Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa
File: PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa (raw, json)
Hash identifier: CkjBBkPKcS8h5fGsrsrYyXxa64LO5CvzrJupg5ATdYs=
Subject key identifier: 3E:31:B1:93:04:F8:E0:03:A3:BF:C9:D5:B8:9A:AF:A3:E6:74:51:74
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018EB95A1BF81DD20F61F53C4357B1FA2671
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa
Signing time: Sun 07 Apr 2024 16:17:54 +0000
ROA not before: Sun 07 Apr 2024 16:17:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7922
IP address blocks: 31.132.53.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 18:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:5a:1b:f8:1d:d2:0f:61:f5:3c:43:57:b1:fa:26:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Apr 7 16:17:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e31b19304f8e003a3bfc9d5b89aafa3e6745174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:77:25:00:22:0c:50:42:8e:86:45:28:bb:7b:
47:0c:11:4f:01:2d:65:01:10:10:ec:3c:2c:1c:88:
30:d1:ab:48:b2:f7:8e:1d:40:82:58:df:a9:00:78:
7d:f2:b5:20:d0:1d:04:ed:72:4a:79:18:bd:ac:aa:
dc:37:48:3c:c5:1c:52:77:2b:54:fe:99:8f:0f:0a:
15:76:1f:53:c6:46:35:b6:b1:4c:d6:94:62:d9:45:
72:2b:a6:bf:72:3d:75:ed:9e:b4:9f:f9:52:7b:a7:
a9:97:9a:cf:31:af:7c:42:5f:d3:89:c7:1a:78:4b:
e2:60:3c:21:88:14:06:b8:e4:a9:20:68:ee:b9:1e:
4a:56:43:f3:d9:7e:52:55:b0:3b:6c:29:5e:10:4b:
15:41:9a:fb:92:cf:3b:60:6a:f3:62:26:5a:80:70:
79:32:0d:fc:b7:45:7e:02:46:d1:86:e3:6e:12:dd:
5c:20:f8:2f:0d:24:6d:c8:2b:26:9c:f1:7a:9c:66:
84:55:f2:b4:9c:b8:f0:52:ba:b7:ff:0b:67:da:50:
57:e1:ac:2d:48:46:9c:0e:67:c7:73:7e:dc:f1:14:
f6:bd:77:ec:d5:9d:73:24:9b:23:54:7f:b1:d3:1d:
27:b8:e7:b4:96:06:5c:14:95:73:2a:e8:31:03:3b:
4a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:31:B1:93:04:F8:E0:03:A3:BF:C9:D5:B8:9A:AF:A3:E6:74:51:74
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/PjGxkwT44AOjv8nVuJqvo-Z0UXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.53.0/24
103.130.178.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a2:41:59:58:42:4d:d2:8e:81:af:6f:c8:8a:1d:51:0e:3e:
89:3f:2a:4b:2d:18:76:06:ef:60:63:00:42:27:33:b5:1a:db:
63:dc:9a:74:52:ee:20:9c:35:8d:29:97:be:cb:9b:1e:3e:3f:
be:ab:f0:14:90:cb:a6:35:90:ca:e1:6b:db:26:57:b3:a1:be:
a0:06:d8:40:2d:9d:01:a1:6f:54:e5:fe:fd:24:3a:1b:b2:52:
50:7f:74:42:91:df:96:4f:42:b3:8c:8d:50:66:2a:7a:14:0d:
f0:8b:10:0c:c5:e5:32:90:52:e4:87:b4:3b:b3:e2:17:c1:dc:
38:c3:c2:c1:b0:88:aa:74:40:b5:33:99:c3:8a:a1:de:43:dc:
80:e5:27:f5:c4:30:69:fe:2a:01:c7:ab:2f:82:c0:76:c2:43:
aa:0f:8d:c6:b8:47:e5:99:7a:d9:4b:5f:29:0e:ca:35:df:9d:
cc:a1:5d:23:ab:a9:a1:3b:24:c2:a0:4e:4d:31:65:24:9f:3b:
f6:ce:fc:7e:1c:1c:87:a1:e3:0a:9c:94:95:99:1d:ee:55:9a:
aa:fc:f0:ea:2f:32:2b:27:6c:8c:df:94:de:0a:b8:8d:57:7e:
6b:27:82:f1:cf:94:5d:0b:81:d7:aa:8d:fb:40:9b:f2:6f:13:
fb:e6:1e:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY65Whv4HdIPYfU8Q1ex+iZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDA3MTYxNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMxYjE5MzA0ZjhlMDAzYTNiZmM5ZDViODlhYWZhM2U2NzQ1MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nclACIMUEKOhkUou3tHDBFPAS1l
ARAQ7DwsHIgw0atIsveOHUCCWN+pAHh98rUg0B0E7XJKeRi9rKrcN0g8xRxSdytU
/pmPDwoVdh9TxkY1trFM1pRi2UVyK6a/cj117Z60n/lSe6epl5rPMa98Ql/Ticca
eEviYDwhiBQGuOSpIGjuuR5KVkPz2X5SVbA7bCleEEsVQZr7ks87YGrzYiZagHB5
Mg38t0V+AkbRhuNuEt1cIPgvDSRtyCsmnPF6nGaEVfK0nLjwUrq3/wtn2lBX4awt
SEacDmfHc37c8RT2vXfs1Z1zJJsjVH+x0x0nuOe0lgZcFJVzKugxAztKvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD4xsZME+OADo7/J1biar6PmdFF0MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUGpHeGt3VDQ0QU9qdjhuVnVKcXZvLVowVVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4Q1AwQA
Z4KyMA0GCSqGSIb3DQEBCwUAA4IBAQB9okFZWEJN0o6Br2/Iih1RDj6JPypLLRh2
Bu9gYwBCJzO1Gttj3Jp0Uu4gnDWNKZe+y5sePj++q/AUkMumNZDK4WvbJlezob6g
BthALZ0BoW9U5f79JDobslJQf3RCkd+WT0KzjI1QZip6FA3wixAMxeUykFLkh7Q7
s+IXwdw4w8LBsIiqdEC1M5nDiqHeQ9yA5Sf1xDBp/ioBx6svgsB2wkOqD43GuEfl
mXrZS18pDso1353MoV0jq6mhOyTCoE5NMWUknzv2zvx+HByHoeMKnJSVmR3uVZqq
/PDqLzIrJ2yM35TeCriNV35rJ4Lxz5RdC4HXqo37QJvybxP75h65
-----END CERTIFICATE-----
Generated at Thu May 2 21:42:24 2024 by rpki-client on console-ams.rpki-client.org