Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/ROPj-0rwDlP04dlp0FYXhKidFxg.roa
File: ROPj-0rwDlP04dlp0FYXhKidFxg.roa (raw, json)
Hash identifier: Y3QzgyFKTlO4wK5Pc/9jUeZQIk1owJs7waPzSyVqcPE=
Subject key identifier: 44:E3:E3:FB:4A:F0:0E:53:F4:E1:D9:69:D0:56:17:84:A8:9D:17:18
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 01897328835D13CE6173B41C9FED4CC05687
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/ROPj-0rwDlP04dlp0FYXhKidFxg.roa
Signing time: Thu 20 Jul 2023 11:56:22 +0000
ROA not before: Thu 20 Jul 2023 11:56:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61352
IP address blocks: 31.12.56.0/21 maxlen: 21
2a02:101c::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:28:83:5d:13:ce:61:73:b4:1c:9f:ed:4c:c0:56:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Jul 20 11:56:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44e3e3fb4af00e53f4e1d969d0561784a89d1718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ee:68:c1:58:53:07:bb:47:39:b8:79:5c:7e:
02:09:45:61:e6:ab:22:7f:3a:b3:ad:bf:b6:29:34:
1f:39:80:cc:a9:a2:a0:81:d5:f5:9d:4b:3c:9a:09:
07:63:74:3e:bf:ec:79:96:1e:50:1f:c4:97:95:02:
f9:50:04:b6:93:84:3f:6e:8d:e2:bf:e6:76:f5:3b:
eb:c4:3b:69:66:a4:e6:05:1b:4c:73:82:a9:a4:af:
5c:7e:a1:9c:97:61:58:20:f4:a2:5b:9a:a5:81:45:
b6:e2:9c:5b:b3:88:c5:7a:26:dd:9b:22:fe:30:f8:
90:3c:ad:ce:83:1f:8d:5e:cc:7b:0b:a4:bd:67:43:
1c:cb:1d:b7:ad:43:b7:65:14:84:c0:2e:c9:50:bc:
ea:15:d5:d3:83:0b:4c:6a:ac:73:51:1b:19:32:02:
08:c3:4e:32:9c:19:a6:8a:60:86:cd:34:e6:ba:2e:
03:80:68:5d:07:24:fe:b0:2a:43:02:a4:d9:38:3b:
9e:44:47:9c:ed:81:ea:07:d7:67:37:41:24:71:c1:
8f:3a:72:88:e4:40:b6:58:a4:29:03:f9:67:f8:42:
b3:f4:32:24:35:a9:86:56:09:a0:c7:0a:89:b3:88:
1a:16:f9:fa:d3:89:28:26:d4:f4:3d:f5:2e:d5:db:
61:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E3:E3:FB:4A:F0:0E:53:F4:E1:D9:69:D0:56:17:84:A8:9D:17:18
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/ROPj-0rwDlP04dlp0FYXhKidFxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.56.0/21
IPv6:
2a02:101c::/32
Signature Algorithm: sha256WithRSAEncryption
5e:41:e2:d8:60:ed:cb:30:42:3e:ad:42:fe:22:4e:e4:ac:1b:
0b:67:31:ab:7b:59:85:bd:4c:07:6a:77:78:93:64:c6:e0:65:
4b:da:9f:c2:a9:a7:bd:c4:89:43:19:2c:fa:cd:28:87:cd:d7:
0e:53:65:f1:53:79:a7:9a:8e:9a:5f:d7:13:da:b0:3a:31:3f:
5b:57:06:77:37:c1:cb:b2:9a:1e:bf:af:d0:6d:4e:7f:9c:16:
59:c8:56:85:1a:a3:4e:6c:ff:d1:b6:d4:af:8d:d6:66:d6:80:
53:aa:23:b7:00:1c:a9:83:e5:2a:13:ea:ad:17:de:37:1b:b6:
bc:c4:82:bd:4e:f1:10:16:82:46:90:b2:6f:7e:af:0c:30:c2:
62:fb:5b:c8:bc:c3:87:c0:de:45:7b:6e:66:70:b4:37:f0:4d:
5a:fa:f1:a3:86:cd:dc:36:d1:f5:3d:36:a6:e5:3d:2a:48:ca:
58:8b:84:09:85:8b:f7:ed:02:fc:c9:8a:8b:cf:66:4b:5e:7b:
93:38:a2:ce:d7:8d:f3:fa:30:81:94:83:9f:68:44:11:77:41:
64:cb:4c:1c:ff:59:34:7a:24:46:cd:9b:e6:c1:3e:70:8e:3e:
86:e1:99:2b:c5:19:87:fe:2b:3c:c8:71:28:e8:fc:cf:b6:6e:
ea:72:9e:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlzKINdE85hc7Qcn+1MwFaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjMwNzIwMTE1NjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGUzZTNmYjRhZjAwZTUzZjRlMWQ5NjlkMDU2MTc4NGE4OWQxNzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+5owVhTB7tHObh5XH4CCUVh5qsi
fzqzrb+2KTQfOYDMqaKggdX1nUs8mgkHY3Q+v+x5lh5QH8SXlQL5UAS2k4Q/bo3i
v+Z29TvrxDtpZqTmBRtMc4KppK9cfqGcl2FYIPSiW5qlgUW24pxbs4jFeibdmyL+
MPiQPK3Ogx+NXsx7C6S9Z0Mcyx23rUO3ZRSEwC7JULzqFdXTgwtMaqxzURsZMgII
w04ynBmmimCGzTTmui4DgGhdByT+sCpDAqTZODueREec7YHqB9dnN0EkccGPOnKI
5EC2WKQpA/ln+EKz9DIkNamGVgmgxwqJs4gaFvn604koJtT0PfUu1dthXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFETj4/tK8A5T9OHZadBWF4SonRcYMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvUk9Qai0wcndEbFAwNGRscDBGWVhoS2lkRnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDHww4MA0E
AgACMAcDBQAqAhAcMA0GCSqGSIb3DQEBCwUAA4IBAQBeQeLYYO3LMEI+rUL+Ik7k
rBsLZzGre1mFvUwHand4k2TG4GVL2p/Cqae9xIlDGSz6zSiHzdcOU2XxU3mnmo6a
X9cT2rA6MT9bVwZ3N8HLspoev6/QbU5/nBZZyFaFGqNObP/RttSvjdZm1oBTqiO3
ABypg+UqE+qtF943G7a8xIK9TvEQFoJGkLJvfq8MMMJi+1vIvMOHwN5Fe25mcLQ3
8E1a+vGjhs3cNtH1PTam5T0qSMpYi4QJhYv37QL8yYqLz2ZLXnuTOKLO143z+jCB
lIOfaEQRd0Fky0wc/1k0eiRGzZvmwT5wjj6G4ZkrxRmH/is8yHEo6PzPtm7qcp7R
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:30 2024 by rpki-client on console-ams.rpki-client.org