Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/HhlW7oGIVJfPsMAsfQ9-rV2w3Fk.roa
File: HhlW7oGIVJfPsMAsfQ9-rV2w3Fk.roa (raw, json)
Hash identifier: b0nLmUSTErRTHR0Dt98TNO/n4qJYEheh9BvnCgXWczU=
Subject key identifier: 1E:19:56:EE:81:88:54:97:CF:B0:C0:2C:7D:0F:7E:AD:5D:B0:DC:59
Certificate issuer: /CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Certificate serial: 01860B5DA647BD891F8C59999EAE2BE6230C
Authority key identifier: 32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/HhlW7oGIVJfPsMAsfQ9-rV2w3Fk.roa
Signing time: Wed 01 Feb 2023 05:05:32 +0000
ROA not before: Wed 01 Feb 2023 05:05:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56583
IP address blocks: 31.171.208.0/24 maxlen: 24
2a0b:71c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0b:5d:a6:47:bd:89:1f:8c:59:99:9e:ae:2b:e6:23:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Validity
Not Before: Feb 1 05:05:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e1956ee81885497cfb0c02c7d0f7ead5db0dc59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4a:3a:8e:00:75:d6:f0:4d:7a:6f:de:13:97:
b3:31:d9:d0:e3:57:42:2e:25:ae:23:2e:ad:97:5a:
73:81:97:97:15:3e:ed:5e:5e:44:41:fd:53:5e:27:
35:06:8d:1c:55:93:12:48:31:46:e7:6b:7d:cf:c7:
17:6f:dd:85:56:9e:04:78:8f:1e:e0:50:64:e1:b8:
cd:b1:65:6d:fc:85:c3:df:16:dc:cd:83:a1:fe:7d:
f1:12:7e:31:10:ed:be:30:b0:5a:6b:b0:88:f8:31:
f8:98:5a:3e:01:71:64:30:69:41:21:fb:ef:03:1c:
da:d2:56:1d:54:b0:93:dd:4c:f4:75:48:e7:9e:c3:
ea:42:fb:5a:26:40:42:b3:c5:b5:9b:2b:2d:88:6b:
82:8e:93:a9:c4:09:90:1c:8f:23:c3:b9:8f:a5:b1:
e6:71:f4:1d:a6:83:20:54:d8:35:71:a2:8a:3e:eb:
52:4a:ae:cf:d2:f0:6e:5e:37:e6:ff:d6:92:4e:04:
d9:b9:82:1d:d0:f4:9b:e3:e4:c2:bf:c6:dd:41:6e:
49:c7:6f:a4:a5:22:ae:21:0a:b9:c8:e7:bb:7e:30:
38:14:37:d6:9c:a1:4a:61:29:db:ad:e7:f6:ac:6d:
1d:b1:a2:0e:94:15:7b:a8:1a:2f:37:ef:19:96:d9:
04:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:19:56:EE:81:88:54:97:CF:B0:C0:2C:7D:0F:7E:AD:5D:B0:DC:59
X509v3 Authority Key Identifier:
keyid:32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/HhlW7oGIVJfPsMAsfQ9-rV2w3Fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.208.0/24
IPv6:
2a0b:71c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
13:3f:75:a9:56:99:73:c6:67:3d:7f:60:88:08:5a:fb:73:91:
04:67:83:a0:27:e2:b6:23:e5:bf:86:39:b7:c4:28:8f:8f:a0:
5a:8f:7d:0b:42:66:ed:bf:a5:b2:95:ce:d1:bd:9b:7c:20:d3:
00:1c:07:fd:02:1f:27:84:19:63:fd:df:fc:c5:c5:6f:e0:d5:
0c:74:17:a8:d6:f7:e9:5b:1b:27:58:15:ab:b6:92:ed:4e:1b:
5e:ac:e0:ee:9d:6d:04:97:93:f2:b2:63:7a:c4:68:68:23:7c:
77:4b:05:ea:09:24:d7:a4:18:85:d8:32:7f:3b:b9:3e:c4:93:
00:e9:e7:c3:af:39:3e:48:30:2b:5c:20:f3:a9:35:58:a0:c1:
c7:5f:f4:05:5b:68:96:aa:d8:f4:f3:ac:77:41:a1:f8:05:88:
4a:d3:bd:09:38:a7:96:25:64:56:c9:3c:74:20:94:ba:37:a5:
8a:c5:0a:90:ff:90:64:f7:09:4a:31:f0:50:c5:24:30:92:47:
59:20:43:df:e0:4d:28:ae:20:91:bc:e7:80:7b:68:a8:3a:e4:
f6:31:9b:10:d1:fd:51:29:77:74:c7:7e:22:16:ef:f6:65:bc:
fa:a1:8e:76:65:5a:58:c9:46:da:97:5b:1d:21:cd:4f:d0:32:
4a:c3:f0:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYLXaZHvYkfjFmZnq4r5iMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWUxYmNkOGNlMzkzZDk4YTc1ODNhYzEzZjE0MjVkNGZh
ZjI3YzkwHhcNMjMwMjAxMDUwNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE5NTZlZTgxODg1NDk3Y2ZiMGMwMmM3ZDBmN2VhZDVkYjBkYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0o6jgB11vBNem/eE5ezMdnQ41dC
LiWuIy6tl1pzgZeXFT7tXl5EQf1TXic1Bo0cVZMSSDFG52t9z8cXb92FVp4EeI8e
4FBk4bjNsWVt/IXD3xbczYOh/n3xEn4xEO2+MLBaa7CI+DH4mFo+AXFkMGlBIfvv
Axza0lYdVLCT3Uz0dUjnnsPqQvtaJkBCs8W1mystiGuCjpOpxAmQHI8jw7mPpbHm
cfQdpoMgVNg1caKKPutSSq7P0vBuXjfm/9aSTgTZuYId0PSb4+TCv8bdQW5Jx2+k
pSKuIQq5yOe7fjA4FDfWnKFKYSnbref2rG0dsaIOlBV7qBovN+8ZltkEcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4ZVu6BiFSXz7DALH0Pfq1dsNxZMB8GA1UdIwQY
MBaAFDLuG82M45PZinWDrBPxQl1PryfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEt
NDAwMTJjODI5NzliLzEvSGhsVzdvR0lWSmZQc01Bc2ZROS1yVjJ3M0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEtNDAwMTJjODI5Nzli
LzEvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAH6vQMA8E
AgACMAkDBwAqC3HAAAEwDQYJKoZIhvcNAQELBQADggEBABM/dalWmXPGZz1/YIgI
WvtzkQRng6An4rYj5b+GObfEKI+PoFqPfQtCZu2/pbKVztG9m3wg0wAcB/0CHyeE
GWP93/zFxW/g1Qx0F6jW9+lbGydYFau2ku1OG16s4O6dbQSXk/KyY3rEaGgjfHdL
BeoJJNekGIXYMn87uT7EkwDp58OvOT5IMCtcIPOpNVigwcdf9AVbaJaq2PTzrHdB
ofgFiErTvQk4p5YlZFbJPHQglLo3pYrFCpD/kGT3CUox8FDFJDCSR1kgQ9/gTSiu
IJG854B7aKg65PYxmxDR/VEpd3THfiIW7/ZlvPqhjnZlWljJRtqXWx0hzU/QMkrD
8OI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:40 2024 by rpki-client on console-ams.rpki-client.org