Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/3ruIdaoC5GpH7lLaeU4xtrAknVk.roa
File: 3ruIdaoC5GpH7lLaeU4xtrAknVk.roa (raw, json)
Hash identifier: 9XZDFb5fuxYkHFZqInbvrLaf94JVtD7E5nhSQaOQnDM=
Subject key identifier: DE:BB:88:75:AA:02:E4:6A:47:EE:52:DA:79:4E:31:B6:B0:24:9D:59
Certificate issuer: /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial: 018CC6B93AE4F6407398207B9E6C91076CF4
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/3ruIdaoC5GpH7lLaeU4xtrAknVk.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206409
IP address blocks: 31.145.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3a:e4:f6:40:73:98:20:7b:9e:6c:91:07:6c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=debb8875aa02e46a47ee52da794e31b6b0249d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f0:a8:5e:90:ff:7b:66:0f:0d:cb:30:9d:74:
be:af:b5:1a:85:ec:33:b6:5d:19:56:75:40:69:4c:
c9:b5:95:77:7a:d1:a4:0a:40:cb:8f:00:ed:98:31:
57:55:aa:a9:84:1c:4c:2e:37:b1:aa:4a:31:f9:eb:
19:48:5a:dc:cf:56:e4:da:06:78:c0:63:76:de:ab:
59:ac:b6:37:82:4a:90:b6:8f:49:d3:d3:26:49:48:
26:a9:59:61:d9:16:d3:de:d8:0c:6e:ff:a6:68:be:
5b:eb:ec:66:46:84:55:30:f0:f4:2e:3f:af:a7:45:
9c:55:93:94:f1:0e:81:57:73:33:29:8f:e2:2e:8f:
dc:fe:01:d1:aa:06:59:1b:da:bf:28:e0:3f:74:95:
6d:20:73:03:e9:ca:a3:14:15:fa:fa:e4:8b:0f:b2:
8b:b8:ab:36:5c:80:25:4b:c8:db:30:42:3c:ef:16:
92:d3:d7:c9:d6:42:06:1c:4b:d0:61:00:eb:c7:05:
1e:c1:79:fe:68:ee:df:ec:6f:88:da:a3:f3:c0:a0:
be:d1:2b:d5:6d:f3:3e:17:4a:6a:ec:b5:38:dd:48:
4c:f6:e0:ee:4b:a0:8c:69:99:e6:5b:65:fb:a2:95:
b7:a9:3f:70:d3:0d:69:fc:dc:29:e5:e3:6d:71:e0:
5d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BB:88:75:AA:02:E4:6A:47:EE:52:DA:79:4E:31:B6:B0:24:9D:59
X509v3 Authority Key Identifier:
keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/3ruIdaoC5GpH7lLaeU4xtrAknVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.145.59.0/24
Signature Algorithm: sha256WithRSAEncryption
70:a1:38:b5:a9:27:86:0f:33:6d:3f:a5:ca:e2:ee:09:6c:98:
ba:ab:99:ae:72:bf:b3:a7:5a:05:56:06:76:b8:51:bd:39:9d:
39:9d:88:c2:af:c2:f7:24:76:17:bc:f5:3d:41:7e:97:a3:43:
d4:5d:27:3d:a3:60:45:f0:f1:13:43:94:b2:a6:05:29:aa:e8:
a4:bf:82:60:c6:f4:7f:82:df:15:d7:cb:16:40:a0:af:2f:08:
0c:f3:9c:46:8b:e4:f8:96:69:0e:d2:82:97:d1:30:68:a7:a9:
75:41:89:38:f9:5a:b9:99:5d:c1:98:46:f2:58:92:99:22:67:
be:07:4d:87:8d:89:da:eb:fc:19:fd:a5:70:31:ec:db:ca:be:
77:d0:66:f8:2c:cd:41:ab:b1:73:82:13:4a:11:1e:9c:f2:e7:
36:c6:c7:9a:c0:8c:76:d1:0b:5c:52:44:c9:93:ab:00:24:9f:
3b:92:cf:2f:1e:7b:b0:9e:3e:34:cd:20:e3:b3:d6:ef:9c:31:
10:6e:fd:fd:15:f6:47:15:56:f9:a1:d6:27:fa:4b:a9:6b:d9:
3e:29:be:5f:a1:64:9f:0c:a7:92:2a:71:22:a7:06:ba:9b:23:
8c:04:16:0c:47:ca:d2:87:9f:41:0d:a1:10:5b:b4:11:aa:42:
bb:b8:53:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuTrk9kBzmCB7nmyRB2z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJiODg3NWFhMDJlNDZhNDdlZTUyZGE3OTRlMzFiNmIwMjQ5ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/CoXpD/e2YPDcswnXS+r7Uahewz
tl0ZVnVAaUzJtZV3etGkCkDLjwDtmDFXVaqphBxMLjexqkox+esZSFrcz1bk2gZ4
wGN23qtZrLY3gkqQto9J09MmSUgmqVlh2RbT3tgMbv+maL5b6+xmRoRVMPD0Lj+v
p0WcVZOU8Q6BV3MzKY/iLo/c/gHRqgZZG9q/KOA/dJVtIHMD6cqjFBX6+uSLD7KL
uKs2XIAlS8jbMEI87xaS09fJ1kIGHEvQYQDrxwUewXn+aO7f7G+I2qPzwKC+0SvV
bfM+F0pq7LU43UhM9uDuS6CMaZnmW2X7opW3qT9w0w1p/Nwp5eNtceBdmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN67iHWqAuRqR+5S2nlOMbawJJ1ZMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvM3J1SWRhb0M1R3BIN2xMYWVVNHh0ckFrblZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5E7MA0G
CSqGSIb3DQEBCwUAA4IBAQBwoTi1qSeGDzNtP6XK4u4JbJi6q5mucr+zp1oFVgZ2
uFG9OZ05nYjCr8L3JHYXvPU9QX6Xo0PUXSc9o2BF8PETQ5SypgUpquikv4JgxvR/
gt8V18sWQKCvLwgM85xGi+T4lmkO0oKX0TBop6l1QYk4+Vq5mV3BmEbyWJKZIme+
B02HjYna6/wZ/aVwMezbyr530Gb4LM1Bq7FzghNKER6c8uc2xseawIx20QtcUkTJ
k6sAJJ87ks8vHnuwnj40zSDjs9bvnDEQbv39FfZHFVb5odYn+kupa9k+Kb5foWSf
DKeSKnEipwa6myOMBBYMR8rSh59BDaEQW7QRqkK7uFNi
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:34 2025 by rpki-client