Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/EtkkfjpaCVbwmB8qohF3Y3yslDg.roa
File: EtkkfjpaCVbwmB8qohF3Y3yslDg.roa (raw, json)
Hash identifier: jU/5lzlEyOIE4+QnS6qT2dPIHF+7GnqpAubEnf92vak=
Subject key identifier: 12:D9:24:7E:3A:5A:09:56:F0:98:1F:2A:A2:11:77:63:7C:AC:94:38
Certificate issuer: /CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Certificate serial: 0185720C80FDCE92EDA7BDBA012ECFE70CC8
Authority key identifier: 49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/EtkkfjpaCVbwmB8qohF3Y3yslDg.roa
Signing time: Mon 02 Jan 2023 10:35:00 +0000
ROA not before: Mon 02 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56676
IP address blocks: 91.237.209.0/24 maxlen: 24
31.130.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:80:fd:ce:92:ed:a7:bd:ba:01:2e:cf:e7:0c:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49cd9ec8e53f8fc2a35e91b77014f6a73d8b5b3d
Validity
Not Before: Jan 2 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=12d9247e3a5a0956f0981f2aa21177637cac9438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:ba:83:51:6f:c3:b4:3c:d8:c0:0b:c1:9e:
1b:d4:4c:c4:ea:df:4f:6e:91:c0:2d:5f:dc:8f:ef:
86:64:77:79:41:cc:01:4f:1e:f7:07:47:ee:c9:fd:
be:e4:8c:3e:b8:a3:a8:6a:f0:84:ce:23:3c:56:8b:
c6:3d:cd:b6:bf:52:77:18:3d:38:1e:03:b1:91:13:
e7:fa:0f:a2:c6:9e:98:f2:81:89:7a:a3:94:fb:0c:
a5:c8:22:03:3b:dc:3e:57:4a:3a:35:6a:1d:b6:51:
08:ac:06:e7:6b:39:61:a0:a7:77:a2:29:18:5b:e1:
55:e0:e1:a7:7c:b4:de:d1:5e:45:20:29:06:65:2a:
0c:60:9b:42:d2:0f:72:69:90:b7:54:5c:b8:9c:ba:
70:2d:88:07:d8:c3:cf:7b:0b:da:b0:cd:e4:1f:53:
00:28:c7:33:45:d4:2c:76:4b:ec:ae:bc:91:96:ef:
34:16:1d:a3:41:3a:fc:33:02:ba:a1:92:50:9b:89:
40:f3:cb:05:ab:41:46:51:0f:f1:b3:12:ab:47:1f:
11:54:38:34:fa:36:97:38:6a:c1:16:e8:2d:4b:fe:
a7:8f:d9:ee:42:f5:a0:3e:9f:d0:fa:4c:da:35:f0:
fb:75:02:6d:36:28:9e:12:f7:0c:94:7c:fa:c8:4a:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:D9:24:7E:3A:5A:09:56:F0:98:1F:2A:A2:11:77:63:7C:AC:94:38
X509v3 Authority Key Identifier:
keyid:49:CD:9E:C8:E5:3F:8F:C2:A3:5E:91:B7:70:14:F6:A7:3D:8B:5B:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/EtkkfjpaCVbwmB8qohF3Y3yslDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1b5961-84ab-40be-b0dc-2f6f9f888375/1/Sc2eyOU_j8KjXpG3cBT2pz2LWz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.120.0/21
91.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
62:42:85:cd:64:a2:08:a7:13:ac:e4:7e:42:b2:6c:dd:23:a9:
99:10:e2:be:a0:0a:1b:5e:73:3d:8a:a0:f0:61:00:3c:6c:3d:
96:06:80:07:06:28:07:7b:66:da:e2:9f:19:10:54:9f:b5:04:
d8:b5:99:b6:cd:b4:7c:d2:20:ef:3a:d2:79:6a:f5:38:ff:be:
de:ce:d0:a6:6c:07:31:fe:0a:b1:45:74:29:7a:08:ba:46:3b:
b5:4d:b7:1d:e7:20:87:14:4e:a4:ef:1d:ea:9b:da:ba:25:22:
55:e6:f9:27:d9:cc:5a:32:4a:9f:53:53:d0:62:82:3f:95:c6:
ce:6b:3b:77:e9:f0:41:22:1f:e1:2d:8d:2f:94:d6:fb:59:e2:
34:10:20:4e:70:f1:4e:63:f1:82:a9:d9:d2:63:74:60:2e:bc:
45:4d:e6:af:9c:76:c2:df:38:f7:0b:43:1f:d0:31:b2:5f:cd:
1a:08:80:7c:0e:28:b5:f8:c4:10:0c:a7:94:62:be:2f:59:60:
15:ed:7d:96:33:32:54:12:0c:aa:83:53:c8:c7:9c:c7:72:e0:
eb:d0:dd:56:2a:fe:86:bf:0c:f7:7f:60:a5:21:78:78:be:e5:
99:b7:3a:97:62:b9:f6:2c:92:54:1d:ae:23:bc:4a:3f:79:94:
74:23:90:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyDID9zpLtp726AS7P5wzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Y2Q5ZWM4ZTUzZjhmYzJhMzVlOTFiNzcwMTRmNmE3M2Q4
YjViM2QwHhcNMjMwMTAyMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmQ5MjQ3ZTNhNWEwOTU2ZjA5ODFmMmFhMjExNzc2MzdjYWM5NDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj66g1Fvw7Q82MALwZ4b1EzE6t9P
bpHALV/cj++GZHd5QcwBTx73B0fuyf2+5Iw+uKOoavCEziM8VovGPc22v1J3GD04
HgOxkRPn+g+ixp6Y8oGJeqOU+wylyCIDO9w+V0o6NWodtlEIrAbnazlhoKd3oikY
W+FV4OGnfLTe0V5FICkGZSoMYJtC0g9yaZC3VFy4nLpwLYgH2MPPewvasM3kH1MA
KMczRdQsdkvsrryRlu80Fh2jQTr8MwK6oZJQm4lA88sFq0FGUQ/xsxKrRx8RVDg0
+jaXOGrBFugtS/6nj9nuQvWgPp/Q+kzaNfD7dQJtNiieEvcMlHz6yEp5gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBLZJH46WglW8JgfKqIRd2N8rJQ4MB8GA1UdIwQY
MBaAFEnNnsjlP4/Co16Rt3AU9qc9i1s9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2MyZXlPVV9qOEtqWHBHM2NCVDJwejJMV3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xYjU5NjEtODRhYi00MGJlLWIwZGMt
MmY2ZjlmODg4Mzc1LzEvRXRra2ZqcGFDVmJ3bUI4cW9oRjNZM3lzbERnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xYjU5NjEtODRhYi00MGJlLWIwZGMtMmY2ZjlmODg4Mzc1
LzEvU2MyZXlPVV9qOEtqWHBHM2NCVDJwejJMV3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH4J4AwQA
W+3RMA0GCSqGSIb3DQEBCwUAA4IBAQBiQoXNZKIIpxOs5H5CsmzdI6mZEOK+oAob
XnM9iqDwYQA8bD2WBoAHBigHe2ba4p8ZEFSftQTYtZm2zbR80iDvOtJ5avU4/77e
ztCmbAcx/gqxRXQpegi6Rju1Tbcd5yCHFE6k7x3qm9q6JSJV5vkn2cxaMkqfU1PQ
YoI/lcbOazt36fBBIh/hLY0vlNb7WeI0ECBOcPFOY/GCqdnSY3RgLrxFTeavnHbC
3zj3C0Mf0DGyX80aCIB8Dii1+MQQDKeUYr4vWWAV7X2WMzJUEgyqg1PIx5zHcuDr
0N1WKv6Gvwz3f2ClIXh4vuWZtzqXYrn2LJJUHa4jvEo/eZR0I5BA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:41 2024 by rpki-client on console-ams.rpki-client.org