Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OTQFA0kYjiONalZjKy5K5xLEsCA.roa
File: OTQFA0kYjiONalZjKy5K5xLEsCA.roa (raw, json)
Hash identifier: MdldfltiZMut9r3ae9dtxe2WCW44D0pzOio9I9mJxK4=
Subject key identifier: 39:34:05:03:49:18:8E:23:8D:6A:56:63:2B:2E:4A:E7:12:C4:B0:20
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B8F1E67141CA2C92960CD6B76C3938409
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OTQFA0kYjiONalZjKy5K5xLEsCA.roa
Signing time: Thu 02 Nov 2023 08:20:16 +0000
ROA not before: Thu 02 Nov 2023 08:20:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42794
IP address blocks: 31.13.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:1e:67:14:1c:a2:c9:29:60:cd:6b:76:c3:93:84:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 2 08:20:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3934050349188e238d6a56632b2e4ae712c4b020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d6:ab:16:77:22:91:d6:d5:91:d2:df:30:c4:
29:2f:61:1b:34:40:cf:ce:8c:d3:cb:b2:ad:fc:be:
e0:85:f0:f3:a4:18:60:1f:d5:ec:95:e9:2f:14:6c:
79:fa:9c:63:c2:67:d8:64:53:2e:ab:27:2c:f8:f1:
89:68:36:b8:6a:68:1e:bf:ce:08:8e:36:9c:26:a5:
ab:44:18:13:01:45:2f:da:3d:3d:c9:10:a8:bb:a8:
bb:21:da:5f:3b:f6:f0:57:ed:fe:4a:5b:87:c9:60:
b2:8d:8c:35:1a:3e:25:7f:97:39:aa:f2:f8:e4:c4:
6a:51:ab:38:fa:35:3f:ba:24:b0:f3:26:b9:1e:80:
29:b1:08:b0:f5:3d:16:f4:96:14:a2:a1:11:52:0e:
b3:59:7a:7e:97:57:c1:d3:ce:ae:05:44:d3:bb:51:
16:34:95:56:e0:39:8e:8f:c7:ca:9e:7c:b1:92:5b:
5e:30:9b:75:81:e3:20:7d:5b:da:dd:9e:5c:8d:b8:
5a:38:ac:fc:f3:7d:a9:4d:08:a1:01:09:49:1a:0f:
35:bc:64:6e:2b:94:dc:c3:63:27:d0:cc:84:dc:da:
94:bc:ba:ed:82:39:af:10:3a:95:53:77:19:e9:08:
00:0c:c2:95:db:73:a6:13:d3:d1:c7:cd:ea:db:d8:
7a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:34:05:03:49:18:8E:23:8D:6A:56:63:2B:2E:4A:E7:12:C4:B0:20
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OTQFA0kYjiONalZjKy5K5xLEsCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.198.0/24
Signature Algorithm: sha256WithRSAEncryption
34:fb:9c:dc:d3:6f:92:bf:ee:81:79:e5:82:36:68:11:10:50:
78:47:06:72:e3:4c:ca:15:32:08:b6:20:e2:91:e7:12:58:80:
f5:01:23:54:d4:5b:d4:14:eb:24:d9:1f:05:b7:ca:e8:18:43:
c5:4f:b8:42:6a:29:1f:f7:ab:f8:c3:84:6d:39:58:9b:96:b2:
ec:3d:98:17:c0:58:1b:a3:2b:1c:fc:09:cd:bf:e1:ef:70:12:
8c:77:2f:66:87:63:b6:8f:79:f0:94:44:6f:23:44:10:c4:0d:
85:f9:d6:62:18:ea:0c:37:9a:96:73:22:27:20:69:56:a8:a5:
b5:2d:fd:1d:59:77:40:10:f2:58:14:f8:9e:32:b3:d3:fe:bd:
a5:e7:e4:2d:bd:58:6f:59:36:2f:59:04:d8:2c:e4:19:33:31:
27:ff:c0:5d:bd:fe:a0:de:61:b9:eb:20:5d:3c:4d:3d:67:d4:
92:57:a4:b9:20:f6:51:40:95:7d:e1:4c:73:d9:6d:02:0c:c0:
73:5c:53:b0:74:84:af:23:d1:53:b7:cb:c0:1f:7b:5c:34:b0:
5f:e0:d9:7c:84:c3:83:bb:00:7e:0f:f0:f3:76:ed:39:c3:79:
1a:80:ad:bc:62:d7:ba:3a:28:89:c8:2a:d9:75:da:a1:28:6b:
6b:c7:b8:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuPHmcUHKLJKWDNa3bDk4QJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAyMDgyMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM0MDUwMzQ5MTg4ZTIzOGQ2YTU2NjMyYjJlNGFlNzEyYzRiMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49arFncikdbVkdLfMMQpL2EbNEDP
zozTy7Kt/L7ghfDzpBhgH9XslekvFGx5+pxjwmfYZFMuqycs+PGJaDa4amgev84I
jjacJqWrRBgTAUUv2j09yRCou6i7IdpfO/bwV+3+SluHyWCyjYw1Gj4lf5c5qvL4
5MRqUas4+jU/uiSw8ya5HoApsQiw9T0W9JYUoqERUg6zWXp+l1fB086uBUTTu1EW
NJVW4DmOj8fKnnyxklteMJt1geMgfVva3Z5cjbhaOKz8832pTQihAQlJGg81vGRu
K5Tcw2Mn0MyE3NqUvLrtgjmvEDqVU3cZ6QgADMKV23OmE9PRx83q29h69wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk0BQNJGI4jjWpWYysuSucSxLAgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT1RRRkEwa1lqaU9OYWxaakt5NUs1eExFc0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw3GMA0G
CSqGSIb3DQEBCwUAA4IBAQA0+5zc02+Sv+6BeeWCNmgREFB4RwZy40zKFTIItiDi
kecSWID1ASNU1FvUFOsk2R8Ft8roGEPFT7hCaikf96v4w4RtOViblrLsPZgXwFgb
oysc/AnNv+HvcBKMdy9mh2O2j3nwlERvI0QQxA2F+dZiGOoMN5qWcyInIGlWqKW1
Lf0dWXdAEPJYFPieMrPT/r2l5+QtvVhvWTYvWQTYLOQZMzEn/8Bdvf6g3mG56yBd
PE09Z9SSV6S5IPZRQJV94Uxz2W0CDMBzXFOwdISvI9FTt8vAH3tcNLBf4Nl8hMOD
uwB+D/Dzdu05w3kagK28Yte6OiiJyCrZddqhKGtrx7jI
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:10 2024 by rpki-client on console-ams.rpki-client.org