Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/qAnHfNHMNyzRvzfwPjkPES_tTw8.roa
File: qAnHfNHMNyzRvzfwPjkPES_tTw8.roa (raw, json)
Hash identifier: KGMat7jWOdqzRN+JD42xPSZI7jbShLNLhiPUA8C2N6Y=
Subject key identifier: A8:09:C7:7C:D1:CC:37:2C:D1:BF:37:F0:3E:39:0F:11:2F:ED:4F:0F
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01856E2669BDFD1B1E04AF75F4B8F171F85F
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/qAnHfNHMNyzRvzfwPjkPES_tTw8.roa
Signing time: Sun 01 Jan 2023 16:24:49 +0000
ROA not before: Sun 01 Jan 2023 16:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208435
IP address blocks: 31.133.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:69:bd:fd:1b:1e:04:af:75:f4:b8:f1:71:f8:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 1 16:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a809c77cd1cc372cd1bf37f03e390f112fed4f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:73:23:45:45:11:98:78:fa:00:58:d2:85:2c:
33:a6:21:6b:7d:cf:6d:4c:76:ad:76:72:ea:05:3b:
c9:90:5f:cd:5c:8a:71:a1:77:e4:5c:67:b9:83:ec:
13:f2:02:5b:75:a5:df:28:86:5a:3e:eb:de:c5:59:
d7:0c:55:ef:be:53:73:a0:4a:cc:a4:84:fc:c3:9c:
2e:4b:fc:69:82:d6:4e:ef:9d:c7:2d:9b:22:66:7c:
67:c6:29:ec:02:7d:b6:a9:1d:dd:e7:4b:7f:fb:2b:
b0:06:94:17:c4:bb:c6:1e:34:e7:ad:65:b4:a7:ee:
6e:2d:e9:32:55:68:a5:96:27:a4:8a:bb:db:65:56:
82:79:da:39:09:dd:3f:d1:59:a6:46:b6:68:4e:56:
07:03:4c:8e:80:f9:d1:3c:19:ea:ac:91:b5:a8:cf:
ea:d2:3c:c4:77:b9:49:aa:06:20:02:75:45:7d:8e:
a1:60:0f:9d:db:23:10:06:9e:41:e4:18:3f:a6:60:
91:c5:c4:ae:06:23:dd:26:5e:03:47:9b:f0:f1:77:
16:b5:68:fd:db:00:99:74:5f:ec:e1:85:60:6a:47:
24:cb:75:10:5f:9b:a2:7e:80:9d:a9:31:69:54:de:
63:f8:11:ab:1b:fe:d0:9c:5e:df:88:a4:d4:7f:b4:
c2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:09:C7:7C:D1:CC:37:2C:D1:BF:37:F0:3E:39:0F:11:2F:ED:4F:0F
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/qAnHfNHMNyzRvzfwPjkPES_tTw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:5b:ba:93:d8:e4:71:7f:b6:40:1f:e5:e7:5e:ce:8a:b3:29:
33:b3:b1:a6:8e:6d:3a:14:bf:cf:9c:24:03:69:82:91:16:98:
77:8f:a3:b2:b7:46:eb:7a:6b:60:05:67:b0:0f:a2:89:03:aa:
6f:75:08:7b:7c:b2:49:a7:ed:2d:54:1f:32:40:dc:3f:ad:e7:
c1:eb:ae:b0:b4:4f:52:f4:a9:21:0d:ba:26:75:2b:c2:6c:7e:
ca:4b:45:92:a1:f5:1e:e7:28:b6:f1:fe:cd:67:83:39:bd:3a:
bd:14:2a:d1:ac:b5:68:53:ba:f9:80:f1:15:f7:01:5a:2e:81:
36:84:d6:4e:c0:cc:11:f3:92:94:97:bf:27:8c:d0:a4:1f:97:
cd:66:e3:17:c6:f7:1a:e6:c8:04:e7:b9:30:8c:b8:df:04:7c:
ea:45:48:50:19:10:f8:23:03:f1:b5:9c:b0:e4:4d:53:6a:24:
3f:cf:88:58:b7:3f:e0:6f:c5:3c:9f:12:c5:60:6e:24:c0:a7:
10:97:96:33:fc:dd:12:5a:c4:dd:f6:3b:cd:9d:3a:a9:1f:76:
2c:72:39:25:58:41:bd:90:ab:f4:93:ba:dc:30:75:f4:ce:e9:
d7:a6:74:74:7d:0a:b2:da:6f:73:32:a3:29:c5:8e:54:ab:91:
1a:14:b3:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJmm9/RseBK919LjxcfhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjMwMTAxMTYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA5Yzc3Y2QxY2MzNzJjZDFiZjM3ZjAzZTM5MGYxMTJmZWQ0ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXMjRUURmHj6AFjShSwzpiFrfc9t
THatdnLqBTvJkF/NXIpxoXfkXGe5g+wT8gJbdaXfKIZaPuvexVnXDFXvvlNzoErM
pIT8w5wuS/xpgtZO753HLZsiZnxnxinsAn22qR3d50t/+yuwBpQXxLvGHjTnrWW0
p+5uLekyVWilliekirvbZVaCedo5Cd0/0VmmRrZoTlYHA0yOgPnRPBnqrJG1qM/q
0jzEd7lJqgYgAnVFfY6hYA+d2yMQBp5B5Bg/pmCRxcSuBiPdJl4DR5vw8XcWtWj9
2wCZdF/s4YVgakcky3UQX5uifoCdqTFpVN5j+BGrG/7QnF7fiKTUf7TCtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgJx3zRzDcs0b838D45DxEv7U8PMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvcUFuSGZOSE1OeXpSdnpmd1Bqa1BFU190VHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH4UvMA0G
CSqGSIb3DQEBCwUAA4IBAQCKW7qT2ORxf7ZAH+XnXs6Ksykzs7Gmjm06FL/PnCQD
aYKRFph3j6Oyt0bremtgBWewD6KJA6pvdQh7fLJJp+0tVB8yQNw/refB666wtE9S
9KkhDbomdSvCbH7KS0WSofUe5yi28f7NZ4M5vTq9FCrRrLVoU7r5gPEV9wFaLoE2
hNZOwMwR85KUl78njNCkH5fNZuMXxvca5sgE57kwjLjfBHzqRUhQGRD4IwPxtZyw
5E1TaiQ/z4hYtz/gb8U8nxLFYG4kwKcQl5Yz/N0SWsTd9jvNnTqpH3YscjklWEG9
kKv0k7rcMHX0zunXpnR0fQqy2m9zMqMpxY5Uq5EaFLOy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:48 2024 by rpki-client on console-ams.rpki-client.org