Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/heG2UeU1UJsdPLOlutvU4UKS8bg.roa
File: heG2UeU1UJsdPLOlutvU4UKS8bg.roa (raw, json)
Hash identifier: vzgByqay/zd0D7xk4gFKs7p9P8WZZz5jxwFwDCXKflk=
Subject key identifier: 85:E1:B6:51:E5:35:50:9B:1D:3C:B3:A5:BA:DB:D4:E1:42:92:F1:B8
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 018573220F95DC7F82AB664B1B99EAE48155
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/heG2UeU1UJsdPLOlutvU4UKS8bg.roa
Signing time: Mon 02 Jan 2023 15:38:10 +0000
ROA not before: Mon 02 Jan 2023 15:38:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206810
IP address blocks: 31.40.157.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:0f:95:dc:7f:82:ab:66:4b:1b:99:ea:e4:81:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jan 2 15:38:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e1b651e535509b1d3cb3a5badbd4e14292f1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:90:3a:33:9a:68:3b:53:97:b3:ef:51:f9:8a:
eb:86:1e:2a:07:5d:5d:97:df:ba:75:87:20:23:ff:
f7:b4:3d:d0:0d:3e:d7:78:bb:23:f8:8a:4f:06:ab:
97:a9:5a:ca:6b:a2:d0:c5:a5:41:ea:1c:51:63:8b:
70:0c:35:b1:bf:a0:19:92:f0:34:e2:3a:24:20:95:
01:7d:be:9c:50:01:f5:c5:d1:a4:23:6c:84:5e:4a:
df:ac:d9:89:83:11:a3:22:eb:1e:a3:52:ed:94:02:
67:86:e8:35:7f:36:8f:96:4a:e4:31:a2:e6:7e:89:
6a:a3:ff:e6:0a:f7:7b:1f:b2:3b:8d:04:18:e6:de:
01:ae:14:1e:74:2a:b9:fc:62:33:c3:79:c9:98:04:
03:6e:5e:db:82:92:bc:08:32:f9:95:f1:25:79:bb:
2e:86:c7:2e:38:64:3f:5e:0d:25:7b:32:73:8d:aa:
52:d5:04:a2:70:30:4c:1e:46:cc:8a:af:4e:92:8d:
d4:dd:00:39:e1:33:de:b2:1e:8f:0c:1b:bc:96:19:
09:da:b3:cc:34:4f:78:52:7f:c6:77:f2:10:53:0c:
6a:df:2b:fe:39:21:13:7d:11:29:c3:16:19:24:9c:
68:d9:40:1f:69:00:90:22:3b:67:31:6e:82:37:61:
75:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:B6:51:E5:35:50:9B:1D:3C:B3:A5:BA:DB:D4:E1:42:92:F1:B8
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/heG2UeU1UJsdPLOlutvU4UKS8bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.157.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d5:ad:5a:41:cb:80:1d:f1:7c:b7:c0:52:f6:25:cf:35:a5:
6e:01:e1:ca:87:4d:af:50:09:a2:c3:c4:1c:e6:c5:88:83:8b:
1b:66:4a:3f:c3:53:15:44:76:4d:04:4c:b1:19:57:f7:14:c1:
8b:ae:b4:79:ad:6d:77:11:b0:54:5f:4c:ee:e5:b8:10:63:76:
7a:bd:35:1e:fd:a2:2c:a4:02:6f:94:48:e9:2b:a7:eb:4e:df:
4e:65:cb:5e:39:78:a6:00:a0:e2:e6:9c:90:97:f8:1b:d8:d3:
62:69:7f:a0:a4:c2:f3:96:a0:25:76:69:44:19:3d:76:94:cc:
82:14:f0:14:4c:36:ee:bf:f8:3d:04:f7:77:a9:74:aa:d5:8f:
41:ac:00:05:c2:65:74:7e:4f:c2:71:24:0f:a6:7a:65:84:56:
90:42:2f:02:df:02:d1:fc:7f:b1:ab:32:70:19:56:56:de:67:
45:74:25:a5:92:b4:dd:f8:e8:2c:fd:6e:ac:76:76:cb:91:1a:
8a:ec:e8:cf:c9:1d:aa:0c:fc:e3:34:9f:36:59:81:64:21:a0:
78:5c:f7:c1:58:fe:bc:82:34:03:26:e9:11:6a:8e:78:ce:a8:
19:e1:e7:3f:0c:fc:27:41:8b:68:a3:36:9b:8d:c4:c6:31:c3:
7f:be:e5:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIg+V3H+Cq2ZLG5nq5IFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjMwMTAyMTUzODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWUxYjY1MWU1MzU1MDliMWQzY2IzYTViYWRiZDRlMTQyOTJmMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5A6M5poO1OXs+9R+Yrrhh4qB11d
l9+6dYcgI//3tD3QDT7XeLsj+IpPBquXqVrKa6LQxaVB6hxRY4twDDWxv6AZkvA0
4jokIJUBfb6cUAH1xdGkI2yEXkrfrNmJgxGjIuseo1LtlAJnhug1fzaPlkrkMaLm
folqo//mCvd7H7I7jQQY5t4BrhQedCq5/GIzw3nJmAQDbl7bgpK8CDL5lfElebsu
hscuOGQ/Xg0lezJzjapS1QSicDBMHkbMiq9Oko3U3QA54TPesh6PDBu8lhkJ2rPM
NE94Un/Gd/IQUwxq3yv+OSETfREpwxYZJJxo2UAfaQCQIjtnMW6CN2F1NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXhtlHlNVCbHTyzpbrb1OFCkvG4MB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvaGVHMlVlVTFVSnNkUExPbHV0dlU0VUtTOGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyidMA0G
CSqGSIb3DQEBCwUAA4IBAQBs1a1aQcuAHfF8t8BS9iXPNaVuAeHKh02vUAmiw8Qc
5sWIg4sbZko/w1MVRHZNBEyxGVf3FMGLrrR5rW13EbBUX0zu5bgQY3Z6vTUe/aIs
pAJvlEjpK6frTt9OZcteOXimAKDi5pyQl/gb2NNiaX+gpMLzlqAldmlEGT12lMyC
FPAUTDbuv/g9BPd3qXSq1Y9BrAAFwmV0fk/CcSQPpnplhFaQQi8C3wLR/H+xqzJw
GVZW3mdFdCWlkrTd+Ogs/W6sdnbLkRqK7OjPyR2qDPzjNJ82WYFkIaB4XPfBWP68
gjQDJukRao54zqgZ4ec/DPwnQYtoozabjcTGMcN/vuWM
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:35 2024 by rpki-client on console-ams.rpki-client.org