Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ShpVSIIq70ct4l6wJs5T5UIktpk.roa
File: ShpVSIIq70ct4l6wJs5T5UIktpk.roa (raw, json)
Hash identifier: YjzkFWQVh+xqTkkq7cAIIiQzz4FiuYvqQehwZVaVPO0=
Subject key identifier: 4A:1A:55:48:82:2A:EF:47:2D:E2:5E:B0:26:CE:53:E5:42:24:B6:99
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A4A589D67D5221DE7BDCD02642F0326DC
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ShpVSIIq70ct4l6wJs5T5UIktpk.roa
Signing time: Thu 31 Aug 2023 06:47:16 +0000
ROA not before: Thu 31 Aug 2023 06:47:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56887
IP address blocks: 31.131.44.0/23 maxlen: 24
176.124.72.0/22 maxlen: 22
176.124.76.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:58:9d:67:d5:22:1d:e7:bd:cd:02:64:2f:03:26:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 31 06:47:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a1a5548822aef472de25eb026ce53e54224b699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:65:39:bb:e1:78:cd:af:51:e1:09:2b:51:
27:d4:76:36:9b:5c:d1:32:c8:f1:ce:4b:bf:1b:7d:
cd:83:d2:ff:ff:c6:23:01:14:76:a7:1d:f1:41:25:
d2:47:65:6e:70:65:13:77:41:46:98:df:8b:9b:ab:
b7:14:8f:bb:1c:51:53:a1:45:6a:de:94:7b:42:ac:
95:c9:16:c1:2a:2d:6c:fa:67:aa:84:81:47:e7:34:
0c:ec:2b:04:f1:a3:9b:9e:a3:5d:a0:3b:8d:ec:f9:
11:ed:5b:83:6b:8f:ab:26:64:cb:7b:d9:b2:fe:d2:
1f:b5:c9:af:02:89:0d:ca:56:85:33:ce:54:32:55:
42:06:28:04:f1:31:dc:d2:65:ab:c2:00:c5:96:d4:
87:64:67:55:3d:23:29:68:28:cc:2d:ec:40:a2:9b:
0c:f2:34:7f:77:57:87:96:ec:3a:e5:ea:9f:dd:44:
9b:11:c6:e0:44:05:98:11:59:61:ff:69:18:a3:cb:
21:dd:9c:5f:42:22:1d:e1:a1:a6:06:fc:1b:a2:b2:
48:2a:06:14:32:ab:e9:4f:2d:72:59:06:71:ca:34:
29:59:65:54:d8:4c:f7:7d:4c:14:f1:bf:d3:21:7b:
c9:02:a3:b3:3b:f3:9f:92:70:93:37:d5:43:d5:bb:
1d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1A:55:48:82:2A:EF:47:2D:E2:5E:B0:26:CE:53:E5:42:24:B6:99
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/ShpVSIIq70ct4l6wJs5T5UIktpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.44.0/23
176.124.72.0/21
Signature Algorithm: sha256WithRSAEncryption
39:59:b8:70:c8:a8:3a:1f:98:e6:61:83:0d:22:eb:2b:5f:7c:
d3:02:19:b1:ec:03:f5:7b:b3:6f:93:e3:7a:9e:ea:be:1c:32:
f5:86:ab:00:86:58:e9:10:ff:8f:78:7b:75:e0:5d:98:63:82:
d4:71:3f:6c:f1:0c:31:3e:ee:2c:d9:33:47:30:68:cb:cb:7d:
69:a4:7b:1c:5d:bd:0f:aa:82:43:58:6b:f6:7b:3c:d3:17:8c:
eb:8b:e1:19:69:8e:af:cd:58:fc:3f:9e:dc:c6:0f:a4:87:6c:
70:b7:28:8e:b2:64:95:71:f4:e5:b7:14:f2:ae:36:4c:c2:ec:
83:88:d8:63:0d:07:1c:f9:6d:b4:f8:33:26:c7:51:6f:1d:30:
ba:47:01:4c:12:37:55:51:1a:50:8e:d3:e1:57:be:13:ec:5c:
a8:40:a5:52:23:c8:a0:54:45:c5:fe:29:01:17:07:20:63:c6:
42:9a:e5:bb:da:1e:92:55:84:f3:01:a5:19:3f:d0:ef:8c:20:
26:2a:96:a9:73:a3:ec:79:36:6b:85:21:a4:99:d2:cd:71:c6:
89:29:8c:4e:94:1c:8b:70:f4:56:65:89:ac:4b:de:55:22:94:
6b:37:78:d3:83:3f:29:f8:2b:8a:5a:63:a9:eb:30:7d:b0:b9:
8d:3a:12:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpKWJ1n1SId573NAmQvAybcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODMxMDY0NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFhNTU0ODgyMmFlZjQ3MmRlMjVlYjAyNmNlNTNlNTQyMjRiNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppRlObvheM2vUeEJK1En1HY2m1zR
Msjxzku/G33Ng9L//8YjARR2px3xQSXSR2VucGUTd0FGmN+Lm6u3FI+7HFFToUVq
3pR7QqyVyRbBKi1s+meqhIFH5zQM7CsE8aObnqNdoDuN7PkR7VuDa4+rJmTLe9my
/tIftcmvAokNylaFM85UMlVCBigE8THc0mWrwgDFltSHZGdVPSMpaCjMLexAopsM
8jR/d1eHluw65eqf3USbEcbgRAWYEVlh/2kYo8sh3ZxfQiId4aGmBvwborJIKgYU
MqvpTy1yWQZxyjQpWWVU2Ez3fUwU8b/TIXvJAqOzO/OfknCTN9VD1bsdUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEoaVUiCKu9HLeJesCbOU+VCJLaZMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvU2hwVlNJSXE3MGN0NGw2d0pzNVQ1VUlrdHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4MsAwQD
sHxIMA0GCSqGSIb3DQEBCwUAA4IBAQA5WbhwyKg6H5jmYYMNIusrX3zTAhmx7AP1
e7Nvk+N6nuq+HDL1hqsAhljpEP+PeHt14F2YY4LUcT9s8QwxPu4s2TNHMGjLy31p
pHscXb0PqoJDWGv2ezzTF4zri+EZaY6vzVj8P57cxg+kh2xwtyiOsmSVcfTltxTy
rjZMwuyDiNhjDQcc+W20+DMmx1FvHTC6RwFMEjdVURpQjtPhV74T7FyoQKVSI8ig
VEXF/ikBFwcgY8ZCmuW72h6SVYTzAaUZP9DvjCAmKpapc6PseTZrhSGkmdLNccaJ
KYxOlByLcPRWZYmsS95VIpRrN3jTgz8p+CuKWmOp6zB9sLmNOhLH
-----END CERTIFICATE-----
Generated at Thu Aug 31 15:47:13 2023 by rpki-client on console-fra.rpki-client.org