Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/DcukgyYEPGEDCE2jhqDenbpgwQ0.roa
File: DcukgyYEPGEDCE2jhqDenbpgwQ0.roa (raw, json)
Hash identifier: UxePdxhnaJhTHnsptC11Be8Ml9ZCMOUofgmVBklPgMc=
Subject key identifier: 0D:CB:A4:83:26:04:3C:61:03:08:4D:A3:86:A0:DE:9D:BA:60:C1:0D
Certificate issuer: /CN=cf184140cd1a223f638b7996f5489f485d8ee627
Certificate serial: 019424B392E4E7AD622E4EB9981905A377F6
Authority key identifier: CF:18:41:40:CD:1A:22:3F:63:8B:79:96:F5:48:9F:48:5D:8E:E6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxhBQM0aIj9ji3mW9UifSF2O5ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/DcukgyYEPGEDCE2jhqDenbpgwQ0.roa
Signing time: Thu 02 Jan 2025 01:48:55 +0000
ROA not before: Thu 02 Jan 2025 01:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215457
IP address blocks: 31.128.56.0/22 maxlen: 22
31.128.56.0/24 maxlen: 24
31.128.58.0/24 maxlen: 24
31.128.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 14:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:92:e4:e7:ad:62:2e:4e:b9:98:19:05:a3:77:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf184140cd1a223f638b7996f5489f485d8ee627
Validity
Not Before: Jan 2 01:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dcba48326043c6103084da386a0de9dba60c10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:37:52:b3:2d:a5:f7:64:d8:c6:6f:80:f7:99:
1e:5f:7b:60:28:96:28:43:cf:7b:e7:bf:46:d3:5d:
44:35:ac:65:58:69:bc:04:16:6f:17:c5:6e:0b:b7:
47:05:c9:f8:6f:91:ba:3c:0a:7d:19:e9:90:3c:86:
28:1a:2a:d4:c6:06:1b:9e:54:aa:bb:e0:52:ba:42:
bf:45:18:54:c3:b9:db:eb:cb:47:45:2b:15:c7:d1:
42:7a:7c:14:99:e7:07:17:9a:e5:aa:cf:26:94:e9:
18:47:23:f3:b4:22:37:25:e7:6b:da:98:d3:fa:d0:
16:3f:19:ad:c2:11:db:d7:70:41:22:58:f5:18:cd:
46:6e:d2:c7:ff:b6:06:c7:66:84:33:d7:fa:e8:78:
bb:3f:9b:56:de:c4:7b:a3:9d:a3:a5:e2:82:0d:ee:
24:a3:59:0d:b6:8e:aa:78:81:7b:bc:1a:20:70:84:
38:18:7f:fb:dc:b7:a6:57:9a:cb:6a:56:bf:de:17:
e1:6f:82:d2:ff:53:fa:60:1b:5c:cb:3e:a6:a5:7e:
60:9d:87:a1:2e:d5:7c:4c:0b:75:68:cf:9b:d3:cb:
6b:ae:fd:22:d5:4e:b3:3f:b3:aa:ff:1e:36:b5:10:
bf:a3:45:7a:01:93:d1:96:87:38:4d:6c:62:0e:bb:
76:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CB:A4:83:26:04:3C:61:03:08:4D:A3:86:A0:DE:9D:BA:60:C1:0D
X509v3 Authority Key Identifier:
keyid:CF:18:41:40:CD:1A:22:3F:63:8B:79:96:F5:48:9F:48:5D:8E:E6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxhBQM0aIj9ji3mW9UifSF2O5ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/DcukgyYEPGEDCE2jhqDenbpgwQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/zxhBQM0aIj9ji3mW9UifSF2O5ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.56.0/22
