Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/996cf4-67ea-413d-9317-7eca205fafcb/1/RYcjbZDkW46sGr9s4vw0zawFIPw.roa
File: RYcjbZDkW46sGr9s4vw0zawFIPw.roa (raw, json)
Hash identifier: pp8AulOCik4OT2aol5ldrEytfiMld14jIA9zoTIMT/4=
Subject key identifier: 45:87:23:6D:90:E4:5B:8E:AC:1A:BF:6C:E2:FC:34:CD:AC:05:20:FC
Certificate issuer: /CN=c56f772bf3c4641a71bf7f4bc4de11c93addfea6
Certificate serial: 01856EC21C4F6100709309E6E2835A003859
Authority key identifier: C5:6F:77:2B:F3:C4:64:1A:71:BF:7F:4B:C4:DE:11:C9:3A:DD:FE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xW93K_PEZBpxv39LxN4RyTrd_qY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/996cf4-67ea-413d-9317-7eca205fafcb/1/RYcjbZDkW46sGr9s4vw0zawFIPw.roa
Signing time: Sun 01 Jan 2023 19:14:53 +0000
ROA not before: Sun 01 Jan 2023 19:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210670
IP address blocks: 31.222.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:1c:4f:61:00:70:93:09:e6:e2:83:5a:00:38:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c56f772bf3c4641a71bf7f4bc4de11c93addfea6
Validity
Not Before: Jan 1 19:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4587236d90e45b8eac1abf6ce2fc34cdac0520fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9d:87:8b:9c:58:2c:07:69:c8:7f:fe:a0:f2:
0e:d0:cd:9f:18:ec:50:29:66:26:25:f3:45:e7:3a:
cb:5d:be:e2:2c:4d:3e:ab:05:ee:b2:e0:e2:65:d1:
13:bd:bb:e3:ed:6b:ca:54:36:ec:b2:e7:1a:78:94:
a9:d7:f4:d2:4a:10:81:c1:1d:f3:2a:c5:5e:22:a4:
d4:eb:ef:62:5a:04:85:1f:09:dc:00:c9:f7:a8:27:
4c:ec:21:cf:0b:24:9b:fa:3f:7b:cb:05:ee:b0:32:
17:a3:ab:d7:71:25:62:4f:89:76:85:70:53:4a:93:
96:55:dc:9c:de:fb:b2:93:a6:dc:0f:96:df:1d:be:
92:3a:3b:70:61:66:31:c4:6c:24:a6:4b:9c:c7:63:
e2:2b:6e:77:fd:97:4f:6f:9e:af:48:a7:f0:42:67:
e5:ea:f9:3a:19:43:e8:dc:77:fa:bf:ff:a4:a9:46:
05:38:81:52:27:ad:d0:5f:63:22:a9:7f:92:1c:9e:
9f:05:bd:16:a3:0d:ea:4a:91:98:a4:15:77:45:11:
ae:c9:f5:c7:b6:1c:2a:46:b7:84:9a:77:06:56:7c:
b7:6b:07:72:5c:4b:b3:8d:b5:c8:ac:27:12:12:14:
37:eb:a4:a8:83:a0:c1:6f:8a:5a:9f:2c:7d:4b:33:
51:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:87:23:6D:90:E4:5B:8E:AC:1A:BF:6C:E2:FC:34:CD:AC:05:20:FC
X509v3 Authority Key Identifier:
keyid:C5:6F:77:2B:F3:C4:64:1A:71:BF:7F:4B:C4:DE:11:C9:3A:DD:FE:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xW93K_PEZBpxv39LxN4RyTrd_qY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/996cf4-67ea-413d-9317-7eca205fafcb/1/RYcjbZDkW46sGr9s4vw0zawFIPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/996cf4-67ea-413d-9317-7eca205fafcb/1/xW93K_PEZBpxv39LxN4RyTrd_qY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.232.0/24
