Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/FYqg9_fABbIeCCjxy9HiMieNbfE.roa
File: FYqg9_fABbIeCCjxy9HiMieNbfE.roa (raw, json)
Hash identifier: 2duJkcUHMaSm9QJGUBHpxTr6wiVFP2FVufv3Fp0mPCA=
Subject key identifier: 15:8A:A0:F7:F7:C0:05:B2:1E:08:28:F1:CB:D1:E2:32:27:8D:6D:F1
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 01860E30023BF1809063387A8C0382FB7790
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/FYqg9_fABbIeCCjxy9HiMieNbfE.roa
Signing time: Wed 01 Feb 2023 18:14:32 +0000
ROA not before: Wed 01 Feb 2023 18:14:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59823
IP address blocks: 31.40.129.0/24 maxlen: 24
31.40.128.0/23 maxlen: 23
31.40.128.0/24 maxlen: 24
31.40.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:30:02:3b:f1:80:90:63:38:7a:8c:03:82:fb:77:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Feb 1 18:14:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=158aa0f7f7c005b21e0828f1cbd1e232278d6df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:e9:94:61:52:a1:88:07:79:c2:3e:bc:a3:
8e:87:07:03:3b:77:1d:a9:85:50:49:e6:6f:e5:37:
cf:2f:1b:5b:6d:f0:cb:c9:72:48:9b:cd:34:09:bd:
66:61:e7:ba:e0:a1:83:d7:ac:dc:0b:aa:11:d8:f3:
4a:75:96:ba:3c:0b:d1:10:8d:21:05:cb:b6:49:3c:
ff:9a:c5:e6:17:f7:d0:90:7c:86:79:9d:86:41:df:
d3:90:d8:24:6e:7b:9a:34:70:1d:5b:ad:c1:0d:f0:
17:29:50:6c:de:22:ff:5e:bf:ba:fb:bc:f6:c0:88:
a1:66:cd:c5:e5:e7:bf:47:f6:c7:c3:cd:90:c2:ef:
a4:e0:e7:bb:9c:b0:f4:a7:31:a3:fa:c1:a8:f9:ca:
ed:9a:6b:33:21:7c:db:1b:d4:78:8a:9a:13:37:69:
30:98:30:99:13:58:c5:a3:40:e9:8d:2d:f8:02:c0:
7c:b0:40:f0:39:bb:ba:2d:c8:fa:5d:b2:76:e3:58:
31:c5:c0:aa:3d:fd:0a:96:77:dc:41:f9:5e:ce:10:
95:f4:35:64:af:fc:f6:3c:d3:84:5f:ee:62:fc:4c:
fb:15:49:f0:d3:27:92:f1:96:73:b0:bf:65:ef:3d:
c2:b8:41:a7:f5:31:39:a4:9c:ae:de:ec:c5:a5:24:
6b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:8A:A0:F7:F7:C0:05:B2:1E:08:28:F1:CB:D1:E2:32:27:8D:6D:F1
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/FYqg9_fABbIeCCjxy9HiMieNbfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.128.0/23
31.40.152.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3c:f0:6a:be:49:e1:e1:e2:c5:e8:0a:21:af:b5:19:a4:ed:
46:ed:ce:18:57:13:d8:7a:eb:d0:a5:fc:4f:98:7e:c2:e5:eb:
e5:ac:9b:9d:0d:56:93:cc:7f:09:35:74:e8:da:4b:73:f4:7f:
71:4e:b9:cf:7a:fa:9a:bd:7f:bb:ee:c0:99:c1:e7:87:44:7b:
10:e0:37:51:a3:95:82:c9:2f:92:a4:16:6f:86:89:00:dd:65:
36:a3:a9:b8:dc:11:71:e1:e8:70:89:2e:84:ba:01:42:e3:22:
24:2c:bb:ec:62:7e:11:5f:fa:57:49:7a:11:03:d2:7e:11:de:
79:17:79:d9:34:61:b4:c6:11:d7:08:6d:01:33:a9:78:7d:f4:
4e:8b:26:8b:bb:f0:b2:b8:84:a1:10:d1:98:24:d1:4f:ce:31:
c8:dc:c8:f6:83:ff:c6:08:bd:a8:ab:cc:23:76:13:49:3e:23:
ec:fa:cf:c5:c9:77:0c:5f:a1:e5:c7:44:ec:f9:f5:9e:78:f0:
e4:b9:50:08:67:63:07:da:c7:9c:e8:6c:3e:24:2c:71:4b:a7:
03:44:e3:ac:34:44:dd:0f:44:e6:aa:8f:98:f8:aa:84:65:52:
38:de:e7:32:29:e4:5e:7d:4b:d7:d3:4d:61:ba:53:5b:7a:d5:
bc:e1:42:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYOMAI78YCQYzh6jAOC+3eQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMjAxMTgxNDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNThhYTBmN2Y3YzAwNWIyMWUwODI4ZjFjYmQxZTIzMjI3OGQ2ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvLplGFSoYgHecI+vKOOhwcDO3cd
qYVQSeZv5TfPLxtbbfDLyXJIm800Cb1mYee64KGD16zcC6oR2PNKdZa6PAvREI0h
Bcu2STz/msXmF/fQkHyGeZ2GQd/TkNgkbnuaNHAdW63BDfAXKVBs3iL/Xr+6+7z2
wIihZs3F5ee/R/bHw82Qwu+k4Oe7nLD0pzGj+sGo+crtmmszIXzbG9R4ipoTN2kw
mDCZE1jFo0DpjS34AsB8sEDwObu6Lcj6XbJ241gxxcCqPf0KlnfcQflezhCV9DVk
r/z2PNOEX+5i/Ez7FUnw0yeS8ZZzsL9l7z3CuEGn9TE5pJyu3uzFpSRr1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBWKoPf3wAWyHggo8cvR4jInjW3xMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvRllxZzlfZkFCYkllQ0NqeHk5SGlNaWVOYmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHyiAAwQA
HyiYMA0GCSqGSIb3DQEBCwUAA4IBAQBAPPBqvknh4eLF6Aohr7UZpO1G7c4YVxPY
euvQpfxPmH7C5evlrJudDVaTzH8JNXTo2ktz9H9xTrnPevqavX+77sCZweeHRHsQ
4DdRo5WCyS+SpBZvhokA3WU2o6m43BFx4ehwiS6EugFC4yIkLLvsYn4RX/pXSXoR
A9J+Ed55F3nZNGG0xhHXCG0BM6l4ffROiyaLu/CyuIShENGYJNFPzjHI3Mj2g//G
CL2oq8wjdhNJPiPs+s/FyXcMX6Hlx0Ts+fWeePDkuVAIZ2MH2sec6Gw+JCxxS6cD
ROOsNETdD0Tmqo+Y+KqEZVI43ucyKeRefUvX001hulNbetW84UJN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:23 2024 by rpki-client on console-ams.rpki-client.org