Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/OZFjvVe9DnbDGSHrKeNx6-SqKfs.roa
File: OZFjvVe9DnbDGSHrKeNx6-SqKfs.roa (raw, json)
Hash identifier: 5YNJLPe3Jq5e2WhRu17d2SbOo/mUWYcPpIaqBJEWeGY=
Subject key identifier: 39:91:63:BD:57:BD:0E:76:C3:19:21:EB:29:E3:71:EB:E4:AA:29:FB
Certificate issuer: /CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Certificate serial: 01856ED4A60FAFED0D726E94D3F2D8F31097
Authority key identifier: 74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/OZFjvVe9DnbDGSHrKeNx6-SqKfs.roa
Signing time: Sun 01 Jan 2023 19:35:07 +0000
ROA not before: Sun 01 Jan 2023 19:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207574
IP address blocks: 31.24.249.0/24 maxlen: 32
2a12:4946:3000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a6:0f:af:ed:0d:72:6e:94:d3:f2:d8:f3:10:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746395c12672ad958921b62b9dc9b2bcd8a68a9f
Validity
Not Before: Jan 1 19:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=399163bd57bd0e76c31921eb29e371ebe4aa29fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1f:1c:2d:ea:69:86:39:14:e0:f6:c5:df:29:
b4:e9:c8:10:41:80:1c:fb:be:18:ec:d3:7d:72:12:
7f:1f:3d:02:38:d2:fe:69:ab:66:ee:88:fa:73:43:
96:42:21:9f:25:93:fa:6c:b0:c2:80:df:c3:3d:3c:
fd:41:61:1c:ae:f4:ba:0e:8e:a4:d9:2b:79:55:58:
55:34:94:22:5f:87:00:ec:6b:e6:78:90:60:f7:0f:
4d:b1:a9:45:f2:28:d4:31:26:a7:23:f5:af:77:ab:
ed:5d:f1:3a:4c:f9:82:71:ae:e8:c4:bb:8d:1a:af:
6f:5f:5a:12:0f:a9:36:de:85:be:3f:cc:f9:a7:d5:
5e:40:55:19:48:33:a3:d1:41:d9:46:47:d1:e4:f2:
94:0a:c1:94:31:2b:97:a6:ad:c5:eb:1d:93:ba:61:
ce:1d:d5:93:6b:c4:1c:f8:f7:14:28:74:7e:d1:c3:
f4:3d:02:db:b2:37:b3:84:e6:ed:71:6b:0b:3f:46:
4d:7e:4c:88:40:38:9b:44:66:10:6e:d7:bf:87:c3:
9f:05:c5:02:81:36:ae:11:2c:7f:cb:66:8e:65:b3:
0d:42:1a:43:13:ed:a0:74:4b:7e:37:26:3d:99:61:
de:3a:4d:83:13:b7:96:83:56:0a:09:17:30:61:ed:
0d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:91:63:BD:57:BD:0E:76:C3:19:21:EB:29:E3:71:EB:E4:AA:29:FB
X509v3 Authority Key Identifier:
keyid:74:63:95:C1:26:72:AD:95:89:21:B6:2B:9D:C9:B2:BC:D8:A6:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGOVwSZyrZWJIbYrncmyvNimip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/OZFjvVe9DnbDGSHrKeNx6-SqKfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/9e2351-8dd0-4b70-a5fc-fb774abdfac2/1/dGOVwSZyrZWJIbYrncmyvNimip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.249.0/24
IPv6:
2a12:4946:3000::/48
