Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/czw4mPqVhH-W7LrjEuG6sIZucOs.roa
File: czw4mPqVhH-W7LrjEuG6sIZucOs.roa (raw, json)
Hash identifier: dkOKAk9lGkoyAZVu7OBNHwDYamoSLbclobo/F+iJQ18=
Subject key identifier: 73:3C:38:98:FA:95:84:7F:96:EC:BA:E3:12:E1:BA:B0:86:6E:70:EB
Certificate issuer: /CN=4081f85602b1168925d83eb3ca61609f357956a6
Certificate serial: 0187E5E4156AB649D570FC3C15FCD8A7A503
Authority key identifier: 40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/czw4mPqVhH-W7LrjEuG6sIZucOs.roa
Signing time: Thu 04 May 2023 08:32:22 +0000
ROA not before: Thu 04 May 2023 08:32:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56749
IP address blocks: 31.130.180.0/24 maxlen: 24
31.130.183.0/24 maxlen: 24
31.130.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 08:59:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e5:e4:15:6a:b6:49:d5:70:fc:3c:15:fc:d8:a7:a5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4081f85602b1168925d83eb3ca61609f357956a6
Validity
Not Before: May 4 08:32:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=733c3898fa95847f96ecbae312e1bab0866e70eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:46:4b:96:85:6f:64:91:02:0d:34:4b:ae:17:
8f:07:9c:65:e4:65:d7:68:75:cd:c1:5a:22:11:f3:
60:1b:b7:7a:a8:40:21:ad:9d:09:07:99:4d:11:93:
f7:0b:81:8f:8d:e5:d7:b8:90:e3:48:60:d2:c6:9b:
9f:b1:2a:3e:77:a0:4c:61:d4:a9:7b:da:59:d3:14:
ea:b9:0e:84:1f:15:3b:96:14:84:c7:a7:b5:fa:00:
a7:84:4c:2d:e9:00:73:a3:9e:0d:52:98:71:5b:7c:
fa:7c:76:d4:24:69:6c:79:eb:06:8a:37:34:2c:31:
36:b4:6d:1f:eb:7b:81:d4:2d:d4:49:cb:51:ce:30:
f2:d6:9b:7c:15:79:6e:93:3c:31:9f:dd:3e:53:8a:
ed:9a:7f:c4:7f:83:b7:a2:4b:46:d8:f0:db:84:a2:
98:89:2d:36:82:57:c4:d3:6a:e3:5e:11:08:f0:ac:
83:fd:61:d5:e4:39:f6:be:5c:2d:2d:79:04:ad:a2:
ee:ca:27:92:3b:99:b5:1b:00:df:b1:74:38:3e:7b:
4c:ed:b5:14:d8:00:51:ab:85:87:3a:3c:5e:06:6b:
9b:80:65:7a:6f:27:b7:4b:ab:af:09:81:ea:91:65:
23:b3:bb:c7:46:b0:f9:77:8b:2d:47:bd:00:d2:c5:
a1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:3C:38:98:FA:95:84:7F:96:EC:BA:E3:12:E1:BA:B0:86:6E:70:EB
X509v3 Authority Key Identifier:
keyid:40:81:F8:56:02:B1:16:89:25:D8:3E:B3:CA:61:60:9F:35:79:56:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIH4VgKxFokl2D6zymFgnzV5VqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/czw4mPqVhH-W7LrjEuG6sIZucOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/22c93c-9000-4e73-a1c5-c03f3fddd4ac/1/QIH4VgKxFokl2D6zymFgnzV5VqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.180.0/24
