Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/d3DiTC3IWnSi3x6djO8nqYKImzU.roa
File: d3DiTC3IWnSi3x6djO8nqYKImzU.roa (raw, json)
Hash identifier: k47jIljJZw/6lV/Gr+qaXzpcet5GcCbppau8sngwEvI=
Subject key identifier: 77:70:E2:4C:2D:C8:5A:74:A2:DF:1E:9D:8C:EF:27:A9:82:88:9B:35
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 018E7A3BD4876D53F02EE4F7F6D67FA9360C
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/d3DiTC3IWnSi3x6djO8nqYKImzU.roa
Signing time: Tue 26 Mar 2024 10:08:45 +0000
ROA not before: Tue 26 Mar 2024 10:08:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215247
IP address blocks: 31.207.64.0/24 maxlen: 24
31.207.65.0/24 maxlen: 24
152.89.135.0/24 maxlen: 24
192.145.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 11:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:3b:d4:87:6d:53:f0:2e:e4:f7:f6:d6:7f:a9:36:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Mar 26 10:08:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7770e24c2dc85a74a2df1e9d8cef27a982889b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:87:78:b9:32:05:85:4a:96:e8:57:55:b9:9f:
7a:4a:6a:7b:78:22:51:84:b6:a6:5f:39:19:0b:55:
3b:93:f9:31:60:20:96:3c:08:56:0c:a4:29:d0:49:
6e:59:1c:58:88:9d:15:03:b3:14:e7:2b:30:de:65:
02:0a:ad:fe:df:c7:bb:a4:14:d7:bc:fc:08:53:b1:
9d:89:a3:42:30:ff:84:66:5c:9d:e6:87:15:bc:98:
d7:5a:ef:af:56:52:fa:14:f8:ea:63:38:8d:d8:d0:
31:3b:be:b7:2e:58:e5:4e:2e:87:fe:74:d4:bb:cc:
79:4c:aa:11:58:03:66:49:5c:8c:c7:b8:a8:8e:c1:
36:ce:f4:e3:cc:7b:fe:00:48:9d:33:85:3a:be:3f:
3b:c4:15:73:5f:94:7e:fd:8b:6e:0a:5c:e4:63:3f:
ab:42:32:44:a5:3d:3c:57:ca:00:d7:c9:5e:5f:2d:
51:ae:79:0b:ea:1b:78:02:30:6b:cd:6d:06:86:7c:
b8:ef:2e:7b:d1:b9:d1:d1:eb:70:77:4d:b3:41:24:
f9:80:e0:ba:61:1a:8e:e5:a3:06:5c:9f:66:24:bc:
49:d0:4b:f5:40:bb:5e:4e:d2:36:22:ce:28:25:39:
72:38:29:9a:f7:4e:30:70:b0:7e:21:6b:66:c8:45:
f1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:70:E2:4C:2D:C8:5A:74:A2:DF:1E:9D:8C:EF:27:A9:82:88:9B:35
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/d3DiTC3IWnSi3x6djO8nqYKImzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/23
152.89.135.0/24
192.145.19.0/24
Signature Algorithm: sha256WithRSAEncryption
86:33:c1:bc:86:2c:97:c2:54:1c:56:f0:dc:77:73:c3:e5:d5:
cc:2a:2c:3d:9b:52:8a:9d:50:1b:48:a6:f9:f6:20:42:7e:96:
43:a8:49:34:ca:23:94:19:3f:42:0d:b4:56:7c:ef:9a:df:6d:
4c:38:94:d8:59:bd:3e:ae:4e:4c:cc:2c:f5:b9:1a:cb:60:64:
18:4c:f7:92:35:de:cc:94:17:74:1c:55:c4:3a:49:e5:90:41:
98:b8:f1:85:cc:7e:5c:18:80:47:fd:16:f2:d2:96:6e:a7:73:
42:44:87:65:0f:0e:68:6f:5c:14:44:1f:c9:6b:e5:9e:51:b8:
45:41:d9:bc:40:0b:86:cb:e0:cf:47:9c:8f:15:83:2f:76:43:
96:94:8d:13:e9:6e:18:de:93:10:0c:ac:26:57:d9:62:94:69:
f3:15:0c:5b:3b:2a:80:a7:e2:24:96:6e:e2:3f:74:b1:20:81:
5c:b0:9c:02:fb:0f:a5:34:57:94:ca:31:8e:17:0a:6e:a1:4e:
a3:26:c8:0c:6f:6a:23:1f:4e:cd:33:10:0b:87:e2:14:7a:09:
6d:63:ae:8b:fa:d7:83:19:7b:9c:09:bc:96:a9:c5:0e:9e:96:
5d:3b:d8:40:98:6f:81:7a:01:0d:21:05:7b:60:4f:d8:7e:93:
27:e3:21:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY56O9SHbVPwLuT39tZ/qTYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjQwMzI2MTAwODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzcwZTI0YzJkYzg1YTc0YTJkZjFlOWQ4Y2VmMjdhOTgyODg5YjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgod4uTIFhUqW6FdVuZ96Smp7eCJR
hLamXzkZC1U7k/kxYCCWPAhWDKQp0EluWRxYiJ0VA7MU5ysw3mUCCq3+38e7pBTX
vPwIU7GdiaNCMP+EZlyd5ocVvJjXWu+vVlL6FPjqYziN2NAxO763LljlTi6H/nTU
u8x5TKoRWANmSVyMx7iojsE2zvTjzHv+AEidM4U6vj87xBVzX5R+/YtuClzkYz+r
QjJEpT08V8oA18leXy1RrnkL6ht4AjBrzW0Ghny47y570bnR0etwd02zQST5gOC6
YRqO5aMGXJ9mJLxJ0Ev1QLteTtI2Is4oJTlyOCma904wcLB+IWtmyEXxTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHdw4kwtyFp0ot8enYzvJ6mCiJs1MB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvZDNEaVRDM0lXblNpM3g2ZGpPOG5xWUtJbXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH89AAwQA
mFmHAwQAwJETMA0GCSqGSIb3DQEBCwUAA4IBAQCGM8G8hiyXwlQcVvDcd3PD5dXM
Kiw9m1KKnVAbSKb59iBCfpZDqEk0yiOUGT9CDbRWfO+a321MOJTYWb0+rk5MzCz1
uRrLYGQYTPeSNd7MlBd0HFXEOknlkEGYuPGFzH5cGIBH/Rby0pZup3NCRIdlDw5o
b1wURB/Ja+WeUbhFQdm8QAuGy+DPR5yPFYMvdkOWlI0T6W4Y3pMQDKwmV9lilGnz
FQxbOyqAp+Iklm7iP3SxIIFcsJwC+w+lNFeUyjGOFwpuoU6jJsgMb2ojH07NMxAL
h+IUegltY66L+teDGXucCbyWqcUOnpZdO9hAmG+BegENIQV7YE/YfpMn4yEH
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:48:03 2024 by rpki-client on console.sobornost.net