Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa
File: vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa (raw, json)
Hash identifier: 82St4WMM8HekY66OXHATAncJcQfFyldZZ7G5bpc0O7E=
Subject key identifier: BD:0A:A6:92:19:25:96:18:D8:34:5F:E0:72:EB:EB:EF:1D:60:4E:04
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C9BAF7F8E017DC4E94EF5E984C1375F9C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa
Signing time: Sun 24 Dec 2023 11:56:59 +0000
ROA not before: Sun 24 Dec 2023 11:56:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61218
IP address blocks: 31.42.183.0/24 maxlen: 24
2a0e:97c0:4b00::/40 maxlen: 48
2a0e:b100:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:af:7f:8e:01:7d:c4:e9:4e:f5:e9:84:c1:37:5f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 24 11:56:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd0aa69219259618d8345fe072ebebef1d604e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7d:b5:dd:3f:cb:b8:e8:5f:fc:ae:74:53:88:
16:97:f7:39:03:85:35:41:96:e1:75:68:65:99:a6:
0e:0a:0c:e7:5f:f5:16:21:62:d1:3c:ef:66:dd:c8:
0f:9c:0d:39:94:2f:bb:c2:0d:60:66:17:16:7b:80:
1a:51:19:73:57:0c:eb:c6:93:69:26:1f:30:20:1d:
cd:1a:eb:1e:b3:7f:e5:06:b4:29:43:42:59:a1:e9:
a8:34:e8:12:52:79:54:ef:50:da:87:6f:bf:55:f9:
2c:16:ae:43:f7:07:58:72:b3:a1:8e:fb:20:bc:30:
cc:08:0c:f6:50:30:c8:67:d2:28:0c:d8:9e:c2:59:
3f:99:28:41:b1:0b:31:af:4c:3b:5d:9c:ce:04:27:
e6:c4:aa:3e:5f:e4:02:4a:79:89:50:20:0c:25:ed:
4e:cf:73:2d:e9:b1:6d:1f:7a:72:e9:08:a6:f8:40:
75:c5:89:86:d1:a4:6b:e7:ab:19:b7:da:86:cf:e5:
34:38:7b:ff:dc:b5:99:58:fe:8b:f1:c1:6f:76:7f:
56:d1:45:7f:71:60:0b:0d:79:c6:5a:c7:80:90:79:
06:74:4f:81:5d:66:69:3e:e7:6c:86:19:d1:d0:ec:
3b:b0:23:a8:47:07:82:bf:43:de:16:fe:bb:23:f5:
fc:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0A:A6:92:19:25:96:18:D8:34:5F:E0:72:EB:EB:EF:1D:60:4E:04
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vQqmkhkllhjYNF_gcuvr7x1gTgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
IPv6:
2a0e:97c0:4b00::/40
2a0e:b100:1::/48
Signature Algorithm: sha256WithRSAEncryption
60:91:e1:08:0e:98:fd:1b:d3:8c:82:f7:52:67:0f:b3:06:32:
10:46:ac:de:93:02:41:43:4f:f3:d4:54:34:a7:fa:45:8e:80:
7f:a9:a5:bc:9f:70:50:3c:53:08:31:2d:d9:80:82:e6:bf:c0:
89:11:b2:76:04:d0:27:29:3d:a7:3a:57:8a:3b:23:6d:bc:a5:
64:24:33:5a:9d:e4:fe:74:a1:92:36:87:8a:d6:4e:63:d5:15:
1b:41:ef:f2:c9:80:db:92:0c:88:36:6a:02:85:15:4c:7f:57:
65:53:ba:7a:18:25:19:68:e1:52:3b:67:bb:dc:22:24:0e:b0:
98:63:21:2d:75:4c:69:f6:50:70:f2:4f:10:c7:e2:e9:a4:62:
95:5d:ea:f5:36:cc:5c:d5:3d:83:9a:28:b7:b7:89:55:97:c2:
ab:c3:9a:06:48:30:82:e3:65:5c:c4:e8:dd:97:20:a0:9f:0f:
da:b3:de:89:3b:72:2e:47:c8:35:f0:19:54:89:1c:f6:e4:17:
27:a9:f2:7a:5c:2d:b6:ec:00:20:05:c6:b7:9c:7e:6f:80:7c:
dc:4a:78:6a:b8:2e:64:85:b9:95:60:43:30:fb:85:b1:66:0d:
4c:16:12:d0:d7:0e:0c:e7:1b:1d:37:b7:4c:cf:95:74:1c:15:
c0:e7:a3:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYybr3+OAX3E6U716YTBN1+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjI0MTE1NjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBhYTY5MjE5MjU5NjE4ZDgzNDVmZTA3MmViZWJlZjFkNjA0ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX213T/LuOhf/K50U4gWl/c5A4U1
QZbhdWhlmaYOCgznX/UWIWLRPO9m3cgPnA05lC+7wg1gZhcWe4AaURlzVwzrxpNp
Jh8wIB3NGuses3/lBrQpQ0JZoemoNOgSUnlU71Dah2+/VfksFq5D9wdYcrOhjvsg
vDDMCAz2UDDIZ9IoDNiewlk/mShBsQsxr0w7XZzOBCfmxKo+X+QCSnmJUCAMJe1O
z3Mt6bFtH3py6Qim+EB1xYmG0aRr56sZt9qGz+U0OHv/3LWZWP6L8cFvdn9W0UV/
cWALDXnGWseAkHkGdE+BXWZpPudshhnR0Ow7sCOoRweCv0PeFv67I/X87wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0KppIZJZYY2DRf4HLr6+8dYE4EMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdlFxbWtoa2xsaGpZTkZfZ2N1dnI3eDFnVGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQAHyq3MBcE
AgACMBEDBgAqDpfASwMHACoOsQAAATANBgkqhkiG9w0BAQsFAAOCAQEAYJHhCA6Y
/RvTjIL3UmcPswYyEEas3pMCQUNP89RUNKf6RY6Af6mlvJ9wUDxTCDEt2YCC5r/A
iRGydgTQJyk9pzpXijsjbbylZCQzWp3k/nShkjaHitZOY9UVG0Hv8smA25IMiDZq
AoUVTH9XZVO6ehglGWjhUjtnu9wiJA6wmGMhLXVMafZQcPJPEMfi6aRilV3q9TbM
XNU9g5oot7eJVZfCq8OaBkgwguNlXMTo3ZcgoJ8P2rPeiTtyLkfINfAZVIkc9uQX
J6nyelwttuwAIAXGt5x+b4B83Ep4arguZIW5lWBDMPuFsWYNTBYS0NcODOcbHTe3
TM+VdBwVwOejJg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:33 2024 by rpki-client on console-fra.rpki-client.org