Signature Algorithm: sha256WithRSAEncryption
59:7b:0e:af:26:b7:45:f4:b7:16:4e:4f:53:eb:a2:ed:46:20:
07:bd:ad:54:fc:ae:b7:b8:01:04:b9:c2:a0:69:7e:b6:d6:f9:
fc:5a:cd:c5:f6:f6:a5:18:d9:3c:fe:0b:6a:4a:ca:ea:59:28:
2b:18:10:d6:5c:fc:b8:05:e0:a2:69:47:6a:f7:0a:a5:58:45:
11:af:54:c1:19:02:e5:15:a4:3b:b2:58:9c:db:31:16:bb:77:
b8:b3:cc:07:42:e9:5c:00:76:f9:4f:b8:f6:eb:42:c6:3f:08:
38:49:91:00:35:4f:f3:2f:34:34:e8:bf:86:b2:dc:1d:a4:34:
df:c0:77:ee:82:8d:7e:a9:08:24:32:01:92:dc:3a:a8:25:54:
4c:48:4f:47:2a:37:9e:12:13:23:e2:90:13:5f:a4:cc:53:87:
83:94:88:85:e4:73:6a:07:db:2c:db:a2:87:4a:52:87:f8:ff:
87:4a:d1:be:52:e6:2f:48:5b:af:2d:7a:b8:73:ae:ba:78:e8:
bb:a0:51:fe:bb:0c:cc:55:8d:da:5f:3c:78:5c:17:4e:82:dc:
92:4c:a5:d2:b2:3b:fb:50:93:00:20:9e:a3:a1:8b:6b:08:cd:
ad:30:70:09:56:14:db:09:24:29:d4:a1:80:b2:fd:2d:a9:b2:
47:89:bc:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks5Lk561iLk65mBkFo3f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTg0MTQwY2QxYTIyM2Y2MzhiNzk5NmY1NDg5ZjQ4NWQ4
ZWU2MjcwHhcNMjUwMTAyMDE0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNiYTQ4MzI2MDQzYzYxMDMwODRkYTM4NmEwZGU5ZGJhNjBjMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTdSsy2l92TYxm+A95keX3tgKJYo
Q897579G011ENaxlWGm8BBZvF8VuC7dHBcn4b5G6PAp9GemQPIYoGirUxgYbnlSq
u+BSukK/RRhUw7nb68tHRSsVx9FCenwUmecHF5rlqs8mlOkYRyPztCI3Jedr2pjT
+tAWPxmtwhHb13BBIlj1GM1GbtLH/7YGx2aEM9f66Hi7P5tW3sR7o52jpeKCDe4k
o1kNto6qeIF7vBogcIQ4GH/73LemV5rLala/3hfhb4LS/1P6YBtcyz6mpX5gnYeh
LtV8TAt1aM+b08trrv0i1U6zP7Oq/x42tRC/o0V6AZPRloc4TWxiDrt2TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3LpIMmBDxhAwhNo4ag3p26YMENMB8GA1UdIwQY
MBaAFM8YQUDNGiI/Y4t5lvVIn0hdjuYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhoQlFNMGFJajlqaTNtVzlVaWZTRjJPNWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wN2JmMjktMDdkMS00ZGFmLWIzYmIt
Y2JmYjJjN2ZiYWRkLzEvRGN1a2d5WUVQR0VEQ0UyamhxRGVuYnBnd1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wN2JmMjktMDdkMS00ZGFmLWIzYmItY2JmYjJjN2ZiYWRk
LzEvenhoQlFNMGFJajlqaTNtVzlVaWZTRjJPNWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH4A4MA0G
CSqGSIb3DQEBCwUAA4IBAQBZew6vJrdF9LcWTk9T66LtRiAHva1U/K63uAEEucKg
aX621vn8Ws3F9valGNk8/gtqSsrqWSgrGBDWXPy4BeCiaUdq9wqlWEURr1TBGQLl
FaQ7slic2zEWu3e4s8wHQulcAHb5T7j260LGPwg4SZEANU/zLzQ06L+GstwdpDTf
wHfugo1+qQgkMgGS3DqoJVRMSE9HKjeeEhMj4pATX6TMU4eDlIiF5HNqB9ss26KH
SlKH+P+HStG+UuYvSFuvLXq4c666eOi7oFH+uwzMVY3aXzx4XBdOgtySTKXSsjv7
UJMAIJ6joYtrCM2tMHAJVhTbCSQp1KGAsv0tqbJHibwQ
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:15:51 2025 by rpki-client