Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/Ysnc4lMkHEOH4mv0PIjLrAXJI4E.roa
File: Ysnc4lMkHEOH4mv0PIjLrAXJI4E.roa (raw, json)
Hash identifier: tBsRtnIkPNe2x08QP+Jxgmskl+ldBydEkHiyfa/aqA0=
Subject key identifier: 62:C9:DC:E2:53:24:1C:43:87:E2:6B:F4:3C:88:CB:AC:05:C9:23:81
Certificate issuer: /CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Certificate serial: 018CAB55D64C9773D1178D8FC25602F8BC06
Authority key identifier: 47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/Ysnc4lMkHEOH4mv0PIjLrAXJI4E.roa
Signing time: Wed 27 Dec 2023 12:52:58 +0000
ROA not before: Wed 27 Dec 2023 12:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31020
IP address blocks: 31.186.88.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:55:d6:4c:97:73:d1:17:8d:8f:c2:56:02:f8:bc:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=477f4b6ec4347157c4d13ef0e7abe1290a0bf57c
Validity
Not Before: Dec 27 12:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62c9dce253241c4387e26bf43c88cbac05c92381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e1:02:ec:b7:05:f5:ef:00:1a:9e:34:e3:4d:
50:8f:c2:73:74:e6:36:70:17:da:02:3f:7a:c9:ce:
de:5c:c1:44:a7:04:f2:33:8c:cc:2b:5d:2c:ec:3e:
3f:f8:ec:76:e2:8f:c4:ca:90:48:53:ca:1d:f9:54:
b2:7a:b7:f9:c7:a6:3f:b0:9f:15:01:56:e9:86:ca:
b2:91:16:22:99:62:a7:08:73:66:d6:0e:f3:d4:e0:
d1:fb:84:10:e7:08:3d:15:09:70:a5:8c:07:32:89:
a8:e2:50:2c:80:4b:e6:8a:0c:a7:49:e7:01:b1:f8:
3b:d4:fe:0d:fb:35:68:93:1f:53:6a:26:23:88:8c:
23:a3:a7:99:af:60:61:35:1c:6b:94:77:19:01:27:
0e:03:6d:7f:f0:cb:b7:86:d7:01:23:8c:40:2e:3d:
89:16:09:53:fc:33:64:68:90:6d:12:38:84:48:66:
1b:01:55:5f:07:d1:3b:25:15:50:e7:2a:b5:34:c5:
f9:97:ac:8a:21:61:5e:2a:15:e8:3c:4a:fb:db:56:
60:bf:b7:5d:3b:30:f1:4b:31:f4:17:56:93:43:34:
b3:67:07:7d:35:59:0b:02:c8:cc:2e:c8:17:03:88:
35:34:c5:72:ae:69:ed:c5:34:1e:50:7b:99:85:13:
31:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C9:DC:E2:53:24:1C:43:87:E2:6B:F4:3C:88:CB:AC:05:C9:23:81
X509v3 Authority Key Identifier:
keyid:47:7F:4B:6E:C4:34:71:57:C4:D1:3E:F0:E7:AB:E1:29:0A:0B:F5:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R39LbsQ0cVfE0T7w56vhKQoL9Xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/Ysnc4lMkHEOH4mv0PIjLrAXJI4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/393e16-898e-45d8-9d72-d8bd250b64f9/1/R39LbsQ0cVfE0T7w56vhKQoL9Xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.88.0/21
