Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/ALYIm6pALQaElgzCkrVFGS5bvmc.roa
File: ALYIm6pALQaElgzCkrVFGS5bvmc.roa (raw, json)
Hash identifier: tUOskg0i0HYMca3rwebKzUMkC08TtrKK9/ikJjMEE3A=
Subject key identifier: 00:B6:08:9B:AA:40:2D:06:84:96:0C:C2:92:B5:45:19:2E:5B:BE:67
Certificate issuer: /CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Certificate serial: 01860B5653F29006E843036B9B614328C6C1
Authority key identifier: 32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/ALYIm6pALQaElgzCkrVFGS5bvmc.roa
Signing time: Wed 01 Feb 2023 04:57:32 +0000
ROA not before: Wed 01 Feb 2023 04:57:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200137
IP address blocks: 31.171.210.0/24 maxlen: 24
2a0b:71c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:56:53:f2:90:06:e8:43:03:6b:9b:61:43:28:c6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Validity
Not Before: Feb 1 04:57:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b6089baa402d0684960cc292b545192e5bbe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:58:02:d3:76:c6:d8:9a:4a:fb:f6:0c:b2:bb:
ae:88:96:42:b2:4a:27:b8:03:2b:31:de:63:b0:d2:
9f:df:17:a6:68:f2:14:44:a3:ad:94:ea:dc:7e:ca:
cf:42:0b:a7:4a:14:1f:6c:4b:a8:ed:f9:44:56:ec:
4b:3a:89:2d:26:84:0d:3b:fa:26:4e:00:d6:b4:51:
9a:c6:bd:f3:5f:af:c2:e8:97:1a:a7:81:ff:ff:c1:
a2:1f:ec:f5:82:9f:06:17:1b:59:b3:90:d8:44:b0:
bb:8c:77:99:2e:18:06:18:d3:38:1e:d1:50:7c:cd:
8f:c5:43:2b:24:a3:b0:6a:f3:e9:1e:55:c7:9e:42:
d4:05:b2:d0:e5:2b:47:00:40:03:5a:3b:e6:29:5e:
fc:91:13:8e:f3:67:90:c7:d3:c4:a2:3d:71:32:f7:
14:0a:ac:ed:5a:06:93:fd:8b:39:8a:6d:04:76:79:
f4:eb:31:ac:06:36:78:4b:67:ff:62:eb:99:03:f2:
c7:ad:df:6f:bd:45:21:4a:c6:30:10:09:cb:37:80:
07:b4:84:b0:b5:2b:20:73:44:ae:0d:9e:1f:18:d5:
71:bc:ee:65:89:b8:f7:1c:53:93:a9:26:96:31:fe:
25:aa:88:64:73:ca:4a:33:c0:ec:c6:ca:c1:d4:d9:
ea:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B6:08:9B:AA:40:2D:06:84:96:0C:C2:92:B5:45:19:2E:5B:BE:67
X509v3 Authority Key Identifier:
keyid:32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/ALYIm6pALQaElgzCkrVFGS5bvmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.210.0/24
IPv6:
2a0b:71c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
a8:be:d4:43:e4:96:c6:46:a3:24:e4:a4:d0:65:78:39:7d:5c:
97:84:50:03:d1:66:35:a9:5b:68:b1:a3:29:73:34:b5:c0:0a:
6f:d6:7b:b2:71:0d:3a:f4:c5:e8:aa:c6:94:84:ca:fa:e3:37:
e5:43:5d:50:5d:f0:8f:af:5a:8c:9f:dc:7b:29:fd:8f:a7:b7:
5e:60:d8:5a:d5:b8:c7:4c:86:b2:23:59:22:88:da:f2:27:1b:
c3:3a:71:46:30:89:e6:c5:bb:03:6e:f1:88:9b:c0:3e:43:cf:
0a:36:08:e8:83:77:d5:a3:ce:77:cc:b4:e9:17:4a:0e:a3:65:
20:a4:99:fe:f8:b1:67:bd:ca:4c:d7:12:37:63:8d:5b:aa:fe:
c6:65:a9:11:a8:45:41:2c:f3:cc:f4:7a:f5:c9:6f:75:d4:70:
74:9d:73:8c:fa:b1:51:71:cc:58:5d:56:64:29:35:be:a9:d1:
a6:fe:8e:1c:a9:59:e7:fe:9a:19:2c:9c:46:60:cb:78:8a:de:
2f:3d:bd:da:45:51:55:12:b7:97:d0:5c:5e:ae:98:be:49:85:
e4:b0:f9:19:1e:de:ae:01:01:14:88:07:20:4f:7b:27:74:3c:
94:78:d0:b1:16:b4:96:da:66:2c:92:98:18:36:27:6f:c7:dc:
f1:24:48:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYLVlPykAboQwNrm2FDKMbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWUxYmNkOGNlMzkzZDk4YTc1ODNhYzEzZjE0MjVkNGZh
ZjI3YzkwHhcNMjMwMjAxMDQ1NzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI2MDg5YmFhNDAyZDA2ODQ5NjBjYzI5MmI1NDUxOTJlNWJiZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklgC03bG2JpK+/YMsruuiJZCskon
uAMrMd5jsNKf3xemaPIURKOtlOrcfsrPQgunShQfbEuo7flEVuxLOoktJoQNO/om
TgDWtFGaxr3zX6/C6Jcap4H//8GiH+z1gp8GFxtZs5DYRLC7jHeZLhgGGNM4HtFQ
fM2PxUMrJKOwavPpHlXHnkLUBbLQ5StHAEADWjvmKV78kROO82eQx9PEoj1xMvcU
CqztWgaT/Ys5im0Ednn06zGsBjZ4S2f/YuuZA/LHrd9vvUUhSsYwEAnLN4AHtISw
tSsgc0SuDZ4fGNVxvO5libj3HFOTqSaWMf4lqohkc8pKM8DsxsrB1NnqewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAC2CJuqQC0GhJYMwpK1RRkuW75nMB8GA1UdIwQY
MBaAFDLuG82M45PZinWDrBPxQl1PryfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEt
NDAwMTJjODI5NzliLzEvQUxZSW02cEFMUWFFbGd6Q2tyVkZHUzVidm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEtNDAwMTJjODI5Nzli
LzEvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH6vSMA8E
AgACMAkDBwAqC3HAAAIwDQYJKoZIhvcNAQELBQADggEBAKi+1EPklsZGoyTkpNBl
eDl9XJeEUAPRZjWpW2ixoylzNLXACm/We7JxDTr0xeiqxpSEyvrjN+VDXVBd8I+v
Woyf3Hsp/Y+nt15g2FrVuMdMhrIjWSKI2vInG8M6cUYwiebFuwNu8YibwD5Dzwo2
COiDd9WjznfMtOkXSg6jZSCkmf74sWe9ykzXEjdjjVuq/sZlqRGoRUEs88z0evXJ
b3XUcHSdc4z6sVFxzFhdVmQpNb6p0ab+jhypWef+mhksnEZgy3iK3i89vdpFUVUS
t5fQXF6umL5JheSw+Rke3q4BARSIByBPeyd0PJR40LEWtJbaZiySmBg2J2/H3PEk
SMg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:15 2024 by rpki-client on console-fra.rpki-client.org