Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/slzNWk1Y4jMXJ5jCTLSiIOEZe98.roa
File: slzNWk1Y4jMXJ5jCTLSiIOEZe98.roa (raw, json)
Hash identifier: /F8PBtQqGpRu/5dzr/Gcsejfh3mr18jba1Xqy/GA82A=
Subject key identifier: B2:5C:CD:5A:4D:58:E2:33:17:27:98:C2:4C:B4:A2:20:E1:19:7B:DF
Certificate issuer: /CN=f4e4c991b52c306ff45106011a4e952d8680d2b6
Certificate serial: 018ADACCC3B807E81A4327A0706F2B118A33
Authority key identifier: F4:E4:C9:91:B5:2C:30:6F:F4:51:06:01:1A:4E:95:2D:86:80:D2:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OTJkbUsMG_0UQYBGk6VLYaA0rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/slzNWk1Y4jMXJ5jCTLSiIOEZe98.roa
Signing time: Thu 28 Sep 2023 07:59:27 +0000
ROA not before: Thu 28 Sep 2023 07:59:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216302
IP address blocks: 31.24.248.0/24 maxlen: 24
2a12:48c0::/29 maxlen: 29
2a12:48c0:7632::/48 maxlen: 48
2a12:48c0:7032::/48 maxlen: 48
2a12:48c0:6b38::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Dec 2023 15:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:cc:c3:b8:07:e8:1a:43:27:a0:70:6f:2b:11:8a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e4c991b52c306ff45106011a4e952d8680d2b6
Validity
Not Before: Sep 28 07:59:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b25ccd5a4d58e233172798c24cb4a220e1197bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5c:80:25:76:9a:bf:93:fa:af:ec:22:d8:e3:
63:7c:67:dc:03:a6:7f:52:a3:bc:b5:47:d8:50:7a:
c7:bc:b6:cc:46:e0:52:a5:5a:15:6d:44:06:cb:5b:
e1:93:ec:1e:58:b3:70:7d:a6:e9:ab:53:a2:b7:0e:
0f:a8:c2:21:50:e1:47:d8:bd:b9:9d:ed:65:f2:e8:
e6:d9:de:13:3b:a5:e1:23:6f:48:b5:fa:89:7b:8a:
da:02:78:e3:5c:ee:5f:19:1a:03:98:ba:1a:b5:32:
a1:d9:0d:95:9f:eb:0a:c3:d8:a8:77:06:ae:5a:92:
2c:bc:6a:ec:b4:3c:50:c1:00:ff:8a:66:ef:f6:bd:
c6:ad:f5:8a:9e:98:2e:4c:d7:01:fc:4a:37:e1:c5:
bd:22:a9:44:24:16:bb:bd:d7:d3:f2:c5:7b:2c:98:
fa:ba:dc:31:9b:45:4a:9a:2f:b1:13:f9:7a:26:46:
17:f5:74:7e:6b:b4:84:85:a9:44:7d:57:80:c7:24:
05:58:2c:d9:dd:98:8a:cc:d0:7b:cf:59:69:86:14:
90:a8:30:dd:ea:12:37:c2:a9:80:d2:27:b2:d0:53:
b7:56:1b:27:fc:05:dd:56:cb:11:6d:31:ac:da:6f:
0e:27:76:91:61:9e:93:6a:7f:e1:3f:2b:53:63:be:
89:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5C:CD:5A:4D:58:E2:33:17:27:98:C2:4C:B4:A2:20:E1:19:7B:DF
X509v3 Authority Key Identifier:
keyid:F4:E4:C9:91:B5:2C:30:6F:F4:51:06:01:1A:4E:95:2D:86:80:D2:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OTJkbUsMG_0UQYBGk6VLYaA0rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/slzNWk1Y4jMXJ5jCTLSiIOEZe98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6ce154-c3c6-4463-a6bd-02108cebb3ff/1/9OTJkbUsMG_0UQYBGk6VLYaA0rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.248.0/24
