Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/431634-35cb-4545-877b-df3c07f3411e/1/PDR7iFzlcevvX1CYurjtsCmFS3Q.roa
File: PDR7iFzlcevvX1CYurjtsCmFS3Q.roa (raw, json)
Hash identifier: pq/Wsj2UqHMOUlN0FXDQs03uYxflZiJkrRluD4xU5Ro=
Subject key identifier: 3C:34:7B:88:5C:E5:71:EB:EF:5F:50:98:BA:B8:ED:B0:29:85:4B:74
Certificate issuer: /CN=92d9089a8e328d32d6de16d7da257b811b05239d
Certificate serial: 018E1417B2D59194F70084DA58D02F5170F6
Authority key identifier: 92:D9:08:9A:8E:32:8D:32:D6:DE:16:D7:DA:25:7B:81:1B:05:23:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktkImo4yjTLW3hbX2iV7gRsFI50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/431634-35cb-4545-877b-df3c07f3411e/1/PDR7iFzlcevvX1CYurjtsCmFS3Q.roa
Signing time: Wed 06 Mar 2024 14:08:01 +0000
ROA not before: Wed 06 Mar 2024 14:08:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 31.14.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:14:17:b2:d5:91:94:f7:00:84:da:58:d0:2f:51:70:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d9089a8e328d32d6de16d7da257b811b05239d
Validity
Not Before: Mar 6 14:08:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c347b885ce571ebef5f5098bab8edb029854b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a5:c2:20:c1:39:36:49:4f:00:82:8f:43:5c:
1b:60:87:a5:94:e6:af:c0:ce:86:59:1b:cd:4b:25:
96:f1:8c:35:35:bc:bd:65:b8:7c:e3:31:fc:08:a4:
7c:c2:8a:fb:62:7c:bf:fa:c9:72:d2:c7:79:6c:c6:
4d:11:cc:6d:b8:86:c8:c3:61:13:a5:5f:ef:66:e9:
6a:89:0c:e3:fd:7e:42:4f:36:18:63:ee:81:0e:8b:
30:a7:e1:6a:d8:ee:96:a1:52:e9:74:10:a3:25:4a:
7c:ee:a9:3d:58:89:ea:84:97:98:b7:bc:b2:6b:88:
96:5c:0f:c3:f3:5d:90:6e:73:65:c1:b0:2a:72:80:
b0:32:48:ff:2a:9c:25:41:b4:b7:e7:17:9d:5c:42:
57:3f:c0:4f:48:84:7f:5c:f4:55:b8:b8:29:61:05:
7a:b9:bf:14:40:59:34:87:26:3f:d4:b6:ed:f7:91:
7e:b9:0c:ac:88:05:54:de:7f:fc:44:69:20:57:d9:
88:49:70:c1:18:7c:50:3c:f3:a8:92:ab:51:7e:8f:
7c:05:8e:15:13:7e:33:2c:1b:e9:c2:fb:2a:75:96:
a0:d1:b6:0a:46:40:36:5e:1c:fe:39:e4:83:b5:ef:
ac:b1:10:8d:b2:ae:cc:4f:f3:74:07:61:f9:b0:e7:
e7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:34:7B:88:5C:E5:71:EB:EF:5F:50:98:BA:B8:ED:B0:29:85:4B:74
X509v3 Authority Key Identifier:
keyid:92:D9:08:9A:8E:32:8D:32:D6:DE:16:D7:DA:25:7B:81:1B:05:23:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktkImo4yjTLW3hbX2iV7gRsFI50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/431634-35cb-4545-877b-df3c07f3411e/1/PDR7iFzlcevvX1CYurjtsCmFS3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/431634-35cb-4545-877b-df3c07f3411e/1/ktkImo4yjTLW3hbX2iV7gRsFI50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.31.0/24