Signature Algorithm: sha256WithRSAEncryption
71:12:25:24:c0:18:43:8f:46:2b:9e:c8:40:d4:37:67:53:e8:
f6:50:2e:b0:79:0e:68:a0:0b:10:c0:b4:b4:be:0b:5d:38:01:
32:69:cc:f5:5b:c6:05:2f:1d:5a:6d:4d:0f:b2:5d:18:4e:21:
28:bf:07:7b:5e:23:4d:bf:20:74:52:b4:19:f3:22:2d:b4:8e:
69:ea:d7:05:e4:fd:df:7d:91:3e:78:69:61:96:50:28:19:b5:
1b:6d:58:9f:67:1c:8f:7f:79:5a:6f:88:d6:cb:a3:fa:90:a0:
b4:63:1a:a2:eb:38:08:c1:3a:7e:4c:69:2f:af:e2:01:cd:eb:
43:58:de:70:02:1b:61:c4:2d:f6:0c:84:1a:84:8d:0a:cf:e6:
97:4a:39:27:5c:12:cb:8a:dd:d6:f3:cc:c8:ec:93:37:3f:67:
31:10:0b:1e:1b:ed:a6:6d:b3:f1:97:0c:af:b5:90:8f:5c:ee:
f7:44:b3:7f:5e:da:2a:82:85:38:7e:00:4b:5e:7f:7a:3d:78:
db:79:46:58:bf:25:fa:ea:85:db:ba:d0:a4:33:1f:04:28:17:
ce:7b:52:5e:a7:a3:10:8a:21:e8:47:48:92:4a:16:60:cf:7b:
e8:00:cf:43:80:1a:6e:42:77:cf:64:d7:48:39:18:75:7d:40:
a3:fb:76:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrVdZMl3PRF42PwlYC+LwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3N2Y0YjZlYzQzNDcxNTdjNGQxM2VmMGU3YWJlMTI5MGEw
YmY1N2MwHhcNMjMxMjI3MTI1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmM5ZGNlMjUzMjQxYzQzODdlMjZiZjQzYzg4Y2JhYzA1YzkyMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOEC7LcF9e8AGp40401Qj8JzdOY2
cBfaAj96yc7eXMFEpwTyM4zMK10s7D4/+Ox24o/EypBIU8od+VSyerf5x6Y/sJ8V
AVbphsqykRYimWKnCHNm1g7z1ODR+4QQ5wg9FQlwpYwHMomo4lAsgEvmigynSecB
sfg71P4N+zVokx9TaiYjiIwjo6eZr2BhNRxrlHcZAScOA21/8Mu3htcBI4xALj2J
FglT/DNkaJBtEjiESGYbAVVfB9E7JRVQ5yq1NMX5l6yKIWFeKhXoPEr721Zgv7dd
OzDxSzH0F1aTQzSzZwd9NVkLAsjMLsgXA4g1NMVyrmntxTQeUHuZhRMxZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLJ3OJTJBxDh+Jr9DyIy6wFySOBMB8GA1UdIwQY
MBaAFEd/S27ENHFXxNE+8Oer4SkKC/V8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzIt
ZDhiZDI1MGI2NGY5LzEvWXNuYzRsTWtIRU9ING12MFBJakxyQVhKSTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zOTNlMTYtODk4ZS00NWQ4LTlkNzItZDhiZDI1MGI2NGY5
LzEvUjM5TGJzUTBjVmZFMFQ3dzU2dmhLUW9MOVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH7pYMA0G
CSqGSIb3DQEBCwUAA4IBAQBxEiUkwBhDj0YrnshA1DdnU+j2UC6weQ5ooAsQwLS0
vgtdOAEyacz1W8YFLx1abU0Psl0YTiEovwd7XiNNvyB0UrQZ8yIttI5p6tcF5P3f
fZE+eGlhllAoGbUbbVifZxyPf3lab4jWy6P6kKC0Yxqi6zgIwTp+TGkvr+IBzetD
WN5wAhthxC32DIQahI0Kz+aXSjknXBLLit3W88zI7JM3P2cxEAseG+2mbbPxlwyv
tZCPXO73RLN/XtoqgoU4fgBLXn96PXjbeUZYvyX66oXbutCkMx8EKBfOe1Jep6MQ
iiHoR0iSShZgz3voAM9DgBpuQnfPZNdIORh1fUCj+3Yb
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:11 2024 by rpki-client on console-fra.rpki-client.org