Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/SG8H5oDcTc_YXMF2raivBBaZDSk.roa
File: SG8H5oDcTc_YXMF2raivBBaZDSk.roa (raw, json)
Hash identifier: oTfDASkCTk8bmH7TLrvNppN0/PjVrNtm5bwEDY534fk=
Subject key identifier: 48:6F:07:E6:80:DC:4D:CF:D8:5C:C1:76:AD:A8:AF:04:16:99:0D:29
Certificate issuer: /CN=bc8c1a8032f57f22b01454a65ef32dea77496d0b
Certificate serial: 018F39F82C9ECC78918ABBAEFE6F07226DB4
Authority key identifier: BC:8C:1A:80:32:F5:7F:22:B0:14:54:A6:5E:F3:2D:EA:77:49:6D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vIwagDL1fyKwFFSmXvMt6ndJbQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/SG8H5oDcTc_YXMF2raivBBaZDSk.roa
Signing time: Thu 02 May 2024 15:41:56 +0000
ROA not before: Thu 02 May 2024 15:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215186
IP address blocks: 31.12.73.0/24 maxlen: 24
2a12:99c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jul 2024 11:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:f8:2c:9e:cc:78:91:8a:bb:ae:fe:6f:07:22:6d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc8c1a8032f57f22b01454a65ef32dea77496d0b
Validity
Not Before: May 2 15:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=486f07e680dc4dcfd85cc176ada8af0416990d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:b4:1c:29:c7:f0:9c:4e:cf:0a:f7:0e:36:
ee:81:5d:17:68:49:7f:28:9b:5b:25:0c:9d:47:9d:
89:fc:d1:c2:d2:9e:46:9c:28:7f:2e:04:e8:6e:49:
8b:8a:a0:9a:85:73:2e:43:0d:54:25:8a:f2:f2:8c:
07:af:ec:a9:0f:58:d7:fd:02:92:19:cb:39:f7:da:
91:07:c5:38:54:0b:69:79:71:3e:1b:52:c4:4e:fa:
e9:06:aa:39:89:54:3b:1d:63:7b:e0:4d:47:86:d1:
84:ab:4f:c2:6f:bf:d1:9b:eb:82:f9:88:f2:51:b4:
a1:8d:55:0f:aa:05:a1:23:37:9c:e9:27:3a:d7:c5:
01:86:63:01:01:24:79:d9:c0:b6:70:c1:87:b8:a2:
af:91:d0:c7:ea:9f:af:ac:2a:96:71:5e:38:2a:36:
c9:c5:79:68:f1:6f:0c:7b:5e:a3:b5:af:19:5e:59:
90:b9:84:83:0a:33:7c:74:d3:0e:99:d9:16:bb:35:
9b:10:2a:27:02:d2:00:60:45:d4:0a:fb:3d:8e:59:
6b:c1:0e:6c:96:15:13:85:1e:ac:28:ae:50:ba:d7:
32:99:85:88:10:0b:33:01:9a:49:2c:73:1e:df:5c:
ed:7e:2c:9d:dd:65:48:00:6a:b0:28:ea:dd:f5:79:
17:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6F:07:E6:80:DC:4D:CF:D8:5C:C1:76:AD:A8:AF:04:16:99:0D:29
X509v3 Authority Key Identifier:
keyid:BC:8C:1A:80:32:F5:7F:22:B0:14:54:A6:5E:F3:2D:EA:77:49:6D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vIwagDL1fyKwFFSmXvMt6ndJbQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/SG8H5oDcTc_YXMF2raivBBaZDSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9f4282-dfeb-40c1-af84-a564ec011c5d/1/vIwagDL1fyKwFFSmXvMt6ndJbQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.73.0/24