31.130.182.0/23
Signature Algorithm: sha256WithRSAEncryption
be:7e:95:40:2f:3e:eb:40:b4:dc:6c:e9:d5:ee:bd:ac:fc:73:
3e:cd:a3:90:03:0d:31:b6:7f:58:b3:53:7f:be:d2:ee:63:61:
00:8c:4b:1b:33:d4:9a:0c:80:88:0d:93:57:0c:27:18:ab:72:
95:ca:78:5d:ac:f8:2d:8d:c3:9b:14:2f:a2:d3:ec:64:d2:85:
99:d2:5b:c9:a9:68:5f:fd:d2:71:9b:6e:ab:96:7c:f7:b9:30:
86:dc:77:a7:6d:5e:26:96:bb:2e:66:02:9d:18:22:f2:c6:0e:
ef:f5:f9:42:58:b5:25:01:ae:bc:25:04:5c:40:b5:d3:e9:b9:
c7:98:e4:cb:ef:50:cf:b1:f4:a5:4a:fb:d2:26:39:ae:d9:9b:
84:41:fc:e6:eb:54:df:f7:e7:3b:d6:58:12:5e:55:7e:7c:70:
b5:c2:9e:44:23:61:37:96:67:46:42:13:b0:75:31:d2:5b:5a:
9f:9d:87:23:d2:92:f1:b3:e2:f9:2d:a3:49:e1:75:99:5a:f0:
96:67:5f:b6:98:0a:91:10:91:ac:f9:c2:a8:74:96:e8:99:7c:
f4:a6:60:e8:0c:92:97:b4:4f:67:f7:9a:b2:cc:84:97:2d:be:
be:65:fc:81:ce:25:61:d6:c1:f3:3b:d8:fe:f8:51:b7:e5:c9:
3f:93:1e:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfl5BVqtknVcPw8FfzYp6UDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODFmODU2MDJiMTE2ODkyNWQ4M2ViM2NhNjE2MDlmMzU3
OTU2YTYwHhcNMjMwNTA0MDgzMjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzNjMzg5OGZhOTU4NDdmOTZlY2JhZTMxMmUxYmFiMDg2NmU3MGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEZLloVvZJECDTRLrhePB5xl5GXX
aHXNwVoiEfNgG7d6qEAhrZ0JB5lNEZP3C4GPjeXXuJDjSGDSxpufsSo+d6BMYdSp
e9pZ0xTquQ6EHxU7lhSEx6e1+gCnhEwt6QBzo54NUphxW3z6fHbUJGlseesGijc0
LDE2tG0f63uB1C3USctRzjDy1pt8FXlukzwxn90+U4rtmn/Ef4O3oktG2PDbhKKY
iS02glfE02rjXhEI8KyD/WHV5Dn2vlwtLXkEraLuyieSO5m1GwDfsXQ4PntM7bUU
2ABRq4WHOjxeBmubgGV6bye3S6uvCYHqkWUjs7vHRrD5d4stR70A0sWhcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHM8OJj6lYR/luy64xLhurCGbnDrMB8GA1UdIwQY
MBaAFECB+FYCsRaJJdg+s8phYJ81eVamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUt
YzAzZjNmZGRkNGFjLzEvY3p3NG1QcVZoSC1XN0xyakV1RzZzSVp1Y09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMmM5M2MtOTAwMC00ZTczLWExYzUtYzAzZjNmZGRkNGFj
LzEvUUlINFZnS3hGb2tsMkQ2enltRmduelY1VnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH4K0AwQB
H4K2MA0GCSqGSIb3DQEBCwUAA4IBAQC+fpVALz7rQLTcbOnV7r2s/HM+zaOQAw0x
tn9Ys1N/vtLuY2EAjEsbM9SaDICIDZNXDCcYq3KVynhdrPgtjcObFC+i0+xk0oWZ
0lvJqWhf/dJxm26rlnz3uTCG3HenbV4mlrsuZgKdGCLyxg7v9flCWLUlAa68JQRc
QLXT6bnHmOTL71DPsfSlSvvSJjmu2ZuEQfzm61Tf9+c71lgSXlV+fHC1wp5EI2E3
lmdGQhOwdTHSW1qfnYcj0pLxs+L5LaNJ4XWZWvCWZ1+2mAqREJGs+cKodJbomXz0
pmDoDJKXtE9n95qyzISXLb6+ZfyBziVh1sHzO9j++FG35ck/kx56
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:25 2024 by rpki-client on console-fra.rpki-client.org