Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/uW7AmhNmU_nsDKygcfvcRv1JzjE.roa
File: uW7AmhNmU_nsDKygcfvcRv1JzjE.roa (raw, json)
Hash identifier: gN82XmV4PhfdWErPln9h4ZQ5zgN5gXm+65mU7IcLlwc=
Subject key identifier: B9:6E:C0:9A:13:66:53:F9:EC:0C:AC:A0:71:FB:DC:46:FD:49:CE:31
Certificate issuer: /CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Certificate serial: 01856CF8621FAD1C1E2AA8575A06B5877890
Authority key identifier: 32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/uW7AmhNmU_nsDKygcfvcRv1JzjE.roa
Signing time: Sun 01 Jan 2023 10:54:55 +0000
ROA not before: Sun 01 Jan 2023 10:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56583
IP address blocks: 31.171.208.0/24 maxlen: 24
31.171.210.0/24 maxlen: 24
2a0b:71c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Feb 2023 05:05:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:62:1f:ad:1c:1e:2a:a8:57:5a:06:b5:87:78:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ee1bcd8ce393d98a7583ac13f1425d4faf27c9
Validity
Not Before: Jan 1 10:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b96ec09a136653f9ec0caca071fbdc46fd49ce31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ea:28:a6:1c:65:eb:1f:1d:16:c0:03:b2:d7:
14:fe:50:5d:35:f1:3c:e1:00:63:09:9a:b1:75:02:
89:1a:82:a4:30:fd:83:7b:92:aa:88:ea:63:df:7b:
a2:0d:ae:29:75:96:33:3e:50:3c:af:79:09:b9:be:
3d:da:c5:f5:49:fa:e9:54:61:9b:d4:a7:a6:3c:98:
f4:1e:7f:93:0b:99:3a:1d:33:7f:0c:41:a5:c6:0c:
93:8e:09:9e:1a:5e:f6:34:fd:d8:2a:e0:e1:0c:fe:
69:e1:f5:b6:e5:4b:a3:82:66:3e:14:a1:b6:3b:4c:
fa:95:c2:ec:d4:11:8b:d8:3c:66:ff:3c:1d:6d:7c:
0d:55:68:a7:ac:66:49:80:01:de:74:ef:ba:9b:01:
44:e2:42:27:88:2e:07:48:c6:f8:9e:be:13:79:61:
15:f5:c7:f4:0e:9d:65:a5:e5:8c:6f:4b:33:7a:8f:
7d:32:80:a5:5c:1f:1c:37:20:91:d6:9d:8a:f1:9e:
66:58:29:9a:a8:96:e4:85:12:41:b8:35:e0:4e:cd:
87:1e:24:c4:e7:d2:4d:35:e7:ad:0f:a7:86:05:af:
12:76:ef:98:d0:58:ba:36:56:71:a1:ca:a5:e1:f2:
f5:c8:1d:ea:82:f4:e4:ae:02:6d:a0:ec:2b:13:6b:
6c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6E:C0:9A:13:66:53:F9:EC:0C:AC:A0:71:FB:DC:46:FD:49:CE:31
X509v3 Authority Key Identifier:
keyid:32:EE:1B:CD:8C:E3:93:D9:8A:75:83:AC:13:F1:42:5D:4F:AF:27:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/uW7AmhNmU_nsDKygcfvcRv1JzjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/e4e89f-0aad-4707-865a-40012c82979b/1/Mu4bzYzjk9mKdYOsE_FCXU-vJ8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.208.0/24
31.171.210.0/24
IPv6:
