Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/dmyxkzYOKq469jvi3MgYB_556WE.roa
File: dmyxkzYOKq469jvi3MgYB_556WE.roa (raw, json)
Hash identifier: qb0rnDVgKefkHA6HTPbf979L3my/6cu2CsgknNL+I1Q=
Subject key identifier: 76:6C:B1:93:36:0E:2A:AE:3A:F6:3B:E2:DC:C8:18:07:FE:79:E9:61
Certificate issuer: /CN=69f8eb366fc6c8a09bfb140f1505f9ec675d42e4
Certificate serial: 01879461AA3319B0326067E28279411B8782
Authority key identifier: 69:F8:EB:36:6F:C6:C8:A0:9B:FB:14:0F:15:05:F9:EC:67:5D:42:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afjrNm_GyKCb-xQPFQX57GddQuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/dmyxkzYOKq469jvi3MgYB_556WE.roa
Signing time: Tue 18 Apr 2023 12:40:41 +0000
ROA not before: Tue 18 Apr 2023 12:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15497
IP address blocks: 31.28.160.0/22 maxlen: 22
31.28.164.0/22 maxlen: 22
31.28.169.0/24 maxlen: 24
31.28.172.0/22 maxlen: 22
31.28.168.0/22 maxlen: 22
31.28.176.0/22 maxlen: 22
31.28.184.0/22 maxlen: 22
31.28.180.0/22 maxlen: 22
31.28.191.0/24 maxlen: 24
31.28.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:61:aa:33:19:b0:32:60:67:e2:82:79:41:1b:87:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f8eb366fc6c8a09bfb140f1505f9ec675d42e4
Validity
Not Before: Apr 18 12:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=766cb193360e2aae3af63be2dcc81807fe79e961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:12:96:0e:cd:ba:82:e3:0c:1c:45:be:0c:5a:
75:c4:09:ac:3f:a6:d2:0b:15:37:bd:59:c1:e7:f7:
ab:56:ee:9f:2e:ea:fc:56:13:59:cf:ae:a7:e3:23:
d1:38:34:8c:c0:0a:ca:9f:a3:a5:74:e0:36:26:25:
84:00:60:3f:40:2e:06:63:62:9a:af:a1:cd:ca:fd:
4a:13:0d:8d:3e:5b:0b:4d:5e:b7:0b:c0:02:ba:e5:
11:46:fa:04:4c:e9:ea:fd:97:9a:1d:08:ed:28:ba:
1d:cd:46:9c:08:dd:7c:42:0f:e8:08:1d:8a:27:ff:
bf:34:97:6c:ec:7b:a4:f6:0a:e0:05:1a:0d:39:1a:
94:fd:bb:fa:96:b3:44:7b:07:a2:56:14:51:62:06:
87:ac:55:75:19:fd:83:d4:a7:f7:a6:13:ee:80:36:
55:5a:73:8a:8b:32:37:57:e6:74:cf:0d:03:33:0f:
3a:df:04:0d:dc:8c:2f:02:53:61:6e:63:29:5e:23:
d4:9e:65:b9:6c:70:b0:c6:26:a4:05:6f:c8:39:b1:
04:94:42:5a:fd:aa:14:67:8b:19:e7:38:6e:ea:be:
df:32:3b:2a:17:de:31:f5:42:8e:1d:4c:0c:35:b7:
1a:f6:c6:4c:07:91:62:de:16:4c:b1:54:fd:af:ea:
7b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6C:B1:93:36:0E:2A:AE:3A:F6:3B:E2:DC:C8:18:07:FE:79:E9:61
X509v3 Authority Key Identifier:
keyid:69:F8:EB:36:6F:C6:C8:A0:9B:FB:14:0F:15:05:F9:EC:67:5D:42:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afjrNm_GyKCb-xQPFQX57GddQuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/dmyxkzYOKq469jvi3MgYB_556WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fdad8c-9ed3-4f01-b107-7486c0582f2a/1/afjrNm_GyKCb-xQPFQX57GddQuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.160.0-31.28.188.255