IPv6:
2a12:99c0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:01:61:73:a3:10:61:87:ba:9d:c2:c3:04:fa:07:8c:64:1f:
8f:67:03:a2:1e:71:e5:c2:d5:1f:59:ea:a8:5c:81:3a:6a:8d:
32:70:5d:fc:fb:17:5b:d6:67:62:71:1c:ab:21:f3:36:49:db:
1f:a3:8f:cd:29:84:23:ed:8d:50:5b:ee:80:de:e5:b4:04:77:
9f:04:0b:78:35:50:d0:0b:e7:10:5b:96:f6:05:d3:39:8e:c3:
9d:21:a3:bc:c2:28:c7:56:2b:1d:59:46:60:ad:df:7a:1c:0f:
a0:5a:56:9f:2b:de:af:a7:91:0d:7b:8a:ba:20:07:1e:0c:01:
39:ef:29:04:ac:4c:71:d4:2d:a1:b7:9d:af:20:bf:d7:2a:5e:
1a:4d:ca:d5:55:e0:1d:8a:fc:01:f3:d3:85:c6:b7:6a:e9:c1:
02:ea:86:56:2f:09:ab:91:d5:fe:08:41:a3:23:52:17:10:79:
c3:11:70:ee:0f:d4:8f:4d:c2:69:11:48:17:2c:ef:2f:fb:fe:
19:ef:46:4e:22:43:5f:a4:f4:e6:f5:91:7c:da:54:06:39:ab:
5d:45:19:94:f9:27:d6:3b:bc:d5:24:e5:ca:4d:42:81:9e:c9:
f2:ae:e5:74:80:82:31:95:7c:82:b5:66:08:df:46:03:32:f1:
e3:3d:b5:3a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY85+CyezHiRiruu/m8HIm20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOGMxYTgwMzJmNTdmMjJiMDE0NTRhNjVlZjMyZGVhNzc0
OTZkMGIwHhcNMjQwNTAyMTU0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZmMDdlNjgwZGM0ZGNmZDg1Y2MxNzZhZGE4YWYwNDE2OTkwZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJ20HCnH8JxOzwr3DjbugV0XaEl/
KJtbJQydR52J/NHC0p5GnCh/LgTobkmLiqCahXMuQw1UJYry8owHr+ypD1jX/QKS
Gcs599qRB8U4VAtpeXE+G1LETvrpBqo5iVQ7HWN74E1HhtGEq0/Cb7/Rm+uC+Yjy
UbShjVUPqgWhIzec6Sc618UBhmMBASR52cC2cMGHuKKvkdDH6p+vrCqWcV44KjbJ
xXlo8W8Me16jta8ZXlmQuYSDCjN8dNMOmdkWuzWbEConAtIAYEXUCvs9jllrwQ5s
lhUThR6sKK5QutcymYWIEAszAZpJLHMe31ztfiyd3WVIAGqwKOrd9XkXFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEhvB+aA3E3P2FzBdq2orwQWmQ0pMB8GA1UdIwQY
MBaAFLyMGoAy9X8isBRUpl7zLep3SW0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkl3YWdETDFmeUt3RkZTbVh2TXQ2bmRKYlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85ZjQyODItZGZlYi00MGMxLWFmODQt
YTU2NGVjMDExYzVkLzEvU0c4SDVvRGNUY19ZWE1GMnJhaXZCQmFaRFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85ZjQyODItZGZlYi00MGMxLWFmODQtYTU2NGVjMDExYzVk
LzEvdkl3YWdETDFmeUt3RkZTbVh2TXQ2bmRKYlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHwxJMA0E
AgACMAcDBQMqEpnAMA0GCSqGSIb3DQEBCwUAA4IBAQCtAWFzoxBhh7qdwsME+geM
ZB+PZwOiHnHlwtUfWeqoXIE6ao0ycF38+xdb1mdicRyrIfM2Sdsfo4/NKYQj7Y1Q
W+6A3uW0BHefBAt4NVDQC+cQW5b2BdM5jsOdIaO8wijHVisdWUZgrd96HA+gWlaf
K96vp5ENe4q6IAceDAE57ykErExx1C2ht52vIL/XKl4aTcrVVeAdivwB89OFxrdq
6cEC6oZWLwmrkdX+CEGjI1IXEHnDEXDuD9SPTcJpEUgXLO8v+/4Z70ZOIkNfpPTm
9ZF82lQGOatdRRmU+SfWO7zVJOXKTUKBnsnyruV0gIIxlXyCtWYI30YDMvHjPbU6
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org