Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/LUfpZ75wmK77JfH3lAYBv6r5RX4.roa
File: LUfpZ75wmK77JfH3lAYBv6r5RX4.roa (raw, json)
Hash identifier: iaW//hg4Ja5bd2G+w2/Y/DOMgq0XoYcUmKNKDp1Sw04=
Subject key identifier: 2D:47:E9:67:BE:70:98:AE:FB:25:F1:F7:94:06:01:BF:AA:F9:45:7E
Certificate issuer: /CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Certificate serial: 018CCA2AA87468235595F70C402C124797BA
Authority key identifier: D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/LUfpZ75wmK77JfH3lAYBv6r5RX4.roa
Signing time: Tue 02 Jan 2024 12:34:02 +0000
ROA not before: Tue 02 Jan 2024 12:34:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 81.31.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 15:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a8:74:68:23:55:95:f7:0c:40:2c:12:47:97:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Validity
Not Before: Jan 2 12:34:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d47e967be7098aefb25f1f7940601bfaaf9457e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:35:90:ea:09:de:dd:e3:9f:ed:d4:c2:ea:e7:
6f:06:1b:fa:8d:dc:e9:e4:db:48:85:93:d7:6e:4b:
fb:b0:d6:fb:09:a8:c0:b4:1e:a4:f6:a0:31:88:3a:
a2:ab:46:e7:14:c6:8f:76:ff:2b:16:bb:1c:9d:46:
25:53:43:e8:cb:6d:90:9f:e1:0d:d6:fa:73:17:a7:
29:6f:cd:d3:e2:8b:5b:2c:eb:5f:13:b1:06:10:02:
d6:dd:28:40:36:dd:c5:dd:83:70:c6:e5:69:22:9b:
cf:7b:5d:78:32:75:c1:ee:c0:89:0d:8f:db:ef:43:
49:98:a9:48:0d:78:0b:af:b1:6d:df:fd:99:69:ed:
4b:e2:24:3d:ae:20:64:a7:53:70:56:e2:fc:d1:6e:
b7:db:e4:e2:18:84:e4:e3:2d:10:28:ee:1f:f7:d0:
ce:6d:6c:a1:86:ef:72:7c:93:82:62:95:f8:bc:0e:
67:87:50:11:26:86:4a:d0:1f:d1:5a:9b:42:ca:31:
95:ce:f1:37:d5:36:bf:a0:df:bf:4a:6e:b3:5b:b6:
84:04:b0:97:50:fa:36:d2:3e:09:67:88:e7:c8:6d:
f6:5f:27:ab:67:48:30:b3:9a:23:86:8f:1d:e1:83:
9d:c5:7b:7e:92:be:34:1a:a0:f8:48:3d:26:93:84:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:47:E9:67:BE:70:98:AE:FB:25:F1:F7:94:06:01:BF:AA:F9:45:7E
X509v3 Authority Key Identifier:
keyid:D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/LUfpZ75wmK77JfH3lAYBv6r5RX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
19:cb:88:cf:32:13:8e:1b:be:60:74:1a:40:70:76:9c:84:09:
cf:10:bb:dd:c0:f1:cb:8c:33:b2:ae:a5:4b:09:eb:5f:01:c9:
53:8c:d0:8d:25:fd:18:a7:b4:86:e1:9e:07:85:0e:7b:e4:f2:
af:cd:d3:3e:33:25:c7:67:c4:9b:20:51:ab:4b:ee:00:b2:ed:
bc:80:1e:c0:79:76:0a:2f:dd:80:81:22:d4:be:7d:06:be:4c:
c3:17:63:11:39:aa:be:b7:cc:d5:3f:ea:81:80:c9:94:76:55:
e9:71:53:55:1c:e7:f2:fa:e0:bb:16:e8:3a:c3:56:16:e0:5b:
f2:c7:1b:95:5e:26:14:cf:1d:bc:32:05:ac:2c:8d:f0:4b:9e:
4e:d1:70:23:18:35:4e:c7:1e:4b:65:ef:67:2f:1a:2a:cc:8d:
6b:ee:86:08:7b:5e:56:fd:99:12:67:34:20:5e:49:d1:af:5f:
59:af:85:4b:d1:b5:73:35:38:ee:ac:1c:6c:4a:9d:ac:73:b9:
d0:25:a4:73:c1:58:4f:5a:9e:4c:b5:06:42:d7:23:c2:2d:50:
4e:9b:8c:23:6a:3b:44:46:1f:23:1c:62:b3:f7:6d:2d:84:9d:
e5:b4:7b:e1:66:77:00:1e:99:64:7b:20:79:ef:71:10:97:96:
26:f8:92:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKqh0aCNVlfcMQCwSR5e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjNhNWJlNWUyMWNhNDYwNzMyYWU0OGYzODVhM2VhMTUw
YTJiZTEwHhcNMjQwMTAyMTIzNDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQ3ZTk2N2JlNzA5OGFlZmIyNWYxZjc5NDA2MDFiZmFhZjk0NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDWQ6gne3eOf7dTC6udvBhv6jdzp
5NtIhZPXbkv7sNb7CajAtB6k9qAxiDqiq0bnFMaPdv8rFrscnUYlU0Poy22Qn+EN
1vpzF6cpb83T4otbLOtfE7EGEALW3ShANt3F3YNwxuVpIpvPe114MnXB7sCJDY/b
70NJmKlIDXgLr7Ft3/2Zae1L4iQ9riBkp1NwVuL80W632+TiGITk4y0QKO4f99DO
bWyhhu9yfJOCYpX4vA5nh1ARJoZK0B/RWptCyjGVzvE31Ta/oN+/Sm6zW7aEBLCX
UPo20j4JZ4jnyG32XyerZ0gws5ojho8d4YOdxXt+kr40GqD4SD0mk4TncQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC1H6We+cJiu+yXx95QGAb+q+UV+MB8GA1UdIwQY
MBaAFNQjpb5eIcpGBzKuSPOFo+oVCivhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2It
ZDk0NzY2NjU3NTVhLzEvTFVmcFo3NXdtSzc3SmZIM2xBWUJ2NnI1Ulg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2ItZDk0NzY2NjU3NTVh
LzEvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUR+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAZy4jPMhOOG75gdBpAcHachAnPELvdwPHLjDOyrqVL
CetfAclTjNCNJf0Yp7SG4Z4HhQ575PKvzdM+MyXHZ8SbIFGrS+4Asu28gB7AeXYK
L92AgSLUvn0GvkzDF2MROaq+t8zVP+qBgMmUdlXpcVNVHOfy+uC7Fug6w1YW4Fvy
xxuVXiYUzx28MgWsLI3wS55O0XAjGDVOxx5LZe9nLxoqzI1r7oYIe15W/ZkSZzQg
XknRr19Zr4VL0bVzNTjurBxsSp2sc7nQJaRzwVhPWp5MtQZC1yPCLVBOm4wjajtE
Rh8jHGKz920thJ3ltHvhZncAHplkeyB573EQl5Ym+JK5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:04 2024 by rpki-client on console-ams.rpki-client.org