Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/AGh2K-1NBxNS4-AmU5ccgnSRGwo.roa
File: AGh2K-1NBxNS4-AmU5ccgnSRGwo.roa (raw, json)
Hash identifier: zSnyyCeUvE4ZqfFlyF0Q0UMdr/4Cu9GzX5rww0LV4uk=
Subject key identifier: 00:68:76:2B:ED:4D:07:13:52:E3:E0:26:53:97:1C:82:74:91:1B:0A
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018A5F3FB25B928B59BB95037146DC4B9869
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/AGh2K-1NBxNS4-AmU5ccgnSRGwo.roa
Signing time: Mon 04 Sep 2023 08:12:04 +0000
ROA not before: Mon 04 Sep 2023 08:12:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 31.10.192.0/18 maxlen: 18
178.82.0.0/16 maxlen: 16
31.10.128.0/18 maxlen: 18
31.10.128.0/17 maxlen: 17
Validation: Failed, certificate revoked on Mon 04 Sep 2023 08:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:3f:b2:5b:92:8b:59:bb:95:03:71:46:dc:4b:98:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Sep 4 08:12:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0068762bed4d071352e3e02653971c8274911b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:fa:a4:f3:7c:ac:39:83:55:67:71:e8:a6:
a1:d4:16:4e:43:c7:5e:51:af:d8:e7:d0:da:04:e5:
fe:d4:c3:24:e2:2e:94:a3:dd:68:d5:84:97:fa:be:
63:60:aa:8f:d2:96:ce:3a:c1:aa:0f:ea:63:20:2d:
16:1e:bf:33:67:e0:aa:22:0b:ed:14:0e:6c:dd:43:
0b:bc:67:fb:be:22:cb:97:26:42:aa:10:3b:b2:de:
84:ea:08:9f:d3:28:bf:95:15:fa:b3:e6:19:c5:9d:
f2:14:5c:0c:d3:7d:d9:2f:ab:74:9c:f6:16:f9:99:
43:25:72:4d:d5:6c:ad:01:ba:6f:f3:bf:54:e0:25:
4d:e5:b6:fa:fe:26:58:bb:85:c1:b6:84:91:76:0b:
62:8a:8e:89:3b:dc:aa:7e:53:30:cd:99:ff:7d:b8:
7e:01:2e:ed:1a:91:68:85:60:3e:ec:98:f9:27:0e:
9a:9b:70:c5:d5:d6:bc:e5:bb:bb:db:ba:8b:fc:cc:
8a:da:c5:50:00:18:0b:32:6a:6c:16:d5:10:f4:50:
6b:54:58:24:16:8a:28:7f:69:69:f0:0e:d2:02:69:
af:b5:3c:37:f1:20:a8:85:04:8d:37:d7:2d:22:b7:
2a:04:dd:6f:d5:e1:5b:0e:a3:91:f1:69:f9:26:af:
85:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:68:76:2B:ED:4D:07:13:52:E3:E0:26:53:97:1C:82:74:91:1B:0A
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/AGh2K-1NBxNS4-AmU5ccgnSRGwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
178.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:d4:f1:71:c0:1b:46:4a:47:70:35:05:0f:6a:7e:f8:f3:62:
51:1b:4f:dc:a0:ff:e3:2e:96:69:7a:b3:43:2f:43:19:d5:fa:
7b:fe:16:0a:ce:54:25:b4:4b:a0:3d:d7:d4:21:3a:07:30:cf:
73:31:0a:fd:95:5e:0e:d4:5f:b1:c3:a5:11:04:4e:89:50:56:
04:fd:54:4b:ca:94:9c:27:0d:de:4e:f8:1e:68:da:3b:9b:5f:
5e:2d:b4:89:a0:cb:3e:e8:0f:9e:63:05:ca:e1:ec:ed:2f:63:
06:ad:b9:58:e2:5e:39:32:b0:e0:ce:28:53:b4:ec:13:c1:03:
e6:1c:19:1a:5d:6b:d5:d8:54:48:a2:e0:a3:93:a5:ea:ed:0b:
2c:19:1c:1d:84:0d:23:e7:d0:64:90:f4:31:7b:2c:98:95:63:
b6:61:1b:75:8a:20:59:42:1e:ff:e2:0e:f9:47:16:68:5a:b2:
3e:a7:6d:6d:d0:2f:0f:4e:83:79:c1:45:af:a0:da:8c:7a:7e:
dc:a0:86:cf:89:5a:ef:04:5e:24:9d:ec:d6:19:ce:e9:f2:96:
68:5a:dd:1b:cb:b7:10:86:6e:e9:13:f7:a8:da:11:fd:7a:6e:
7c:84:f5:2c:de:53:9d:d4:66:d9:cd:64:9f:4f:48:4e:2d:1e:
71:43:28:06
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYpfP7JbkotZu5UDcUbcS5hpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjMwOTA0MDgxMjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY4NzYyYmVkNGQwNzEzNTJlM2UwMjY1Mzk3MWM4Mjc0OTExYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXX6pPN8rDmDVWdx6Kah1BZOQ8de
Ua/Y59DaBOX+1MMk4i6Uo91o1YSX+r5jYKqP0pbOOsGqD+pjIC0WHr8zZ+CqIgvt
FA5s3UMLvGf7viLLlyZCqhA7st6E6gif0yi/lRX6s+YZxZ3yFFwM033ZL6t0nPYW
+ZlDJXJN1WytAbpv879U4CVN5bb6/iZYu4XBtoSRdgtiio6JO9yqflMwzZn/fbh+
AS7tGpFohWA+7Jj5Jw6am3DF1da85bu727qL/MyK2sVQABgLMmpsFtUQ9FBrVFgk
Fooof2lp8A7SAmmvtTw38SCohQSNN9ctIrcqBN1v1eFbDqOR8Wn5Jq+FBQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFABodivtTQcTUuPgJlOXHIJ0kRsKMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvQUdoMkstMU5CeE5TNC1BbVU1Y2NnblNSR3dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwQHHwqAAwMA
slIwDQYJKoZIhvcNAQELBQADggEBABjU8XHAG0ZKR3A1BQ9qfvjzYlEbT9yg/+Mu
lml6s0MvQxnV+nv+FgrOVCW0S6A919QhOgcwz3MxCv2VXg7UX7HDpREETolQVgT9
VEvKlJwnDd5O+B5o2jubX14ttImgyz7oD55jBcrh7O0vYwatuVjiXjkysODOKFO0
7BPBA+YcGRpda9XYVEii4KOTpertCywZHB2EDSPn0GSQ9DF7LJiVY7ZhG3WKIFlC
Hv/iDvlHFmhasj6nbW3QLw9Og3nBRa+g2ox6ftyghs+JWu8EXiSd7NYZzunylmha
3RvLtxCGbukT96jaEf16bnyE9SzeU53UZtnNZJ9PSE4tHnFDKAY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org