Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/b8CnwcTjntG0-Alt96VXzfGGyTY.roa
File: b8CnwcTjntG0-Alt96VXzfGGyTY.roa (raw, json)
Hash identifier: auDVd8z9U/irNOMeX2f098v4YLx62lGJAjyR+lXqk/s=
Subject key identifier: 6F:C0:A7:C1:C4:E3:9E:D1:B4:F8:09:6D:F7:A5:57:CD:F1:86:C9:36
Certificate issuer: /CN=078ed1a0153762a922e55e0f948cd1a5411c7a89
Certificate serial: 018CC94E65400A76F67612C9F3EA20234760
Authority key identifier: 07:8E:D1:A0:15:37:62:A9:22:E5:5E:0F:94:8C:D1:A5:41:1C:7A:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B47RoBU3Yqki5V4PlIzRpUEceok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/b8CnwcTjntG0-Alt96VXzfGGyTY.roa
Signing time: Tue 02 Jan 2024 08:33:27 +0000
ROA not before: Tue 02 Jan 2024 08:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211741
IP address blocks: 31.43.188.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:65:40:0a:76:f6:76:12:c9:f3:ea:20:23:47:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078ed1a0153762a922e55e0f948cd1a5411c7a89
Validity
Not Before: Jan 2 08:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fc0a7c1c4e39ed1b4f8096df7a557cdf186c936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:15:21:a4:a5:36:9e:6d:ba:b6:bc:ce:ce:d0:
bb:0d:be:1e:31:12:1c:f5:84:b8:39:4a:72:3c:ee:
f7:13:20:5f:e7:2a:33:2c:ec:7d:f5:34:64:17:de:
f5:8f:45:dc:29:0e:1e:a0:56:83:bc:e5:d5:6e:e7:
6b:9b:7a:62:8d:0c:bc:29:54:ec:cb:8c:69:db:5f:
e5:2c:76:8c:f1:3b:42:93:47:97:8c:f7:78:87:57:
f8:7f:01:f5:f1:c5:49:56:5a:fa:66:00:ae:c8:04:
e4:20:b2:5a:4d:cd:23:2e:b2:a7:82:c8:62:79:e5:
1a:ed:34:9a:7a:21:b9:95:d3:b5:c9:74:04:98:e4:
4e:0e:61:b3:75:82:d7:e4:cc:44:bd:a2:29:94:69:
87:4b:39:c0:60:16:bb:42:1c:d6:ee:95:2c:60:b6:
4d:a1:3c:e2:ab:00:59:ac:3e:c6:04:7d:fc:8c:c8:
92:49:7c:14:e1:ef:82:34:49:d0:30:24:90:9e:e6:
e5:88:61:8e:04:dd:6d:38:9c:98:04:b8:0c:58:6f:
be:b6:0a:64:b8:da:10:cf:ea:53:ea:b5:39:71:c5:
b4:87:aa:6d:7f:e2:38:e2:08:df:2b:f0:3f:bc:da:
1f:fd:3d:6e:63:49:75:67:f2:db:d1:6f:e9:40:a7:
0f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:A7:C1:C4:E3:9E:D1:B4:F8:09:6D:F7:A5:57:CD:F1:86:C9:36
X509v3 Authority Key Identifier:
keyid:07:8E:D1:A0:15:37:62:A9:22:E5:5E:0F:94:8C:D1:A5:41:1C:7A:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B47RoBU3Yqki5V4PlIzRpUEceok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/b8CnwcTjntG0-Alt96VXzfGGyTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/92d33c-8a69-4db3-b628-b62db772bbfa/1/B47RoBU3Yqki5V4PlIzRpUEceok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.188.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:a5:c8:e6:1d:f0:b5:b8:6f:7a:6c:2d:65:4a:53:21:0b:b2:
c6:7d:06:6b:7b:8d:75:7d:5c:5e:cf:ce:88:7f:04:9d:79:9f:
1a:ce:ac:c1:08:5c:3d:f6:18:a8:ff:87:32:3d:7b:c4:76:a3:
94:17:1b:8a:b3:5e:03:f9:e8:2c:0f:b3:a5:d7:23:0e:2b:34:
ff:e3:38:4d:e2:18:5e:3c:87:c2:81:9d:bb:6f:7c:4d:43:40:
69:52:24:ab:d6:36:d2:52:ec:db:63:18:d5:eb:f5:2b:e7:17:
b5:f3:a6:dd:14:e1:cc:1e:51:59:92:c4:ea:ea:81:b1:d3:34:
12:44:f3:0f:b0:3a:00:e3:ec:2c:61:4a:9d:f0:02:37:15:52:
ba:a9:7e:d4:cd:0c:1b:d2:cf:e9:2a:f9:a6:d9:29:28:c8:d5:
bd:ca:50:35:2e:ef:2f:8f:ed:c8:b5:3a:c2:b1:eb:ff:76:a0:
8b:ed:b5:3d:e8:9f:1e:4a:22:87:c3:f8:e8:50:12:bb:2c:dd:
4b:3d:3d:39:17:01:95:c4:3f:a7:8c:1a:0a:93:14:2a:fe:0f:
3e:1d:f6:4a:90:57:4c:c6:4e:a7:59:b3:1c:41:96:4a:3c:44:
fc:b2:e5:b8:16:05:33:a5:79:56:a0:81:f7:4d:bf:6b:f4:08:
03:5e:ed:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmVACnb2dhLJ8+ogI0dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OGVkMWEwMTUzNzYyYTkyMmU1NWUwZjk0OGNkMWE1NDEx
YzdhODkwHhcNMjQwMTAyMDgzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMwYTdjMWM0ZTM5ZWQxYjRmODA5NmRmN2E1NTdjZGYxODZjOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRUhpKU2nm26trzOztC7Db4eMRIc
9YS4OUpyPO73EyBf5yozLOx99TRkF971j0XcKQ4eoFaDvOXVbudrm3pijQy8KVTs
y4xp21/lLHaM8TtCk0eXjPd4h1f4fwH18cVJVlr6ZgCuyATkILJaTc0jLrKngshi
eeUa7TSaeiG5ldO1yXQEmORODmGzdYLX5MxEvaIplGmHSznAYBa7QhzW7pUsYLZN
oTziqwBZrD7GBH38jMiSSXwU4e+CNEnQMCSQnubliGGOBN1tOJyYBLgMWG++tgpk
uNoQz+pT6rU5ccW0h6ptf+I44gjfK/A/vNof/T1uY0l1Z/Lb0W/pQKcPYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/Ap8HE457RtPgJbfelV83xhsk2MB8GA1UdIwQY
MBaAFAeO0aAVN2KpIuVeD5SM0aVBHHqJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjQ3Um9CVTNZcWtpNVY0UGxJelJwVUVjZW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85MmQzM2MtOGE2OS00ZGIzLWI2Mjgt
YjYyZGI3NzJiYmZhLzEvYjhDbndjVGpudEcwLUFsdDk2Vlh6ZkdHeVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85MmQzM2MtOGE2OS00ZGIzLWI2MjgtYjYyZGI3NzJiYmZh
LzEvQjQ3Um9CVTNZcWtpNVY0UGxJelJwVUVjZW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBHyu8MA0G
CSqGSIb3DQEBCwUAA4IBAQAepcjmHfC1uG96bC1lSlMhC7LGfQZre411fVxez86I
fwSdeZ8azqzBCFw99hio/4cyPXvEdqOUFxuKs14D+egsD7Ol1yMOKzT/4zhN4hhe
PIfCgZ27b3xNQ0BpUiSr1jbSUuzbYxjV6/Ur5xe186bdFOHMHlFZksTq6oGx0zQS
RPMPsDoA4+wsYUqd8AI3FVK6qX7UzQwb0s/pKvmm2SkoyNW9ylA1Lu8vj+3ItTrC
sev/dqCL7bU96J8eSiKHw/joUBK7LN1LPT05FwGVxD+njBoKkxQq/g8+HfZKkFdM
xk6nWbMcQZZKPET8suW4FgUzpXlWoIH3Tb9r9AgDXu0Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:52 2025 by rpki-client