Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_0hjXlCIM_K_BuE706bhqZW5jp0.roa
File: _0hjXlCIM_K_BuE706bhqZW5jp0.roa (raw, json)
Hash identifier: TG/tOb/qUEBbi6ByAkpNzPfsKd1zalFeJMOsh+TDYs4=
Subject key identifier: FF:48:63:5E:50:88:33:F2:BF:06:E1:3B:D3:A6:E1:A9:95:B9:8E:9D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018E391B2AC4DAD1830E5E51E91FCCE47BC6
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_0hjXlCIM_K_BuE706bhqZW5jp0.roa
Signing time: Wed 13 Mar 2024 18:37:45 +0000
ROA not before: Wed 13 Mar 2024 18:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51841
IP address blocks: 31.148.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:1b:2a:c4:da:d1:83:0e:5e:51:e9:1f:cc:e4:7b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Mar 13 18:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff48635e508833f2bf06e13bd3a6e1a995b98e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ea:74:ff:ac:62:0b:79:29:0f:68:d3:44:24:
be:9c:3f:6f:31:72:38:4e:6c:85:6f:11:9a:5b:03:
d7:20:b7:38:c3:7f:2c:55:0f:e2:85:67:09:dc:cc:
c7:8c:29:87:00:b1:37:1c:c2:c2:66:78:9a:05:20:
ac:7e:1d:0a:e3:3b:b1:f1:e5:ce:f9:9b:87:95:01:
27:d1:41:c4:c4:0d:e5:5c:74:c7:21:bc:06:f2:50:
b9:65:96:d5:d4:5c:9f:b4:ba:6d:93:e0:83:6c:31:
02:f6:b6:84:82:0b:20:ff:16:65:0c:b3:ed:e4:3a:
2c:39:01:3d:0a:11:00:01:90:25:c4:84:7e:bc:23:
52:5c:a9:d2:2c:ef:13:4c:13:cd:3b:b8:c1:00:9d:
1b:dd:38:29:54:5a:0d:3b:aa:17:43:ed:79:52:c0:
c4:7d:26:90:17:fe:d3:b3:14:ab:32:2e:03:3a:21:
3d:fc:71:31:58:a8:ab:ac:6b:12:ad:e9:60:b5:ee:
b4:91:e3:40:60:de:78:60:98:ac:35:f2:3b:94:63:
01:9b:6e:22:ef:7d:55:67:d6:c8:81:64:70:45:39:
62:dc:e0:e6:5f:71:0c:4b:50:33:bf:c7:3f:b9:6a:
36:99:22:64:e0:4f:89:cf:d4:71:e0:0a:01:bb:0e:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:48:63:5E:50:88:33:F2:BF:06:E1:3B:D3:A6:E1:A9:95:B9:8E:9D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/_0hjXlCIM_K_BuE706bhqZW5jp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.201.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c7:ed:a6:87:35:2d:bd:9b:a9:78:19:a3:41:73:0c:14:ee:
74:cf:23:6d:56:77:94:16:cf:b5:14:59:9b:6d:d6:fe:bf:e9:
95:6a:92:69:f1:26:7c:68:59:55:07:4a:0c:a0:df:83:4f:a1:
f8:91:7f:2c:50:42:4f:ec:a0:16:a7:ab:2d:84:aa:58:5c:28:
7e:c1:cf:f3:7a:6f:f8:ac:c9:75:44:9d:27:37:8d:6e:18:06:
3b:fd:df:0c:91:38:ad:03:05:c2:75:16:7b:bb:5d:bc:08:79:
03:0e:7e:4e:9c:05:bd:75:f9:c2:71:c1:3f:61:cd:44:a9:8e:
4f:9e:d2:7a:df:c3:a2:c4:42:39:35:18:4b:79:30:04:00:79:
e2:da:0e:d4:cb:72:e4:23:39:f1:b1:ab:be:5b:58:75:64:c9:
9e:83:87:e5:40:3b:6b:f4:b4:91:2a:58:c1:cd:d7:61:f8:18:
a6:fe:da:49:bb:ad:fe:87:78:9a:8f:34:81:14:15:d3:5b:a9:
63:a2:57:bc:79:b5:4c:1b:3b:d4:89:03:69:62:60:9a:03:20:
65:be:27:1a:c1:31:14:59:fc:32:56:49:a0:e9:83:2a:c5:ef:
73:64:21:3f:bc:75:0a:2b:9b:83:d1:6d:54:47:57:14:af:c1:
43:11:47:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY45GyrE2tGDDl5R6R/M5HvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMzEzMTgzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjQ4NjM1ZTUwODgzM2YyYmYwNmUxM2JkM2E2ZTFhOTk1Yjk4ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+p0/6xiC3kpD2jTRCS+nD9vMXI4
TmyFbxGaWwPXILc4w38sVQ/ihWcJ3MzHjCmHALE3HMLCZniaBSCsfh0K4zux8eXO
+ZuHlQEn0UHExA3lXHTHIbwG8lC5ZZbV1FyftLptk+CDbDEC9raEggsg/xZlDLPt
5DosOQE9ChEAAZAlxIR+vCNSXKnSLO8TTBPNO7jBAJ0b3TgpVFoNO6oXQ+15UsDE
fSaQF/7TsxSrMi4DOiE9/HExWKirrGsSrelgte60keNAYN54YJisNfI7lGMBm24i
731VZ9bIgWRwRTli3ODmX3EMS1Azv8c/uWo2mSJk4E+Jz9Rx4AoBuw5khQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9IY15QiDPyvwbhO9Om4amVuY6dMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvXzBoalhsQ0lNX0tfQnVFNzA2YmhxWlc1anAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH5TJMA0G
CSqGSIb3DQEBCwUAA4IBAQBsx+2mhzUtvZupeBmjQXMMFO50zyNtVneUFs+1FFmb
bdb+v+mVapJp8SZ8aFlVB0oMoN+DT6H4kX8sUEJP7KAWp6sthKpYXCh+wc/zem/4
rMl1RJ0nN41uGAY7/d8MkTitAwXCdRZ7u128CHkDDn5OnAW9dfnCccE/Yc1EqY5P
ntJ638OixEI5NRhLeTAEAHni2g7Uy3LkIznxsau+W1h1ZMmeg4flQDtr9LSRKljB
zddh+Bim/tpJu63+h3iajzSBFBXTW6ljole8ebVMGzvUiQNpYmCaAyBlvicawTEU
WfwyVkmg6YMqxe9zZCE/vHUKK5uD0W1UR1cUr8FDEUdw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:50 2025 by rpki-client