Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/KWJdvk0rj6dEk8XtD465_CHT3nE.roa
File: KWJdvk0rj6dEk8XtD465_CHT3nE.roa (raw, json)
Hash identifier: t9kS6gjinbnCeF/l+ecRFMD/+s04N5EAd7rKK5fHPz0=
Subject key identifier: 29:62:5D:BE:4D:2B:8F:A7:44:93:C5:ED:0F:8E:B9:FC:21:D3:DE:71
Certificate issuer: /CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Certificate serial: 018EF0FB9F91A1450AA87D4ECE2ED5530ECE
Authority key identifier: B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/KWJdvk0rj6dEk8XtD465_CHT3nE.roa
Signing time: Thu 18 Apr 2024 11:33:25 +0000
ROA not before: Thu 18 Apr 2024 11:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199095
IP address blocks: 31.31.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 07:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f0:fb:9f:91:a1:45:0a:a8:7d:4e:ce:2e:d5:53:0e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Validity
Not Before: Apr 18 11:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29625dbe4d2b8fa74493c5ed0f8eb9fc21d3de71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:43:d2:65:9d:cb:58:40:5b:63:df:07:86:9f:
0d:10:9d:96:be:c5:03:d0:87:31:44:39:98:e6:53:
84:66:af:db:4f:81:a9:98:c9:75:29:b1:8a:60:62:
47:c5:af:9c:52:a4:fc:1e:b8:c5:2a:66:aa:c7:3d:
d2:69:47:58:55:b4:61:5f:8d:d3:94:e0:31:0a:11:
f8:0e:0e:cb:ac:ce:36:f8:8d:1a:5d:32:bf:d2:66:
16:61:e4:d9:d4:51:c4:9c:05:6d:69:0f:2e:c0:a0:
0b:3c:51:69:55:c3:4e:61:fd:1b:da:df:69:93:76:
17:fe:63:22:78:34:88:24:ae:b9:86:a6:e2:3c:8a:
99:35:31:07:e9:b4:11:9a:69:45:b0:93:96:48:36:
fa:f3:c6:b6:d9:30:a9:b6:9e:da:7c:53:3f:db:4b:
7a:ef:db:c3:6a:dc:53:00:e7:7f:c8:75:ee:31:ce:
56:32:cd:51:26:88:5d:69:98:89:1e:db:54:3d:a7:
61:a1:c8:f4:c0:ff:6e:dc:69:6d:4c:f8:f2:aa:60:
bd:12:0a:37:65:40:d3:1f:bd:3e:4e:8f:1b:34:d4:
36:c4:9b:3b:de:03:dd:db:b4:14:f3:00:67:13:78:
b8:ef:16:72:e6:3e:f2:4f:c3:04:ae:57:0a:89:d4:
cf:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:62:5D:BE:4D:2B:8F:A7:44:93:C5:ED:0F:8E:B9:FC:21:D3:DE:71
X509v3 Authority Key Identifier:
keyid:B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/KWJdvk0rj6dEk8XtD465_CHT3nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.128.0/19
Signature Algorithm: sha256WithRSAEncryption
9b:39:ec:08:66:59:9c:32:45:ea:a5:71:03:f1:20:04:9c:2d:
60:00:e4:37:a7:4b:51:f6:fb:3d:5f:3a:a6:a3:89:fe:af:13:
2e:ff:6c:c9:8d:94:12:ee:12:82:ee:5a:90:27:e1:f8:83:a4:
db:41:a9:3c:09:85:c1:eb:0e:42:e2:48:46:cd:39:f7:92:12:
bc:bd:bb:99:5e:85:5a:6e:4a:62:36:cf:c4:b2:21:05:a0:e1:
dd:25:21:ac:3d:c5:9d:3a:b1:6c:21:de:8f:32:d5:60:d4:a0:
f5:2a:b0:77:46:65:1b:20:48:56:44:d1:84:7b:f7:7b:33:8a:
d2:6e:18:a2:4a:e3:63:40:d0:0c:3c:9c:57:3c:db:24:15:a6:
57:e7:8f:5c:f1:cd:ee:b0:e6:8f:73:3f:28:5d:d4:1b:c1:dc:
fe:71:a7:88:84:1d:5f:fa:94:4c:53:91:8c:00:8d:6d:00:ad:
6c:78:61:87:ba:fc:ca:6e:01:0b:86:e4:0d:40:fd:63:48:67:
01:2a:45:4b:a6:f2:97:82:d5:fc:15:35:f1:52:cc:f2:ba:4e:
b7:06:d5:5f:3d:f3:34:9b:da:9e:f2:c7:53:d4:26:bc:05:01:
1e:9b:13:d9:d7:1f:cc:d4:22:c9:e7:43:ac:6b:1e:ab:aa:4d:
1b:c1:ea:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7w+5+RoUUKqH1Ozi7VUw7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjcxM2NmMjA1NTJkNmM1YzIzZjA5ZTdiMzc2Njk4NDZm
OWNhNTAwHhcNMjQwNDE4MTEzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTYyNWRiZTRkMmI4ZmE3NDQ5M2M1ZWQwZjhlYjlmYzIxZDNkZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkPSZZ3LWEBbY98Hhp8NEJ2WvsUD
0IcxRDmY5lOEZq/bT4GpmMl1KbGKYGJHxa+cUqT8HrjFKmaqxz3SaUdYVbRhX43T
lOAxChH4Dg7LrM42+I0aXTK/0mYWYeTZ1FHEnAVtaQ8uwKALPFFpVcNOYf0b2t9p
k3YX/mMieDSIJK65hqbiPIqZNTEH6bQRmmlFsJOWSDb688a22TCptp7afFM/20t6
79vDatxTAOd/yHXuMc5WMs1RJohdaZiJHttUPadhocj0wP9u3GltTPjyqmC9Ego3
ZUDTH70+To8bNNQ2xJs73gPd27QU8wBnE3i47xZy5j7yT8MErlcKidTPOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCliXb5NK4+nRJPF7Q+Oufwh095xMB8GA1UdIwQY
MBaAFLH3E88gVS1sXCPwnns3ZphG+cpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYt
Njk0ZDc4YjMyZDIwLzEvS1dKZHZrMHJqNmRFazhYdEQ0NjVfQ0hUM25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYtNjk0ZDc4YjMyZDIw
LzEvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFHx+AMA0G
CSqGSIb3DQEBCwUAA4IBAQCbOewIZlmcMkXqpXED8SAEnC1gAOQ3p0tR9vs9Xzqm
o4n+rxMu/2zJjZQS7hKC7lqQJ+H4g6TbQak8CYXB6w5C4khGzTn3khK8vbuZXoVa
bkpiNs/EsiEFoOHdJSGsPcWdOrFsId6PMtVg1KD1KrB3RmUbIEhWRNGEe/d7M4rS
bhiiSuNjQNAMPJxXPNskFaZX549c8c3usOaPcz8oXdQbwdz+caeIhB1f+pRMU5GM
AI1tAK1seGGHuvzKbgELhuQNQP1jSGcBKkVLpvKXgtX8FTXxUszyuk63BtVfPfM0
m9qe8sdT1Ca8BQEemxPZ1x/M1CLJ50Osax6rqk0bweqH
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:55 2025 by rpki-client