Signature Algorithm: sha256WithRSAEncryption
8f:77:ad:30:f6:72:0b:af:0d:01:71:81:41:85:62:96:ec:55:
36:87:cb:95:a1:a2:df:54:aa:f5:30:50:83:58:d7:fd:94:1d:
ed:ab:ba:87:0c:0b:7f:8c:a0:85:aa:39:cf:e2:b8:5d:a6:d6:
dd:2e:ca:ea:e4:a3:85:7e:d0:35:92:0c:b2:07:05:18:66:25:
e7:0d:a6:73:1a:b8:5d:53:0f:0e:0a:07:b8:78:06:ce:d8:27:
3f:c3:23:7a:f1:41:c8:55:d7:b2:83:10:eb:cd:67:fd:19:d6:
7c:07:20:a8:f7:a9:78:9a:ab:2b:c9:95:ba:21:89:4f:1b:ca:
0b:c0:a8:54:d0:16:95:6b:4f:d3:4a:77:a1:ae:56:14:da:3f:
c3:c6:9a:a7:a3:ed:73:b8:db:41:63:c1:18:78:63:fc:ca:b1:
3d:b2:e9:95:f5:06:5f:7f:48:47:a9:89:e9:ee:25:f2:38:2a:
c8:93:d7:9f:bb:80:36:d7:1e:3e:41:62:28:f7:98:91:28:e3:
0a:10:bd:e1:d2:14:c0:c4:bd:a6:05:11:e4:95:9a:c2:c4:0b:
b2:e0:ee:13:ae:59:cb:ba:b9:31:94:76:d1:d1:cb:d1:62:8b:
3a:8a:9f:25:7b:21:03:cc:ac:f6:e2:e8:d3:81:be:aa:92:d1:
1c:70:c4:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVu1KYPr+0Ncm6U0/LY8xCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM5NWMxMjY3MmFkOTU4OTIxYjYyYjlkYzliMmJjZDhh
NjhhOWYwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTkxNjNiZDU3YmQwZTc2YzMxOTIxZWIyOWUzNzFlYmU0YWEyOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjR8cLepphjkU4PbF3ym06cgQQYAc
+74Y7NN9chJ/Hz0CONL+aatm7oj6c0OWQiGfJZP6bLDCgN/DPTz9QWEcrvS6Do6k
2St5VVhVNJQiX4cA7GvmeJBg9w9NsalF8ijUMSanI/Wvd6vtXfE6TPmCca7oxLuN
Gq9vX1oSD6k23oW+P8z5p9VeQFUZSDOj0UHZRkfR5PKUCsGUMSuXpq3F6x2TumHO
HdWTa8Qc+PcUKHR+0cP0PQLbsjezhObtcWsLP0ZNfkyIQDibRGYQbte/h8OfBcUC
gTauESx/y2aOZbMNQhpDE+2gdEt+NyY9mWHeOk2DE7eWg1YKCRcwYe0NOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDmRY71XvQ52wxkh6ynjcevkqin7MB8GA1UdIwQY
MBaAFHRjlcEmcq2ViSG2K53JsrzYpoqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMt
ZmI3NzRhYmRmYWMyLzEvT1pGanZWZTlEbmJER1NIcktlTng2LVNxS2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85ZTIzNTEtOGRkMC00YjcwLWE1ZmMtZmI3NzRhYmRmYWMy
LzEvZEdPVndTWnlyWldKSWJZcm5jbXl2TmltaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAHxj5MA8E
AgACMAkDBwAqEklGMAAwDQYJKoZIhvcNAQELBQADggEBAI93rTD2cguvDQFxgUGF
YpbsVTaHy5Whot9UqvUwUINY1/2UHe2ruocMC3+MoIWqOc/iuF2m1t0uyurko4V+
0DWSDLIHBRhmJecNpnMauF1TDw4KB7h4Bs7YJz/DI3rxQchV17KDEOvNZ/0Z1nwH
IKj3qXiaqyvJlbohiU8bygvAqFTQFpVrT9NKd6GuVhTaP8PGmqej7XO420FjwRh4
Y/zKsT2y6ZX1Bl9/SEepienuJfI4KsiT15+7gDbXHj5BYij3mJEo4woQveHSFMDE
vaYFEeSVmsLEC7Lg7hOuWcu6uTGUdtHRy9FiizqKnyV7IQPMrPbi6NOBvqqS0Rxw
xI4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:58 2024 by rpki-client on console-fra.rpki-client.org