Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/H5hjKeg4-nWjQizHm1GnST5dbaA.roa
File: H5hjKeg4-nWjQizHm1GnST5dbaA.roa (raw, json)
Hash identifier: VVXdBE3cCVjljTvkMh08Mu5Myz4f4ibVsBe/RJqdXpE=
Subject key identifier: 1F:98:63:29:E8:38:FA:75:A3:42:2C:C7:9B:51:A7:49:3E:5D:6D:A0
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 0189070ECE067764C937B3FAEA91F85451C4
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/H5hjKeg4-nWjQizHm1GnST5dbaA.roa
Signing time: Thu 29 Jun 2023 12:09:17 +0000
ROA not before: Thu 29 Jun 2023 12:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 31.171.129.0/24 maxlen: 24
31.171.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Dec 2023 19:51:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:07:0e:ce:06:77:64:c9:37:b3:fa:ea:91:f8:54:51:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Jun 29 12:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f986329e838fa75a3422cc79b51a7493e5d6da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:43:78:1a:1b:e8:2f:37:49:24:85:63:9a:bb:
b5:5e:93:13:e8:f1:4b:39:d6:1d:07:1e:9f:13:4b:
f0:18:28:f1:0b:24:4a:32:54:01:6f:07:28:81:e8:
26:ce:7e:f2:94:8f:70:79:11:c0:bf:44:d9:39:0a:
4e:46:aa:23:33:14:42:a9:7b:f3:6a:03:77:62:44:
9b:15:74:3d:0e:d2:43:0b:8d:1d:fa:e3:b4:c7:8d:
0b:c2:da:ec:69:ed:af:3c:79:86:c6:01:48:cc:2b:
21:2b:07:02:6c:2a:80:3c:f3:da:36:9b:6b:3d:8f:
62:4e:e2:48:fb:d1:1a:48:c4:f8:9b:c8:a9:da:7c:
c3:c7:21:4b:cc:b4:08:f6:3a:12:19:32:c6:9e:12:
cc:03:9b:6a:00:1a:b4:92:a9:73:85:9f:a4:30:c0:
b1:37:e8:2e:f3:0e:c1:7c:3e:5d:12:c0:94:e7:b9:
aa:70:97:55:6c:85:7b:28:08:39:71:78:d9:90:f5:
0e:77:de:09:1a:b6:64:a6:52:9b:92:ca:a1:fe:2e:
54:de:3e:85:a0:f9:a4:bb:a0:48:74:ad:c6:0a:68:
6a:ea:3f:34:f5:54:76:65:d8:ef:d7:60:05:f8:ae:
d8:86:18:38:71:1c:5d:67:24:91:d4:94:b1:83:6d:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:98:63:29:E8:38:FA:75:A3:42:2C:C7:9B:51:A7:49:3E:5D:6D:A0
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/H5hjKeg4-nWjQizHm1GnST5dbaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.129.0-31.171.130.255
Signature Algorithm: sha256WithRSAEncryption
97:14:42:f5:40:a6:81:44:4a:a5:88:38:1d:d4:4a:68:25:4f:
d8:23:45:b6:56:c5:e7:7b:71:c3:14:4b:e4:55:c4:97:0d:d7:
e2:19:9f:25:d3:02:2f:7d:dd:ca:94:c3:81:e2:a7:01:36:b2:
a6:95:83:46:2d:27:a1:33:d5:c5:c0:f1:1e:58:e9:f7:e0:7c:
18:d9:f2:18:43:a9:2e:3a:df:69:50:02:5e:42:04:50:3a:cc:
17:2c:00:56:8a:18:cc:e6:d0:f8:c1:6e:f1:20:55:c0:00:ac:
84:16:9e:a0:a8:a2:3c:e4:d6:e9:6d:1c:7d:f4:0e:f9:af:af:
3b:71:36:f1:e9:27:fb:d0:34:0c:d4:d2:02:94:80:28:12:0d:
d3:60:21:51:9a:68:92:c7:1a:80:e3:f1:c0:50:82:6e:f8:01:
8f:07:74:d2:68:89:92:70:59:5c:19:9c:c0:3c:83:72:21:a1:
ed:73:de:ec:c6:32:cf:fe:ef:b8:9f:f6:ea:95:70:8f:38:de:
3a:b4:84:a0:2a:bd:e9:8e:b1:4c:08:7a:f6:af:a4:fd:6c:c5:
4f:c4:3d:fc:c3:62:54:b3:61:48:8c:94:b0:83:5d:98:9e:50:
2d:16:fb:a8:41:a1:d6:9a:2c:09:5f:9d:ac:0b:93:b8:7f:3e:
01:f0:ce:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYkHDs4Gd2TJN7P66pH4VFHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjMwNjI5MTIwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjk4NjMyOWU4MzhmYTc1YTM0MjJjYzc5YjUxYTc0OTNlNWQ2ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUN4GhvoLzdJJIVjmru1XpMT6PFL
OdYdBx6fE0vwGCjxCyRKMlQBbwcogegmzn7ylI9weRHAv0TZOQpORqojMxRCqXvz
agN3YkSbFXQ9DtJDC40d+uO0x40Lwtrsae2vPHmGxgFIzCshKwcCbCqAPPPaNptr
PY9iTuJI+9EaSMT4m8ip2nzDxyFLzLQI9joSGTLGnhLMA5tqABq0kqlzhZ+kMMCx
N+gu8w7BfD5dEsCU57mqcJdVbIV7KAg5cXjZkPUOd94JGrZkplKbksqh/i5U3j6F
oPmku6BIdK3GCmhq6j809VR2Zdjv12AF+K7Yhhg4cRxdZySR1JSxg20JxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFB+YYynoOPp1o0Isx5tRp0k+XW2gMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvSDVoaktlZzQtbldqUWl6SG0xR25TVDVkYmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAfq4ED
BAAfq4IwDQYJKoZIhvcNAQELBQADggEBAJcUQvVApoFESqWIOB3USmglT9gjRbZW
xed7ccMUS+RVxJcN1+IZnyXTAi993cqUw4HipwE2sqaVg0YtJ6Ez1cXA8R5Y6ffg
fBjZ8hhDqS4632lQAl5CBFA6zBcsAFaKGMzm0PjBbvEgVcAArIQWnqCoojzk1ult
HH30DvmvrztxNvHpJ/vQNAzU0gKUgCgSDdNgIVGaaJLHGoDj8cBQgm74AY8HdNJo
iZJwWVwZnMA8g3Ihoe1z3uzGMs/+77if9uqVcI843jq0hKAqvemOsUwIevavpP1s
xU/EPfzDYlSzYUiMlLCDXZieUC0W+6hBodaaLAlfnawLk7h/PgHwzhw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:40 2024 by rpki-client on console-fra.rpki-client.org