Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wkT1kGIvDg5S8Me4JO4M9Qx5OwU.roa
File: wkT1kGIvDg5S8Me4JO4M9Qx5OwU.roa (raw, json)
Hash identifier: /wj0mE02zRBp2SZ6UJuRM2GakEQbjvGOAqcX+hs0UAg=
Subject key identifier: C2:44:F5:90:62:2F:0E:0E:52:F0:C7:B8:24:EE:0C:F5:0C:79:3B:05
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0185700298C8479C6DD33405F97EBAE3A2A8
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wkT1kGIvDg5S8Me4JO4M9Qx5OwU.roa
Signing time: Mon 02 Jan 2023 01:04:56 +0000
ROA not before: Mon 02 Jan 2023 01:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208972
IP address blocks: 31.210.37.0/24 maxlen: 24
31.210.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 12:27:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:98:c8:47:9c:6d:d3:34:05:f9:7e:ba:e3:a2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c244f590622f0e0e52f0c7b824ee0cf50c793b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1b:7e:cf:d2:2e:75:64:c7:b8:02:e3:fa:fd:
92:d3:b6:54:2c:d8:c6:c3:59:7b:ff:f3:4a:9f:dc:
18:40:7f:57:b0:32:97:8f:fc:87:3a:94:1c:be:8a:
35:44:cb:5e:58:f7:ba:af:40:80:16:52:aa:3d:44:
40:19:4f:83:98:a2:8c:b4:0e:9f:fa:84:ae:6b:ed:
37:d9:1e:53:46:c5:e6:3b:a8:a0:96:9e:fa:e8:e8:
5a:95:50:37:94:e3:65:2c:36:a1:35:d8:f1:dc:da:
73:2c:24:44:e8:e1:c2:45:3b:57:3f:87:40:c0:d7:
2d:65:ed:07:a2:89:e6:0f:ec:e7:f0:33:56:97:59:
49:35:73:e4:d6:e7:13:01:ff:35:6a:86:50:f2:80:
13:ae:0e:52:12:04:86:a2:1e:93:69:21:e5:71:7b:
23:87:dc:4f:7a:99:cd:c0:62:ad:10:2a:9c:c3:01:
8d:62:ea:0e:d2:f2:d0:fd:1b:cb:8d:57:2c:d8:c1:
76:bb:62:ae:52:da:ea:7f:cc:74:16:4f:ef:50:76:
33:59:2d:a3:40:81:65:9f:80:ba:ae:a8:78:d3:cd:
dd:74:13:f7:77:8d:33:60:fd:37:f9:4b:bf:e9:05:
65:b2:08:d5:2a:1a:53:9d:7a:cf:57:63:88:79:16:
32:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:44:F5:90:62:2F:0E:0E:52:F0:C7:B8:24:EE:0C:F5:0C:79:3B:05
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/wkT1kGIvDg5S8Me4JO4M9Qx5OwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.37.0-31.210.38.255
Signature Algorithm: sha256WithRSAEncryption
84:cb:76:af:e6:d1:cb:29:01:9c:6c:91:50:33:90:78:14:30:
90:76:34:85:f1:f2:01:be:86:65:fd:38:c2:1a:6d:2e:cf:a3:
f1:70:a9:ad:44:8b:b4:e5:b0:00:87:b7:c0:62:e4:16:75:a0:
20:77:a4:b0:17:f2:15:0c:ce:0d:21:91:36:a3:0d:1b:a0:8b:
88:81:5a:93:31:c3:b9:2d:a8:10:04:d7:ef:eb:dc:11:aa:77:
b4:e6:b6:5e:ec:16:aa:08:6c:83:af:1b:f7:cb:fe:24:5a:19:
13:28:17:a6:d3:45:6d:84:bd:6d:39:20:4d:2b:b9:c8:28:32:
e4:93:83:f6:69:3e:7d:71:01:fe:d3:e2:12:e6:85:95:97:72:
10:6a:86:56:20:9f:fc:37:44:15:df:de:ae:87:61:9e:1c:f4:
74:b9:14:cf:03:c2:e1:8d:ec:82:ca:a9:88:5a:de:66:3d:c4:
06:84:b4:73:3b:46:ae:6e:11:33:64:f5:04:88:ed:6d:0e:4e:
7f:c4:3c:c0:1f:01:cf:cb:42:bd:75:2b:4e:36:d7:b8:12:bc:
bc:4b:7b:ab:fd:97:d6:4a:05:14:d4:ab:d4:b0:a8:87:f3:0c:
11:35:d8:c6:00:ae:15:40:d2:da:10:d7:53:de:01:4c:1e:69:
13:d0:8f:59
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwApjIR5xt0zQF+X6646KoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ0ZjU5MDYyMmYwZTBlNTJmMGM3YjgyNGVlMGNmNTBjNzkzYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRt+z9IudWTHuALj+v2S07ZULNjG
w1l7//NKn9wYQH9XsDKXj/yHOpQcvoo1RMteWPe6r0CAFlKqPURAGU+DmKKMtA6f
+oSua+032R5TRsXmO6iglp766OhalVA3lONlLDahNdjx3NpzLCRE6OHCRTtXP4dA
wNctZe0HoonmD+zn8DNWl1lJNXPk1ucTAf81aoZQ8oATrg5SEgSGoh6TaSHlcXsj
h9xPepnNwGKtECqcwwGNYuoO0vLQ/RvLjVcs2MF2u2KuUtrqf8x0Fk/vUHYzWS2j
QIFln4C6rqh4083ddBP3d40zYP03+Uu/6QVlsgjVKhpTnXrPV2OIeRYyzQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMJE9ZBiLw4OUvDHuCTuDPUMeTsFMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvd2tUMWtHSXZEZzVTOE1lNEpPNE05UXg1T3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAf0iUD
BAAf0iYwDQYJKoZIhvcNAQELBQADggEBAITLdq/m0cspAZxskVAzkHgUMJB2NIXx
8gG+hmX9OMIabS7Po/Fwqa1Ei7TlsACHt8Bi5BZ1oCB3pLAX8hUMzg0hkTajDRug
i4iBWpMxw7ktqBAE1+/r3BGqd7Tmtl7sFqoIbIOvG/fL/iRaGRMoF6bTRW2EvW05
IE0rucgoMuSTg/ZpPn1xAf7T4hLmhZWXchBqhlYgn/w3RBXf3q6HYZ4c9HS5FM8D
wuGN7ILKqYha3mY9xAaEtHM7Rq5uETNk9QSI7W0OTn/EPMAfAc/LQr11K04217gS
vLxLe6v9l9ZKBRTUq9SwqIfzDBE12MYArhVA0toQ11PeAUweaRPQj1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org