Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/9JQRDukG6cTLtbBN2mx5y2VUjQo.roa
File: 9JQRDukG6cTLtbBN2mx5y2VUjQo.roa (raw, json)
Hash identifier: oa9755S/OvPvwIUVon0lcnuNmC0j68MimrzI1/Z9XOk=
Subject key identifier: F4:94:11:0E:E9:06:E9:C4:CB:B5:B0:4D:DA:6C:79:CB:65:54:8D:0A
Certificate issuer: /CN=f4e4c991b52c306ff45106011a4e952d8680d2b6
Certificate serial: 018C82A8BECD685B7F023F2CACFA10E0AEE2
Authority key identifier: F4:E4:C9:91:B5:2C:30:6F:F4:51:06:01:1A:4E:95:2D:86:80:D2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OTJkbUsMG_0UQYBGk6VLYaA0rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/9JQRDukG6cTLtbBN2mx5y2VUjQo.roa
Signing time: Tue 19 Dec 2023 15:19:06 +0000
ROA not before: Tue 19 Dec 2023 15:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216302
IP address blocks: 31.24.248.0/24 maxlen: 24
2a12:48c0::/29 maxlen: 29
2a12:48c0:7032::/48 maxlen: 48
2a12:48c0:7632::/48 maxlen: 48
2a12:48c0::/32 maxlen: 32
2a12:48c0:6b38::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:a8:be:cd:68:5b:7f:02:3f:2c:ac:fa:10:e0:ae:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e4c991b52c306ff45106011a4e952d8680d2b6
Validity
Not Before: Dec 19 15:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f494110ee906e9c4cbb5b04dda6c79cb65548d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cd:32:28:8a:ad:1f:3a:3f:1e:18:1f:f0:55:
5a:66:48:94:35:2f:4b:f4:29:88:39:01:36:72:df:
e5:eb:42:ea:33:06:5c:86:7c:eb:9f:b6:db:54:88:
62:8d:02:ad:be:5c:a7:8d:e8:dd:cc:3d:ed:90:5b:
4a:c2:1a:7a:8f:6d:cb:63:46:cb:2d:71:c7:3b:07:
29:e5:39:82:28:e5:b7:f7:eb:60:a9:27:58:74:55:
0f:9c:be:ac:93:dc:07:b3:43:5e:6e:d9:f9:57:27:
fc:a8:db:8a:c6:e2:ad:ac:72:f9:f0:38:37:89:8f:
60:79:11:a3:fa:c6:9b:24:9f:c1:1d:7c:11:40:66:
90:46:3a:55:6d:28:a2:ee:e3:ad:58:23:ff:b2:cb:
ed:b7:a9:f0:8f:04:29:5b:78:3f:40:e7:83:b2:2a:
24:31:ca:e3:7e:11:ff:fd:4f:31:ef:b6:e7:23:33:
9c:bb:68:df:f2:99:49:80:85:14:23:9b:c1:d0:cc:
c5:f1:42:ad:c3:c2:36:0c:04:cd:df:ee:92:ea:cf:
3f:4a:69:f9:9a:18:77:a6:fe:88:05:f4:39:b9:11:
48:5f:63:ac:fc:73:6f:46:cf:50:79:40:3c:90:c8:
ec:b5:37:c7:27:c3:49:b9:f4:6f:0d:78:f8:d8:7d:
a6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:94:11:0E:E9:06:E9:C4:CB:B5:B0:4D:DA:6C:79:CB:65:54:8D:0A
X509v3 Authority Key Identifier:
keyid:F4:E4:C9:91:B5:2C:30:6F:F4:51:06:01:1A:4E:95:2D:86:80:D2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OTJkbUsMG_0UQYBGk6VLYaA0rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/9JQRDukG6cTLtbBN2mx5y2VUjQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/9OTJkbUsMG_0UQYBGk6VLYaA0rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.248.0/24