IPv6:
2a12:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:e9:47:0b:f6:c8:22:80:6f:b6:09:88:a6:8a:b1:3b:b1:7f:
cf:cf:57:88:51:d2:f0:f6:40:51:55:13:19:38:84:bc:02:29:
e2:9f:74:47:a1:e9:55:58:de:b4:e9:2d:9e:fa:bd:be:0b:20:
a6:bc:7b:cd:48:d7:5a:96:ec:26:23:3c:9c:b8:f5:2e:a2:66:
81:bd:10:36:52:29:8f:c3:1b:35:a2:91:c5:c5:23:f2:dc:67:
e7:29:8a:a3:e6:89:81:85:9c:60:4d:79:4e:de:8b:9c:5e:7f:
7f:67:2e:19:40:d5:7d:07:7a:4d:f6:6a:fa:75:96:2c:3e:12:
57:a2:b5:df:52:37:4e:bb:fc:7e:9d:7d:85:ae:7c:43:05:90:
8c:a2:bf:43:fe:f7:cb:30:48:d6:e2:0e:7d:e0:95:74:cb:09:
aa:52:d6:2f:f7:ec:1d:c6:74:28:5e:2b:e0:b8:92:b2:83:fc:
6f:dc:5e:f0:79:46:15:02:c2:37:bd:fe:ee:c5:69:94:99:ad:
ff:e5:dc:3e:9d:84:a3:6b:d9:b4:0a:29:95:c9:5a:fd:f3:9e:
7d:00:fb:b6:6a:e2:20:bb:17:27:72:18:1f:4d:c2:25:9a:79:
d0:9c:1f:c4:6b:56:bd:63:98:64:f7:0a:4b:86:3c:1d:38:29:
b6:61:6a:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrazMO4B+gaQyegcG8rEYozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTRjOTkxYjUyYzMwNmZmNDUxMDYwMTFhNGU5NTJkODY4
MGQyYjYwHhcNMjMwOTI4MDc1OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVjY2Q1YTRkNThlMjMzMTcyNzk4YzI0Y2I0YTIyMGUxMTk3YmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFyAJXaav5P6r+wi2ONjfGfcA6Z/
UqO8tUfYUHrHvLbMRuBSpVoVbUQGy1vhk+weWLNwfabpq1Oitw4PqMIhUOFH2L25
ne1l8ujm2d4TO6XhI29ItfqJe4raAnjjXO5fGRoDmLoatTKh2Q2Vn+sKw9iodwau
WpIsvGrstDxQwQD/imbv9r3GrfWKnpguTNcB/Eo34cW9IqlEJBa7vdfT8sV7LJj6
utwxm0VKmi+xE/l6JkYX9XR+a7SEhalEfVeAxyQFWCzZ3ZiKzNB7z1lphhSQqDDd
6hI3wqmA0iey0FO3Vhsn/AXdVssRbTGs2m8OJ3aRYZ6Tan/hPytTY76JUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLJczVpNWOIzFyeYwky0oiDhGXvfMB8GA1UdIwQY
MBaAFPTkyZG1LDBv9FEGARpOlS2GgNK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9USmtiVXNNR18wVVFZQkdrNlZMWWFBMHJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82Y2UxNTQtYzNjNi00NDYzLWE2YmQt
MDIxMDhjZWJiM2ZmLzEvc2x6TldrMVk0ak1YSjVqQ1RMU2lJT0VaZTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82Y2UxNTQtYzNjNi00NDYzLWE2YmQtMDIxMDhjZWJiM2Zm
LzEvOU9USmtiVXNNR18wVVFZQkdrNlZMWWFBMHJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHxj4MA0E
AgACMAcDBQMqEkjAMA0GCSqGSIb3DQEBCwUAA4IBAQCT6UcL9sgigG+2CYimirE7
sX/Pz1eIUdLw9kBRVRMZOIS8Ainin3RHoelVWN606S2e+r2+CyCmvHvNSNdaluwm
IzycuPUuomaBvRA2UimPwxs1opHFxSPy3GfnKYqj5omBhZxgTXlO3oucXn9/Zy4Z
QNV9B3pN9mr6dZYsPhJXorXfUjdOu/x+nX2FrnxDBZCMor9D/vfLMEjW4g594JV0
ywmqUtYv9+wdxnQoXivguJKyg/xv3F7weUYVAsI3vf7uxWmUma3/5dw+nYSja9m0
CimVyVr98559APu2auIguxcnchgfTcIlmnnQnB/Ea1a9Y5hk9wpLhjwdOCm2YWof
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:20 2024 by rpki-client on console-ams.rpki-client.org