Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/k_bT-d-fVgOTiGy6Obd7xdm_fg0.roa
File: k_bT-d-fVgOTiGy6Obd7xdm_fg0.roa (raw, json)
Hash identifier: clw6h6J0wEQ4j5B8kU7zWgGTCHT2Ax06s5oxGXr3Xow=
Subject key identifier: 93:F6:D3:F9:DF:9F:56:03:93:88:6C:BA:39:B7:7B:C5:D9:BF:7E:0D
Certificate issuer: /CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Certificate serial: 018F1429679DB404C092D1BE72F7B095D688
Authority key identifier: B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/k_bT-d-fVgOTiGy6Obd7xdm_fg0.roa
Signing time: Thu 25 Apr 2024 07:30:08 +0000
ROA not before: Thu 25 Apr 2024 07:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199095
IP address blocks: 31.31.128.0/19 maxlen: 24
2a11:bfc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 30 Apr 2024 20:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:29:67:9d:b4:04:c0:92:d1:be:72:f7:b0:95:d6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Validity
Not Before: Apr 25 07:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93f6d3f9df9f560393886cba39b77bc5d9bf7e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:45:f6:4c:3e:49:c3:73:ca:91:99:1e:76:90:
c4:e2:2b:15:9e:82:e4:ef:18:80:e4:68:28:61:0f:
34:ae:1c:05:f9:3a:9f:ba:83:25:47:80:43:5a:26:
f0:3e:f7:dc:1d:86:51:c6:8d:88:20:44:a0:df:e2:
5d:d5:75:5a:78:2a:5d:90:0c:d1:7c:b7:96:dd:63:
24:08:77:af:21:fa:db:e4:fe:d9:7c:40:73:20:c3:
cd:31:0f:ad:92:b1:e0:87:2e:de:28:2c:c0:eb:cb:
8c:9a:f3:87:89:31:52:ca:4c:aa:3b:c3:19:25:fd:
ac:28:a8:52:87:c2:a1:ef:55:e7:03:7d:d2:14:15:
e5:e6:0c:02:14:29:f1:63:6a:4d:76:bb:15:8e:ee:
89:81:1a:aa:af:0e:2f:d5:14:0c:33:f5:9b:fc:91:
f1:18:c2:4d:45:0b:20:31:de:46:05:e6:30:d3:98:
7c:d8:5d:20:87:5b:24:9c:eb:2c:c3:2f:1b:40:32:
c3:87:d1:47:d1:fa:4a:12:e3:52:ed:9d:4d:62:47:
f5:b6:c9:ca:46:73:08:7e:09:4a:7c:69:48:58:9b:
06:6b:73:48:85:63:64:6b:2c:b0:30:4a:44:45:65:
23:56:68:16:fa:0e:0d:75:18:8e:59:c1:fe:38:c0:
48:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F6:D3:F9:DF:9F:56:03:93:88:6C:BA:39:B7:7B:C5:D9:BF:7E:0D
X509v3 Authority Key Identifier:
keyid:B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/k_bT-d-fVgOTiGy6Obd7xdm_fg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.128.0/19
IPv6:
2a11:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:97:84:ef:34:02:e5:3c:5d:ac:18:26:59:98:ce:c9:90:5a:
55:b8:ef:85:26:f0:ae:df:10:b3:50:40:05:33:7f:0c:1d:17:
58:47:df:be:11:82:90:4a:71:ef:e2:96:93:28:24:bb:5c:3b:
5c:58:e0:0e:0e:9d:c8:ad:4c:60:bc:dd:4e:76:3f:21:01:23:
30:60:7c:4e:19:04:b6:8a:d0:f2:d9:6d:f8:fb:ec:18:7c:79:
a6:64:b9:5b:25:98:4c:35:83:f1:cc:57:4d:69:7f:7a:47:15:
e0:a2:bf:0b:27:5f:34:e7:7f:c9:94:98:aa:47:c5:ef:e5:66:
97:57:53:67:20:64:57:2a:12:f9:1d:0d:f7:ef:4c:10:0c:88:
10:95:47:b6:60:27:51:2b:85:de:3d:56:8b:bd:6e:f1:46:30:
b9:57:f1:d3:2b:53:40:c0:2f:d8:97:64:9c:39:b9:58:b5:d0:
bd:d3:41:c8:2e:b9:c4:54:a3:40:ad:cd:9d:3a:5e:9b:ff:55:
f1:c4:1c:a0:f5:7a:1d:7b:e0:62:a3:5c:f8:a4:63:9c:b8:a9:
92:79:e7:9f:dd:43:db:b6:3e:43:e2:07:7c:38:bf:13:2f:bb:
5b:99:b1:79:28:8a:9a:33:db:f1:f8:bd:4d:da:96:93:6c:b5:
87:56:7c:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8UKWedtATAktG+cvewldaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjcxM2NmMjA1NTJkNmM1YzIzZjA5ZTdiMzc2Njk4NDZm
OWNhNTAwHhcNMjQwNDI1MDczMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y2ZDNmOWRmOWY1NjAzOTM4ODZjYmEzOWI3N2JjNWQ5YmY3ZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UX2TD5Jw3PKkZkedpDE4isVnoLk
7xiA5GgoYQ80rhwF+TqfuoMlR4BDWibwPvfcHYZRxo2IIESg3+Jd1XVaeCpdkAzR
fLeW3WMkCHevIfrb5P7ZfEBzIMPNMQ+tkrHghy7eKCzA68uMmvOHiTFSykyqO8MZ
Jf2sKKhSh8Kh71XnA33SFBXl5gwCFCnxY2pNdrsVju6JgRqqrw4v1RQMM/Wb/JHx
GMJNRQsgMd5GBeYw05h82F0gh1sknOsswy8bQDLDh9FH0fpKEuNS7Z1NYkf1tsnK
RnMIfglKfGlIWJsGa3NIhWNkayywMEpERWUjVmgW+g4NdRiOWcH+OMBIrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJP20/nfn1YDk4hsujm3e8XZv34NMB8GA1UdIwQY
MBaAFLH3E88gVS1sXCPwnns3ZphG+cpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYt
Njk0ZDc4YjMyZDIwLzEva19iVC1kLWZWZ09UaUd5Nk9iZDd4ZG1fZmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYtNjk0ZDc4YjMyZDIw
LzEvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFHx+AMA0E
AgACMAcDBQMqEb/AMA0GCSqGSIb3DQEBCwUAA4IBAQBul4TvNALlPF2sGCZZmM7J
kFpVuO+FJvCu3xCzUEAFM38MHRdYR9++EYKQSnHv4paTKCS7XDtcWOAODp3IrUxg
vN1Odj8hASMwYHxOGQS2itDy2W34++wYfHmmZLlbJZhMNYPxzFdNaX96RxXgor8L
J18053/JlJiqR8Xv5WaXV1NnIGRXKhL5HQ3370wQDIgQlUe2YCdRK4XePVaLvW7x
RjC5V/HTK1NAwC/Yl2ScOblYtdC900HILrnEVKNArc2dOl6b/1XxxByg9Xode+Bi
o1z4pGOcuKmSeeef3UPbtj5D4gd8OL8TL7tbmbF5KIqaM9vx+L1N2paTbLWHVnwS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:19 2024 by rpki-client on console-fra.rpki-client.org