IPv6:
2a12:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:30:be:c7:38:af:de:be:1c:ad:d4:e5:9c:63:a2:48:ae:70:
b5:0c:76:d0:0f:1a:b3:1c:6c:b0:08:d3:ff:79:30:f7:d7:54:
eb:ce:98:fe:2b:e1:f6:03:41:7c:bb:42:e6:ae:94:70:24:c3:
2c:67:29:26:ad:75:6f:c8:5e:88:4b:c7:ce:b0:50:6f:61:73:
e0:c4:ef:04:7c:a2:14:79:2e:fe:21:00:15:0a:64:f1:aa:56:
1a:9d:00:2d:a7:a2:23:2c:00:dc:47:1a:23:21:09:91:11:c8:
17:cd:87:ce:34:a2:25:04:22:e5:59:01:f1:93:4b:de:0b:78:
7b:6d:c7:0a:24:e0:d1:a2:58:6a:d4:f8:db:9d:b2:10:50:b5:
7d:94:99:40:2a:e5:1c:3c:f0:60:e1:1c:d9:66:1a:c4:ab:54:
66:5a:48:b2:61:38:33:ef:ab:21:1d:18:3d:99:89:50:e4:02:
88:e2:d8:99:2b:58:51:db:da:09:ac:82:22:73:1d:b5:fb:55:
15:67:79:1e:3e:f1:cd:7c:33:c9:3b:e9:f7:9d:2c:2a:53:97:
d8:18:60:55:03:c3:16:b9:bd:0a:2c:ac:cd:cc:bf:4e:b2:41:
ee:30:05:67:49:d8:e8:81:4f:57:08:a4:c0:a3:16:24:52:66:
9c:67:bd:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyCqL7NaFt/Aj8srPoQ4K7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTRjOTkxYjUyYzMwNmZmNDUxMDYwMTFhNGU5NTJkODY4
MGQyYjYwHhcNMjMxMjE5MTUxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk0MTEwZWU5MDZlOWM0Y2JiNWIwNGRkYTZjNzljYjY1NTQ4ZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM0yKIqtHzo/Hhgf8FVaZkiUNS9L
9CmIOQE2ct/l60LqMwZchnzrn7bbVIhijQKtvlynjejdzD3tkFtKwhp6j23LY0bL
LXHHOwcp5TmCKOW39+tgqSdYdFUPnL6sk9wHs0Nebtn5Vyf8qNuKxuKtrHL58Dg3
iY9geRGj+sabJJ/BHXwRQGaQRjpVbSii7uOtWCP/ssvtt6nwjwQpW3g/QOeDsiok
McrjfhH//U8x77bnIzOcu2jf8plJgIUUI5vB0MzF8UKtw8I2DATN3+6S6s8/Smn5
mhh3pv6IBfQ5uRFIX2Os/HNvRs9QeUA8kMjstTfHJ8NJufRvDXj42H2mDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPSUEQ7pBunEy7WwTdpsectlVI0KMB8GA1UdIwQY
MBaAFPTkyZG1LDBv9FEGARpOlS2GgNK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9USmtiVXNNR18wVVFZQkdrNlZMWWFBMHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82Y2UxNTQtYzNjNi00NDYzLWE2YmQt
MDIxMDhjZWJiM2ZmLzEvOUpRUkR1a0c2Y1RMdGJCTjJteDV5MlZValFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82Y2UxNTQtYzNjNi00NDYzLWE2YmQtMDIxMDhjZWJiM2Zm
LzEvOU9USmtiVXNNR18wVVFZQkdrNlZMWWFBMHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHxj4MA0E
AgACMAcDBQMqEkjAMA0GCSqGSIb3DQEBCwUAA4IBAQA8ML7HOK/evhyt1OWcY6JI
rnC1DHbQDxqzHGywCNP/eTD311Trzpj+K+H2A0F8u0LmrpRwJMMsZykmrXVvyF6I
S8fOsFBvYXPgxO8EfKIUeS7+IQAVCmTxqlYanQAtp6IjLADcRxojIQmREcgXzYfO
NKIlBCLlWQHxk0veC3h7bccKJODRolhq1PjbnbIQULV9lJlAKuUcPPBg4RzZZhrE
q1RmWkiyYTgz76shHRg9mYlQ5AKI4tiZK1hR29oJrIIicx21+1UVZ3kePvHNfDPJ
O+n3nSwqU5fYGGBVA8MWub0KLKzNzL9OskHuMAVnSdjogU9XCKTAoxYkUmacZ70P
-----END CERTIFICATE-----
Generated at Tue Dec 19 21:14:40 2023 by rpki-client on console-fra.rpki-client.org