Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/ckPwMxBW7bfaomNYNE4_0tC5FBs.roa
File: ckPwMxBW7bfaomNYNE4_0tC5FBs.roa (raw, json)
Hash identifier: mZgz/9LqDylfAjsOYAuzzZCX96tOoTrzwyg+dmnYhkE=
Subject key identifier: 72:43:F0:33:10:56:ED:B7:DA:A2:63:58:34:4E:3F:D2:D0:B9:14:1B
Certificate issuer: /CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Certificate serial: 018CEEB38D7FB19F541B5514088D0DE6853C
Authority key identifier: 8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/ckPwMxBW7bfaomNYNE4_0tC5FBs.roa
Signing time: Tue 09 Jan 2024 14:49:53 +0000
ROA not before: Tue 09 Jan 2024 14:49:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54113
IP address blocks: 185.31.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 17:51:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:b3:8d:7f:b1:9f:54:1b:55:14:08:8d:0d:e6:85:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eaded0b83fa4e31ce0a0840eb429ba8a9f18e39
Validity
Not Before: Jan 9 14:49:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7243f0331056edb7daa26358344e3fd2d0b9141b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f7:e4:a8:53:cd:bd:14:c0:6f:10:92:e6:fa:
fe:c3:3c:0e:b3:77:31:73:ed:d3:d1:5e:86:97:d4:
65:fc:5d:c3:56:53:63:b6:96:7e:93:fc:3b:7e:bb:
ca:3c:2d:9c:f6:13:55:d5:b5:b3:c8:02:c3:18:3d:
88:72:a0:2a:3f:8f:31:6e:01:d8:6e:7d:fe:80:36:
32:69:a7:71:76:eb:73:6f:d5:f4:12:e0:b3:87:3a:
fb:6d:59:66:45:9a:10:8d:a3:0a:2a:72:8c:24:d6:
d5:2d:2c:b5:7a:39:0a:ae:e3:b3:bb:28:c2:68:2b:
53:b2:86:4a:0a:33:04:fa:55:6c:84:26:a4:eb:07:
89:28:7f:7d:83:a0:04:aa:4d:96:52:2f:c3:c3:a7:
7d:90:fe:e6:06:c8:db:b6:6f:5c:f2:f1:02:15:e5:
6d:6e:e5:fb:c6:f7:4b:f6:1e:a6:5b:29:f9:ed:a2:
d1:7a:b9:ba:82:91:6e:21:f5:d7:b2:c6:02:45:0e:
97:c0:8a:08:11:b0:2b:91:43:83:77:5e:04:fe:36:
a9:ae:38:8f:80:69:c3:c6:1a:3e:04:2b:06:56:b5:
39:32:18:3e:f4:34:73:e6:6e:3a:5e:38:fc:02:c2:
12:15:00:31:cb:09:7b:7a:4a:2f:ab:15:8b:d5:85:
8e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:43:F0:33:10:56:ED:B7:DA:A2:63:58:34:4E:3F:D2:D0:B9:14:1B
X509v3 Authority Key Identifier:
keyid:8E:AD:ED:0B:83:FA:4E:31:CE:0A:08:40:EB:42:9B:A8:A9:F1:8E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jq3tC4P6TjHOCghA60KbqKnxjjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/ckPwMxBW7bfaomNYNE4_0tC5FBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c22c08-56a7-42d4-bea5-877dda192379/1/jq3tC4P6TjHOCghA60KbqKnxjjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.16.0/24
