Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kaA1Hl0KZdWMOl_5BMH8Y6CO8bU.roa
File: kaA1Hl0KZdWMOl_5BMH8Y6CO8bU.roa (raw, json)
Hash identifier: aEVdwhDam6TUZQ0nABL6dBt/mMadsDmuagdO5y+iRfA=
Subject key identifier: 91:A0:35:1E:5D:0A:65:D5:8C:3A:5F:F9:04:C1:FC:63:A0:8E:F1:B5
Certificate issuer: /CN=942588b91da9cca81b49e603a988e2b1eabddc98
Certificate serial: 01856E8B0BFE689926A87C5DFE42FE236954
Authority key identifier: 94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kaA1Hl0KZdWMOl_5BMH8Y6CO8bU.roa
Signing time: Sun 01 Jan 2023 18:14:44 +0000
ROA not before: Sun 01 Jan 2023 18:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210541
IP address blocks: 31.42.112.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:0b:fe:68:99:26:a8:7c:5d:fe:42:fe:23:69:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=942588b91da9cca81b49e603a988e2b1eabddc98
Validity
Not Before: Jan 1 18:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91a0351e5d0a65d58c3a5ff904c1fc63a08ef1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:da:e0:71:bd:b8:dd:1d:cb:69:cd:62:43:13:
7b:8e:18:53:b5:d5:92:39:23:5a:72:99:0b:3c:38:
a5:48:17:8d:0a:e7:31:18:5f:42:70:30:96:69:36:
95:bd:df:42:8d:08:2a:2f:b2:46:b8:d3:d9:15:a7:
47:0d:51:2b:10:3f:60:38:c6:72:06:e5:ac:87:bb:
73:7f:c9:9d:a3:c8:a0:78:3a:48:93:b0:a5:52:ad:
5b:c8:75:5b:be:3a:a2:a3:ab:b3:ce:b2:14:35:2b:
e0:ce:b4:3c:c0:93:bb:c5:62:aa:a1:79:3e:28:df:
43:2a:77:bf:36:0b:d4:1b:bc:bb:f6:25:af:3d:99:
e1:99:ac:6b:20:30:c1:51:eb:ef:84:c4:93:2b:23:
e7:18:d8:24:2d:28:d0:e4:24:65:fb:a7:8b:83:79:
da:e8:c3:ee:67:41:db:39:1c:20:7d:b9:eb:76:9f:
c3:22:62:00:e0:31:23:27:95:ce:9c:49:3d:bb:d1:
1f:75:34:5f:17:2b:25:38:ff:db:23:86:c1:d0:95:
56:ef:e8:a0:b3:1c:af:d9:14:57:5b:3d:38:51:c0:
89:70:77:c8:d1:9d:ec:19:8b:7d:b5:36:17:c6:70:
c8:f2:6d:24:69:fa:7b:95:2b:4d:9a:b2:09:40:4d:
b6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A0:35:1E:5D:0A:65:D5:8C:3A:5F:F9:04:C1:FC:63:A0:8E:F1:B5
X509v3 Authority Key Identifier:
keyid:94:25:88:B9:1D:A9:CC:A8:1B:49:E6:03:A9:88:E2:B1:EA:BD:DC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lCWIuR2pzKgbSeYDqYjiseq93Jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/kaA1Hl0KZdWMOl_5BMH8Y6CO8bU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4bba7c-a81f-40e1-8814-65daad632957/1/lCWIuR2pzKgbSeYDqYjiseq93Jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.112.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:00:75:65:85:55:bf:fc:22:ac:df:3a:e8:49:9d:1f:fb:c1:
81:5f:ce:d6:7a:92:dd:66:9e:2f:e6:90:6c:81:17:bb:10:f0:
d0:82:0d:c6:99:f7:d2:ef:fd:69:4b:ad:5f:e9:a2:67:57:8b:
68:b1:c4:57:07:ed:c5:dd:20:51:70:5a:e8:4e:10:8d:e2:55:
ba:7e:7e:12:2a:4b:d5:8c:6a:f9:0a:48:f9:cf:2e:12:a8:0d:
f1:ff:e5:d0:92:de:66:7e:6d:8b:3b:24:21:a9:50:38:9e:35:
ed:04:7e:72:4b:84:f3:70:3f:68:e8:26:c2:3d:f4:66:77:32:
97:24:1a:a3:ed:88:04:a3:fe:ef:90:1b:6d:6f:a5:70:6b:4a:
6c:74:e2:e2:13:5a:00:ec:d3:42:9b:af:68:68:98:56:e9:91:
be:17:74:5e:a8:60:df:85:5d:34:c1:4a:80:f4:e0:1a:9e:c3:
38:48:dd:22:ed:88:f6:d9:a7:7b:c8:fb:02:fa:07:23:6d:4f:
92:72:f9:ff:e2:16:13:0e:45:40:47:3f:83:9d:c0:37:90:14:
69:42:40:3c:dd:5d:e7:d5:0d:c8:0b:71:3e:1b:c9:2e:56:33:
c4:84:6c:7b:a2:f9:8c:b2:67:70:70:fa:14:14:96:89:2c:65:
1c:a2:78:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuiwv+aJkmqHxd/kL+I2lUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MjU4OGI5MWRhOWNjYTgxYjQ5ZTYwM2E5ODhlMmIxZWFi
ZGRjOTgwHhcNMjMwMTAxMTgxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWEwMzUxZTVkMGE2NWQ1OGMzYTVmZjkwNGMxZmM2M2EwOGVmMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9rgcb243R3Lac1iQxN7jhhTtdWS
OSNacpkLPDilSBeNCucxGF9CcDCWaTaVvd9CjQgqL7JGuNPZFadHDVErED9gOMZy
BuWsh7tzf8mdo8igeDpIk7ClUq1byHVbvjqio6uzzrIUNSvgzrQ8wJO7xWKqoXk+
KN9DKne/NgvUG7y79iWvPZnhmaxrIDDBUevvhMSTKyPnGNgkLSjQ5CRl+6eLg3na
6MPuZ0HbORwgfbnrdp/DImIA4DEjJ5XOnEk9u9EfdTRfFyslOP/bI4bB0JVW7+ig
sxyv2RRXWz04UcCJcHfI0Z3sGYt9tTYXxnDI8m0kafp7lStNmrIJQE22UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGgNR5dCmXVjDpf+QTB/GOgjvG1MB8GA1UdIwQY
MBaAFJQliLkdqcyoG0nmA6mI4rHqvdyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQt
NjVkYWFkNjMyOTU3LzEva2FBMUhsMEtaZFdNT2xfNUJNSDhZNkNPOGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80YmJhN2MtYTgxZi00MGUxLTg4MTQtNjVkYWFkNjMyOTU3
LzEvbENXSXVSMnB6S2diU2VZRHFZamlzZXE5M0pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHypwMA0G
CSqGSIb3DQEBCwUAA4IBAQAOAHVlhVW//CKs3zroSZ0f+8GBX87WepLdZp4v5pBs
gRe7EPDQgg3GmffS7/1pS61f6aJnV4toscRXB+3F3SBRcFroThCN4lW6fn4SKkvV
jGr5Ckj5zy4SqA3x/+XQkt5mfm2LOyQhqVA4njXtBH5yS4TzcD9o6CbCPfRmdzKX
JBqj7YgEo/7vkBttb6Vwa0psdOLiE1oA7NNCm69oaJhW6ZG+F3ReqGDfhV00wUqA
9OAansM4SN0i7Yj22ad7yPsC+gcjbU+Scvn/4hYTDkVARz+DncA3kBRpQkA83V3n
1Q3IC3E+G8kuVjPEhGx7ovmMsmdwcPoUFJaJLGUcongq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:02 2023 by rpki-client on console-ams.rpki-client.org