Signature Algorithm: sha256WithRSAEncryption
42:22:9e:bd:fc:f7:41:dc:21:bc:59:c4:e5:4f:03:ad:7a:d2:
0d:cc:cc:20:2b:99:8c:9b:f8:14:7d:66:d0:8c:e4:7c:82:80:
c8:1c:05:97:01:5d:61:50:21:ef:02:f0:c8:5d:5a:27:78:ba:
c4:7c:bd:ae:8b:e5:ae:e1:5f:1c:a8:ad:44:9d:16:a5:61:31:
42:3c:3d:e0:9f:fa:a0:e0:21:1e:54:36:81:95:d5:aa:4d:64:
9c:1f:b9:38:12:af:7f:e7:97:22:b0:fa:55:cf:1f:7e:1d:62:
bc:72:f5:f0:29:81:86:83:3a:e5:b0:c6:1a:d0:e3:36:e6:59:
4c:82:eb:82:a2:64:fe:d5:17:53:a8:42:f4:97:1f:44:68:bc:
89:81:9e:1a:78:68:60:b5:cd:52:90:96:57:4e:8b:eb:a3:9d:
8a:7e:43:5c:0b:72:eb:a3:95:e0:17:53:83:58:70:6e:7e:32:
e5:67:9d:93:d5:7d:2e:27:16:75:45:c9:fe:6c:4b:39:7b:0a:
8f:88:57:f2:92:e8:15:56:77:41:da:34:c7:34:70:cb:ac:01:
51:a0:56:8c:32:b4:cb:9f:87:ec:03:82:56:c3:be:cd:54:36:
a3:99:6a:4c:5f:d3:c1:df:43:81:7f:63:b0:23:73:64:9e:e7:
18:2d:fb:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwhxPYQBwkwnm4oNaADhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NmY3NzJiZjNjNDY0MWE3MWJmN2Y0YmM0ZGUxMWM5M2Fk
ZGZlYTYwHhcNMjMwMTAxMTkxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTg3MjM2ZDkwZTQ1YjhlYWMxYWJmNmNlMmZjMzRjZGFjMDUyMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ2Hi5xYLAdpyH/+oPIO0M2fGOxQ
KWYmJfNF5zrLXb7iLE0+qwXusuDiZdETvbvj7WvKVDbssucaeJSp1/TSShCBwR3z
KsVeIqTU6+9iWgSFHwncAMn3qCdM7CHPCySb+j97ywXusDIXo6vXcSViT4l2hXBT
SpOWVdyc3vuyk6bcD5bfHb6SOjtwYWYxxGwkpkucx2PiK253/ZdPb56vSKfwQmfl
6vk6GUPo3Hf6v/+kqUYFOIFSJ63QX2MiqX+SHJ6fBb0Wow3qSpGYpBV3RRGuyfXH
thwqRreEmncGVny3awdyXEuzjbXIrCcSEhQ366Sog6DBb4panyx9SzNR4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEWHI22Q5FuOrBq/bOL8NM2sBSD8MB8GA1UdIwQY
MBaAFMVvdyvzxGQacb9/S8TeEck63f6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFc5M0tfUEVaQnB4djM5THhONFJ5VHJkX3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OTZjZjQtNjdlYS00MTNkLTkzMTct
N2VjYTIwNWZhZmNiLzEvUlljamJaRGtXNDZzR3I5czR2dzB6YXdGSVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OTZjZjQtNjdlYS00MTNkLTkzMTctN2VjYTIwNWZhZmNi
LzEveFc5M0tfUEVaQnB4djM5THhONFJ5VHJkX3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH97oMA0G
CSqGSIb3DQEBCwUAA4IBAQBCIp69/PdB3CG8WcTlTwOtetINzMwgK5mMm/gUfWbQ
jOR8goDIHAWXAV1hUCHvAvDIXVoneLrEfL2ui+Wu4V8cqK1EnRalYTFCPD3gn/qg
4CEeVDaBldWqTWScH7k4Eq9/55cisPpVzx9+HWK8cvXwKYGGgzrlsMYa0OM25llM
guuComT+1RdTqEL0lx9EaLyJgZ4aeGhgtc1SkJZXTovro52KfkNcC3Lro5XgF1OD
WHBufjLlZ52T1X0uJxZ1Rcn+bEs5ewqPiFfykugVVndB2jTHNHDLrAFRoFaMMrTL
n4fsA4JWw77NVDajmWpMX9PB30OBf2OwI3NknucYLftn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:21 2024 by rpki-client on console-fra.rpki-client.org