Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/2kVp4qD2GVGLObdN3qdiP21a2gQ.roa
File: 2kVp4qD2GVGLObdN3qdiP21a2gQ.roa (raw, json)
Hash identifier: qf2iJOGkxSlYgv2n9pWLY5803qZePyG8Yv5/uTsPryY=
Subject key identifier: DA:45:69:E2:A0:F6:19:51:8B:39:B7:4D:DE:A7:62:3F:6D:5A:DA:04
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01856E2662A017CA4BA8B97D598C2D5CD603
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/2kVp4qD2GVGLObdN3qdiP21a2gQ.roa
Signing time: Sun 01 Jan 2023 16:24:47 +0000
ROA not before: Sun 01 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39089
IP address blocks: 31.133.56.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:62:a0:17:ca:4b:a8:b9:7d:59:8c:2d:5c:d6:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da4569e2a0f619518b39b74ddea7623f6d5ada04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0a:06:0d:28:e0:e8:b3:10:78:d4:c1:83:3c:
67:51:fb:f9:2e:d3:a7:be:25:53:58:3d:62:5a:ea:
69:0e:d2:71:0f:99:eb:46:67:59:90:da:86:5d:c6:
72:2c:d5:98:bc:f0:ef:03:fc:25:e4:27:9a:44:6e:
2e:b9:7b:e1:f9:b4:db:be:ce:e9:38:2a:64:22:33:
7b:30:11:8e:00:54:e2:d8:9c:47:9b:fd:be:f9:53:
7e:b4:52:e6:ea:d1:fe:27:12:c8:fe:0a:24:52:2e:
c5:8e:55:a0:1c:7c:9e:53:36:cf:08:a4:a9:6d:b5:
82:c7:9f:6f:45:94:43:32:63:03:4a:23:a8:47:bc:
8f:e9:34:dd:d9:99:33:19:a4:4f:a1:df:36:57:18:
4e:6b:f8:a0:f9:ac:07:e5:0c:01:7f:58:cf:95:b0:
a6:e8:c7:21:fe:7e:b2:48:00:fb:74:f8:df:7e:60:
b9:b8:fc:35:42:d5:a8:4a:33:42:78:0e:61:17:96:
09:09:64:34:91:eb:d4:d5:84:ba:aa:fa:12:46:7c:
db:e4:0f:87:7e:13:c0:4f:df:98:d8:52:a7:5c:79:
9d:2e:f9:20:4c:77:88:1f:62:92:8f:34:54:15:08:
cb:50:3b:90:fd:78:a6:40:94:5d:5a:ab:29:1f:9c:
dc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:45:69:E2:A0:F6:19:51:8B:39:B7:4D:DE:A7:62:3F:6D:5A:DA:04
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/2kVp4qD2GVGLObdN3qdiP21a2gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.56.0/21
Signature Algorithm: sha256WithRSAEncryption
a9:7f:ed:6e:7d:ef:51:3f:24:9d:b0:f0:60:fc:32:f4:af:47:
5d:60:47:25:dd:2e:7f:52:07:18:58:7d:81:97:37:40:2c:f5:
21:38:c2:d9:c2:56:cc:ef:5f:de:ac:33:67:80:15:36:b0:32:
54:00:e7:a3:69:ec:72:4c:21:9f:18:54:3e:51:e1:b1:cb:7f:
12:e9:3b:a4:f6:3e:63:2c:30:01:dd:fc:a4:5d:05:5f:38:37:
87:eb:ed:12:5f:dc:8a:79:db:86:29:9b:15:c9:28:5f:94:1b:
ed:4a:88:97:3c:14:31:5d:3a:ba:8b:a9:8f:17:49:aa:1b:54:
68:f6:cd:c2:da:4f:86:a6:95:8a:f5:7a:74:fa:15:b1:a6:ab:
a7:24:93:fb:c0:e6:51:be:33:91:e3:29:77:31:60:53:81:48:
7b:d3:b0:ca:fd:1c:7d:aa:97:6c:da:1a:ce:67:12:7d:be:c4:
c6:6d:c6:30:39:c2:03:f5:d0:59:7c:1f:7d:6b:a1:c0:a1:07:
32:4c:62:7c:a9:e0:65:1c:86:d7:75:aa:85:df:a5:b9:06:0b:
32:97:52:15:9b:70:d1:25:2b:f2:aa:f9:2b:29:1d:a6:56:9f:
b1:98:ad:bb:24:23:6d:18:dd:82:0c:bb:45:43:cc:d0:99:e1:
e1:ff:b0:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJmKgF8pLqLl9WYwtXNYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwMTAxMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ1NjllMmEwZjYxOTUxOGIzOWI3NGRkZWE3NjIzZjZkNWFkYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQoGDSjg6LMQeNTBgzxnUfv5LtOn
viVTWD1iWuppDtJxD5nrRmdZkNqGXcZyLNWYvPDvA/wl5CeaRG4uuXvh+bTbvs7p
OCpkIjN7MBGOAFTi2JxHm/2++VN+tFLm6tH+JxLI/gokUi7FjlWgHHyeUzbPCKSp
bbWCx59vRZRDMmMDSiOoR7yP6TTd2ZkzGaRPod82VxhOa/ig+awH5QwBf1jPlbCm
6Mch/n6ySAD7dPjffmC5uPw1QtWoSjNCeA5hF5YJCWQ0kevU1YS6qvoSRnzb5A+H
fhPAT9+Y2FKnXHmdLvkgTHeIH2KSjzRUFQjLUDuQ/XimQJRdWqspH5zcuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpFaeKg9hlRizm3Td6nYj9tWtoEMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvMmtWcDRxRDJHVkdMT2JkTjNxZGlQMjFhMmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4U4MA0G
CSqGSIb3DQEBCwUAA4IBAQCpf+1ufe9RPySdsPBg/DL0r0ddYEcl3S5/UgcYWH2B
lzdALPUhOMLZwlbM71/erDNngBU2sDJUAOejaexyTCGfGFQ+UeGxy38S6Tuk9j5j
LDAB3fykXQVfODeH6+0SX9yKeduGKZsVyShflBvtSoiXPBQxXTq6i6mPF0mqG1Ro
9s3C2k+GppWK9Xp0+hWxpqunJJP7wOZRvjOR4yl3MWBTgUh707DK/Rx9qpds2hrO
ZxJ9vsTGbcYwOcID9dBZfB99a6HAoQcyTGJ8qeBlHIbXdaqF36W5Bgsyl1IVm3DR
JSvyqvkrKR2mVp+xmK27JCNtGN2CDLtFQ8zQmeHh/7BS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:41 2024 by rpki-client on console-ams.rpki-client.org