:9f:76:ba:17:03:66:0d:6e:5c:49:
1f:3a:a6:4d:1e:e1:e2:74:ff:f3:b3:7e:d9:1a:5f:fc:39:7c:
b2:93:f4:ea:1a:ba:67:2e:f4:da:af:30:87:3e:06:ff:be:30:
aa:e6:74:33:8d:3c:8d:85:c9:d8:47:8f:36:94:4c:3f:c0:c4:
0d:6f:d2:c4:75:1c:15:fe:fb:87:6e:ef:c4:c4:0e:ee:82:60:
8d:01:5d:cc:cf:08:34:97:62:ca:f5:a7:61:89:cc:56:62:b8:
3a:74:46:71:59:de:5e:f3:42:f6:66:9f:b6:c8:e5:a7:f5:33:
b3:e1:a0:b6:c7:a7:ca:28:85:6d:35:ba:6c:1e:b5:68:a0:58:
1b:6c:3f:64:b6:f0:cc:25:a4:e5:2b:ae:3c:2d:b8:fe:03:6b:
4c:7d:dd:ac:f3:25:77:f2:cd:a4:48:5b:a4:bf:60:e5:06:e6:
f7:49:d3:4b:b2:d4:64:c2:61:e6:f6:e7:53:2f:42:b2:c5:85:
64:29:8f:3d:53:de:66:09:35:30:a4:f5:d9:b4:10:58:fa:20:
19:f3:8d:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoCaJMjfie5iVktkq78SkRvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzQ2ZTlmMTJjMmMwZTU0NTlmZTRlM2Q0MTNjMWM4OWRl
NmRiMGUwHhcNMjMwODE3MDczMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVlMmM2OTJlYzk5ZTA0NGM4MGZiNGFmZGFjZTliYTFkNzkwNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/3QTGDLPm1mfqjvk60jasaCYZns
Zfbt7K4g0wYjlCMopLjmiWzqxFyA9iivkhxj1AHndCE5Xzbu4Iay48yjfosaveXk
GlWJxVi2DVuD7o9aC2sepRGNfZ6RzpOy49zgigDxZt4YJl2vRcoac1NpmpSvXzA/
MR073kCPefRJk3SrbsHIyZ8qpyaBWE+bWpvOtShg12024R+rIcc4O8IEaWwufTuQ
JK/grzTwgnwA3qQat9Qi5K60ToooiQ0PY1LoBKyk/l/xNjXzsPWFYY3Kc/Qgrv2J
Op9x5j8+xoDD/aEA+9mto4b5rlyJD1x1VDzNKrD9soLnX7FXVJB3aknGhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGheLGkuyZ4ETID7Sv2s6bodeQccMB8GA1UdIwQY
MBaAFFx0bp8SwsDlRZ/k49QTwcid5tsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMt
ZTU5NDc2MTRlZjNmLzEvYUY0c2FTN0puZ1JNZ1B0S19henB1aDE1Qnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kNmJmNWUtNDgxMi00MzBlLTlhMTMtZTU5NDc2MTRlZjNm
LzEvWEhSdW54TEN3T1ZGbi1UajFCUEJ5SjNtMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxlAAwQC
W8TwAwQE2RDAMA0GCSqGSIb3DQEBCwUAA4IBAQAcVxMiP9l+6b4kHuEdv1QAvXIQ
F6Sme1Ju4RO8Umy0Mk+zjzuoA5TEiVKAsp92uhcDZg1uXEkfOqZNHuHidP/zs37Z
Gl/8OXyyk/TqGrpnLvTarzCHPgb/vjCq5nQzjTyNhcnYR482lEw/wMQNb9LEdRwV
/vuHbu/ExA7ugmCNAV3Mzwg0l2LK9adhicxWYrg6dEZxWd5e80L2Zp+2yOWn9TOz
4aC2x6fKKIVtNbpsHrVooFgbbD9ktvDMJaTlK648Lbj+A2tMfd2s8yV38s2kSFuk
v2DlBub3SdNLstRkwmHm9udTL0KyxYVkKY89U95mCTUwpPXZtBBY+iAZ842c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org