2a0b:71c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
0f:e7:8a:d6:36:ed:ea:d3:be:0d:46:19:e4:4f:68:32:60:d0:
4e:c5:0a:61:30:ee:1b:80:99:db:99:30:36:0a:f3:0b:3a:88:
b6:44:47:49:88:f6:4d:58:f4:1c:31:02:3e:5f:23:34:8a:56:
01:91:b4:9e:58:84:de:f3:7a:67:4f:6d:d0:39:85:0f:8c:bb:
e6:79:c3:9b:87:83:9a:35:72:b4:8c:52:43:ad:b2:78:e2:cc:
4b:20:5e:7d:d7:92:be:ca:f2:1c:97:93:3f:f4:53:45:fe:ff:
67:6c:60:62:f8:36:e7:14:37:30:3a:8c:3b:b1:0c:ce:c2:cb:
1d:50:e3:8d:ef:a7:aa:10:c2:27:03:9c:e0:b4:4d:72:ac:8d:
f1:80:d4:46:ad:41:93:b5:b6:0c:39:25:78:8e:00:73:52:2a:
a7:48:53:ed:43:85:8b:b1:da:ad:eb:86:44:89:02:d4:15:e5:
0d:08:43:33:57:d5:3c:3c:57:9b:1a:13:f4:78:dd:a8:a8:4a:
b7:91:da:5d:8e:fd:fc:69:0e:4f:12:7f:2e:13:70:42:82:9d:
5c:72:12:15:32:ba:3f:b9:ec:c1:d3:d3:ab:55:34:32:e5:17:
bb:65:1f:9a:2f:28:dc:d7:15:9e:2c:7e:8b:74:40:2e:dd:7a:
0e:5e:7f:50
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVs+GIfrRweKqhXWga1h3iQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWUxYmNkOGNlMzkzZDk4YTc1ODNhYzEzZjE0MjVkNGZh
ZjI3YzkwHhcNMjMwMTAxMTA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZlYzA5YTEzNjY1M2Y5ZWMwY2FjYTA3MWZiZGM0NmZkNDljZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOoophxl6x8dFsADstcU/lBdNfE8
4QBjCZqxdQKJGoKkMP2De5KqiOpj33uiDa4pdZYzPlA8r3kJub492sX1SfrpVGGb
1KemPJj0Hn+TC5k6HTN/DEGlxgyTjgmeGl72NP3YKuDhDP5p4fW25UujgmY+FKG2
O0z6lcLs1BGL2Dxm/zwdbXwNVWinrGZJgAHedO+6mwFE4kIniC4HSMb4nr4TeWEV
9cf0Dp1lpeWMb0szeo99MoClXB8cNyCR1p2K8Z5mWCmaqJbkhRJBuDXgTs2HHiTE
59JNNeetD6eGBa8Sdu+Y0Fi6NlZxocql4fL1yB3qgvTkrgJtoOwrE2tskQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLluwJoTZlP57AysoHH73Eb9Sc4xMB8GA1UdIwQY
MBaAFDLuG82M45PZinWDrBPxQl1PryfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEt
NDAwMTJjODI5NzliLzEvdVc3QW1oTm1VX25zREt5Z2NmdmNSdjFKempFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lNGU4OWYtMGFhZC00NzA3LTg2NWEtNDAwMTJjODI5Nzli
LzEvTXU0YnpZemprOW1LZFlPc0VfRkNYVS12SjhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAH6vQAwQA
H6vSMA8EAgACMAkDBwAqC3HAAAEwDQYJKoZIhvcNAQELBQADggEBAA/nitY27erT
vg1GGeRPaDJg0E7FCmEw7huAmduZMDYK8ws6iLZER0mI9k1Y9BwxAj5fIzSKVgGR
tJ5YhN7zemdPbdA5hQ+Mu+Z5w5uHg5o1crSMUkOtsnjizEsgXn3Xkr7K8hyXkz/0
U0X+/2dsYGL4NucUNzA6jDuxDM7Cyx1Q443vp6oQwicDnOC0TXKsjfGA1EatQZO1
tgw5JXiOAHNSKqdIU+1DhYux2q3rhkSJAtQV5Q0IQzNX1Tw8V5saE/R43aioSreR
2l2O/fxpDk8Sfy4TcEKCnVxyEhUyuj+57MHT06tVNDLlF7tlH5ovKNzXFZ4sfot0
QC7deg5ef1A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:44 2024 by rpki-client on console-fra.rpki-client.org