Signature Algorithm: sha256WithRSAEncryption
25:7f:e6:ca:38:92:6d:b5:2b:29:63:ba:72:10:13:cd:52:b2:
cf:dd:4e:3e:1e:49:59:9a:97:95:20:77:a9:b3:d3:35:e2:b5:
6e:d5:8c:fa:86:0d:78:75:3f:9f:23:d5:12:12:a9:9a:f6:07:
41:ba:7e:ed:b6:84:92:4a:7e:38:bd:6e:dd:33:70:1d:1e:e6:
48:36:13:9e:59:03:aa:50:9e:95:c6:37:66:2b:93:bb:f4:5e:
2c:5c:8c:89:5b:af:6e:0b:6c:28:23:8f:0c:bd:8a:6d:f9:b8:
ba:2f:90:01:19:db:a2:2e:f1:e8:aa:35:8f:28:53:94:ce:27:
26:ce:8c:87:7e:1f:23:33:94:26:2a:f2:bc:f5:b2:39:75:53:
3b:13:86:46:24:2e:40:c1:c7:44:f8:f7:07:d0:85:b8:88:4d:
be:69:b8:4e:ee:d2:81:73:8d:a9:09:37:7e:28:8b:c1:f1:15:
f6:e5:4e:34:9f:6a:14:7c:a2:63:c5:e2:13:eb:3a:22:bd:48:
72:19:ab:4b:9d:89:9a:36:83:eb:86:2c:50:59:96:29:9b:24:
e1:3b:82:0d:c3:cd:d1:a1:14:bc:d4:09:58:4c:15:7e:1d:f2:
db:21:31:47:2e:5b:ed:c7:85:e6:50:24:a8:8b:20:7c:bd:63:
fa:1c:22:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4UF7LVkZT3AITaWNAvUXD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDkwODlhOGUzMjhkMzJkNmRlMTZkN2RhMjU3YjgxMWIw
NTIzOWQwHhcNMjQwMzA2MTQwODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM0N2I4ODVjZTU3MWViZWY1ZjUwOThiYWI4ZWRiMDI5ODU0Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6XCIME5NklPAIKPQ1wbYIellOav
wM6GWRvNSyWW8Yw1Nby9Zbh84zH8CKR8wor7Yny/+sly0sd5bMZNEcxtuIbIw2ET
pV/vZulqiQzj/X5CTzYYY+6BDoswp+Fq2O6WoVLpdBCjJUp87qk9WInqhJeYt7yy
a4iWXA/D812QbnNlwbAqcoCwMkj/KpwlQbS35xedXEJXP8BPSIR/XPRVuLgpYQV6
ub8UQFk0hyY/1Lbt95F+uQysiAVU3n/8RGkgV9mISXDBGHxQPPOokqtRfo98BY4V
E34zLBvpwvsqdZag0bYKRkA2Xhz+OeSDte+ssRCNsq7MT/N0B2H5sOfn3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDw0e4hc5XHr719QmLq47bAphUt0MB8GA1UdIwQY
MBaAFJLZCJqOMo0y1t4W19ole4EbBSOdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RrSW1vNHlqVExXM2hiWDJpVjdnUnNGSTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80MzE2MzQtMzVjYi00NTQ1LTg3N2It
ZGYzYzA3ZjM0MTFlLzEvUERSN2lGemxjZXZ2WDFDWXVyanRzQ21GUzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80MzE2MzQtMzVjYi00NTQ1LTg3N2ItZGYzYzA3ZjM0MTFl
LzEva3RrSW1vNHlqVExXM2hiWDJpVjdnUnNGSTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw4fMA0G
CSqGSIb3DQEBCwUAA4IBAQAlf+bKOJJttSspY7pyEBPNUrLP3U4+HklZmpeVIHep
s9M14rVu1Yz6hg14dT+fI9USEqma9gdBun7ttoSSSn44vW7dM3AdHuZINhOeWQOq
UJ6VxjdmK5O79F4sXIyJW69uC2woI48MvYpt+bi6L5ABGduiLvHoqjWPKFOUzicm
zoyHfh8jM5QmKvK89bI5dVM7E4ZGJC5AwcdE+PcH0IW4iE2+abhO7tKBc42pCTd+
KIvB8RX25U40n2oUfKJjxeIT6zoivUhyGatLnYmaNoPrhixQWZYpmyThO4INw83R
oRS81AlYTBV+HfLbITFHLlvtx4XmUCSoiyB8vWP6HCK0
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:54 2025 by rpki-client