31.28.191.0/24
Signature Algorithm: sha256WithRSAEncryption
66:18:4d:5e:35:79:69:ae:05:ca:7f:2a:d6:2a:71:52:00:cb:
cc:9c:00:a2:9b:b0:6f:a7:d6:9c:24:ef:27:be:77:c9:dd:71:
b2:78:e5:07:92:97:a1:19:1e:5f:1d:e9:8b:d5:35:7b:48:91:
e2:5e:97:b4:0d:5d:23:9e:a2:90:97:0e:87:3c:c9:75:03:0b:
df:4b:c4:94:db:20:e7:4f:e7:83:e9:ab:8f:a8:7a:94:4f:54:
d6:01:a7:92:eb:73:33:c7:d6:eb:ab:24:86:9a:bc:b4:b9:f2:
a2:b6:8e:15:ec:9a:14:61:52:a5:a8:89:db:f9:93:f1:08:ef:
2d:b6:c9:b9:39:c5:16:34:11:b1:96:7e:be:06:04:da:33:64:
6e:b6:12:de:1a:f2:6f:7d:42:ff:d5:ac:7b:a0:9d:44:9e:0e:
ad:4f:63:71:3a:7d:ac:5c:ed:02:26:54:cc:0b:b0:53:88:1d:
6d:2c:05:36:b8:0d:71:e3:b2:6a:81:44:7d:31:de:b3:ee:06:
3f:e5:81:0e:57:ff:6c:5f:98:c6:2c:31:2f:59:9a:d0:81:55:
b3:aa:c5:c6:76:7a:ca:1e:0d:37:04:2c:2b:88:2c:c8:9a:fb:
57:f3:8c:fc:01:5b:07:63:56:36:ba:1e:fe:1d:16:a3:e1:45:
3e:76:1e:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYeUYaozGbAyYGfignlBG4eCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjhlYjM2NmZjNmM4YTA5YmZiMTQwZjE1MDVmOWVjNjc1
ZDQyZTQwHhcNMjMwNDE4MTI0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjZjYjE5MzM2MGUyYWFlM2FmNjNiZTJkY2M4MTgwN2ZlNzllOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxKWDs26guMMHEW+DFp1xAmsP6bS
CxU3vVnB5/erVu6fLur8VhNZz66n4yPRODSMwArKn6OldOA2JiWEAGA/QC4GY2Ka
r6HNyv1KEw2NPlsLTV63C8ACuuURRvoETOnq/ZeaHQjtKLodzUacCN18Qg/oCB2K
J/+/NJds7Huk9grgBRoNORqU/bv6lrNEeweiVhRRYgaHrFV1Gf2D1Kf3phPugDZV
WnOKizI3V+Z0zw0DMw863wQN3IwvAlNhbmMpXiPUnmW5bHCwxiakBW/IObEElEJa
/aoUZ4sZ5zhu6r7fMjsqF94x9UKOHUwMNbca9sZMB5Fi3hZMsVT9r+p7IwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHZssZM2DiquOvY74tzIGAf+eelhMB8GA1UdIwQY
MBaAFGn46zZvxsigm/sUDxUF+exnXULkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZqck5tX0d5S0NiLXhRUEZRWDU3R2RkUXVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mZGFkOGMtOWVkMy00ZjAxLWIxMDct
NzQ4NmMwNTgyZjJhLzEvZG15eGt6WU9LcTQ2OWp2aTNNZ1lCXzU1NldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mZGFkOGMtOWVkMy00ZjAxLWIxMDctNzQ4NmMwNTgyZjJh
LzEvYWZqck5tX0d5S0NiLXhRUEZRWDU3R2RkUXVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAUfHKAD
BAAfHLwDBAAfHL8wDQYJKoZIhvcNAQELBQADggEBAGYYTV41eWmuBcp/KtYqcVIA
y8ycAKKbsG+n1pwk7ye+d8ndcbJ45QeSl6EZHl8d6YvVNXtIkeJel7QNXSOeopCX
Doc8yXUDC99LxJTbIOdP54Ppq4+oepRPVNYBp5LrczPH1uurJIaavLS58qK2jhXs
mhRhUqWoidv5k/EI7y22ybk5xRY0EbGWfr4GBNozZG62Et4a8m99Qv/VrHugnUSe
Dq1PY3E6faxc7QImVMwLsFOIHW0sBTa4DXHjsmqBRH0x3rPuBj/lgQ5X/2xfmMYs
MS9ZmtCBVbOqxcZ2esoeDTcELCuILMia+1fzjPwBWwdjVja6Hv4dFqPhRT52HiI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-ams.rpki-client.org