Signature Algorithm: sha256WithRSAEncryption
36:4d:a9:ce:27:a4:f5:b3:12:c3:e0:80:8e:d4:dc:4b:03:3e:
5d:31:86:e0:4d:30:9b:d6:3b:91:e0:41:31:8e:4b:cc:54:0b:
87:2c:fe:9a:34:95:dc:6f:04:1f:3a:8c:04:71:cb:fc:10:b8:
f8:ce:69:74:b8:09:3b:42:f1:b0:49:dd:b8:e0:88:02:af:d4:
3d:b5:64:a7:b9:b4:64:5d:dc:d8:61:18:d0:c6:6e:91:a8:f3:
95:9c:1b:7e:bb:07:f1:25:a2:29:91:51:b8:9d:b8:f8:ff:8c:
f1:73:a0:09:80:ea:74:cf:e6:6e:dc:9f:31:00:35:b8:93:06:
17:ec:70:ab:27:bb:58:16:2a:79:ee:48:09:5d:e4:64:4b:2a:
76:16:d5:aa:d0:30:44:44:0a:b5:80:e5:0c:43:16:75:fc:39:
e7:29:16:5e:19:0c:10:36:07:93:c3:13:12:b9:26:40:84:78:
a8:51:b2:dc:bb:c9:91:84:3d:f0:42:87:62:57:c5:55:ef:01:
11:ef:78:d9:21:99:b1:4d:cd:3b:c1:68:ab:30:11:34:52:39:
16:e6:6f:8c:6c:57:a9:14:85:91:3e:19:fa:ea:03:15:56:1e:
23:07:85:95:03:e8:a2:65:2f:fe:96:0c:0f:d2:a9:de:c3:af:
2c:f4:28:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzus41/sZ9UG1UUCI0N5oU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYWRlZDBiODNmYTRlMzFjZTBhMDg0MGViNDI5YmE4YTlm
MThlMzkwHhcNMjQwMTA5MTQ0OTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjQzZjAzMzEwNTZlZGI3ZGFhMjYzNTgzNDRlM2ZkMmQwYjkxNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPfkqFPNvRTAbxCS5vr+wzwOs3cx
c+3T0V6Gl9Rl/F3DVlNjtpZ+k/w7frvKPC2c9hNV1bWzyALDGD2IcqAqP48xbgHY
bn3+gDYyaadxdutzb9X0EuCzhzr7bVlmRZoQjaMKKnKMJNbVLSy1ejkKruOzuyjC
aCtTsoZKCjME+lVshCak6weJKH99g6AEqk2WUi/Dw6d9kP7mBsjbtm9c8vECFeVt
buX7xvdL9h6mWyn57aLRerm6gpFuIfXXssYCRQ6XwIoIEbArkUODd14E/japrjiP
gGnDxho+BCsGVrU5Mhg+9DRz5m46Xjj8AsISFQAxywl7ekovqxWL1YWO4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJD8DMQVu232qJjWDROP9LQuRQbMB8GA1UdIwQY
MBaAFI6t7QuD+k4xzgoIQOtCm6ip8Y45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUt
ODc3ZGRhMTkyMzc5LzEvY2tQd014Qlc3YmZhb21OWU5FNF8wdEM1RkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMjJjMDgtNTZhNy00MmQ0LWJlYTUtODc3ZGRhMTkyMzc5
LzEvanEzdEM0UDZUakhPQ2doQTYwS2JxS254amprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuR8QMA0G
CSqGSIb3DQEBCwUAA4IBAQA2TanOJ6T1sxLD4ICO1NxLAz5dMYbgTTCb1juR4EEx
jkvMVAuHLP6aNJXcbwQfOowEccv8ELj4zml0uAk7QvGwSd244IgCr9Q9tWSnubRk
XdzYYRjQxm6RqPOVnBt+uwfxJaIpkVG4nbj4/4zxc6AJgOp0z+Zu3J8xADW4kwYX
7HCrJ7tYFip57kgJXeRkSyp2FtWq0DBERAq1gOUMQxZ1/DnnKRZeGQwQNgeTwxMS
uSZAhHioUbLcu8mRhD3wQodiV8VV7wER73jZIZmxTc07wWirMBE0UjkW5m+MbFep
FIWRPhn66gMVVh4jB4WVA+iiZS/+lgwP0qnew68s9Cjd
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:54:11 2025 by rpki-client