Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/nAsrJHlsiDdrZva3KzO5J_YDfW0.roa
File: nAsrJHlsiDdrZva3KzO5J_YDfW0.roa (raw, json)
Hash identifier: 4+cPzy8c3sI4CC1G7alxLJRwSEu63cMqOt6CvBU+0U0=
Subject key identifier: 9C:0B:2B:24:79:6C:88:37:6B:66:F6:B7:2B:33:B9:27:F6:03:7D:6D
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 01856FC28A53944AC2D0626CFAFECABF6BDB
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/nAsrJHlsiDdrZva3KzO5J_YDfW0.roa
Signing time: Sun 01 Jan 2023 23:54:58 +0000
ROA not before: Sun 01 Jan 2023 23:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 31.14.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8a:53:94:4a:c2:d0:62:6c:fa:fe:ca:bf:6b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: Jan 1 23:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c0b2b24796c88376b66f6b72b33b927f6037d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:60:3c:8d:44:9f:2e:8a:7f:51:1e:f4:6e:8d:
1c:64:9d:1c:b2:4e:7f:19:3f:64:dc:0b:76:15:16:
f3:e8:f8:eb:09:15:a1:1e:f8:b9:e1:2e:63:cb:d2:
81:68:22:48:31:6b:ec:bd:19:f0:db:fd:3f:cc:ff:
8f:ff:44:a8:05:67:c4:79:2a:d1:59:98:fe:bc:0d:
3a:7a:96:8a:4b:e5:81:bb:59:2b:3b:3d:38:be:9d:
dc:71:54:9a:1b:ab:fe:03:b7:00:c4:a3:58:48:72:
4b:61:33:20:14:88:32:67:49:03:57:82:93:60:73:
1a:92:f5:d1:15:91:c3:df:87:16:b6:2c:3d:6a:0f:
fe:32:96:54:0f:89:79:48:d9:86:3c:2d:1f:8c:5a:
1b:7c:6a:99:8f:a0:af:95:b1:38:6d:c0:68:5e:2d:
8b:11:ee:d7:94:d5:33:c8:88:44:44:3b:63:02:74:
db:62:03:b5:cb:0e:e3:2e:c9:21:06:6f:e6:35:74:
6b:3d:eb:8d:27:b3:87:2c:13:a0:44:4d:29:62:c1:
bc:16:c4:a6:ca:a6:6b:6f:e8:07:3e:59:35:fd:61:
60:be:01:64:3e:e9:bb:16:71:14:0a:1c:6e:db:f4:
43:f6:ff:b6:80:f0:3c:27:a1:52:69:51:1e:a1:43:
a2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0B:2B:24:79:6C:88:37:6B:66:F6:B7:2B:33:B9:27:F6:03:7D:6D
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/nAsrJHlsiDdrZva3KzO5J_YDfW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.36.0/24
Signature Algorithm: sha256WithRSAEncryption
90:ba:af:9b:89:aa:42:29:8b:97:d9:d7:cb:c9:e2:6f:ac:f7:
40:f9:29:31:2c:2e:92:e4:3e:1a:29:54:36:46:01:28:f8:cc:
9b:17:08:21:4e:86:1f:e8:99:7e:c7:68:c9:49:17:07:d8:8c:
55:32:f8:02:13:54:3a:d8:f3:ce:55:b7:2a:77:6e:87:5f:34:
d9:1d:15:8e:12:ed:c0:36:db:8c:8f:e6:3b:35:ac:ed:bf:15:
10:a9:cf:d7:6d:e3:b4:8f:c2:56:7c:4e:a4:95:09:e4:39:aa:
39:7b:22:58:4e:d2:1f:7f:fe:81:00:08:53:25:94:7f:12:73:
7e:fc:77:3c:36:2b:22:18:7d:59:59:f5:1f:8a:fe:fd:4b:f5:
fd:7d:ed:b0:ed:bd:cd:57:bb:95:ed:3f:a2:d1:28:54:d8:59:
35:27:9f:98:92:df:14:dc:10:fb:dc:16:da:e1:9e:02:94:c6:
7c:82:45:7e:3e:1c:3c:64:85:f0:b0:f3:99:a9:ba:56:b3:50:
45:98:0f:f8:87:ce:a4:eb:0d:6d:d2:32:88:fd:f5:e0:1e:8e:
78:bd:39:4a:7e:60:07:37:a3:5b:ea:83:2f:c2:95:9b:d5:01:
e2:0f:e3:ab:f2:78:4e:f6:aa:55:20:c1:63:c6:4c:dd:cb:4e:
9a:03:90:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwopTlErC0GJs+v7Kv2vbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjMwMTAxMjM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzBiMmIyNDc5NmM4ODM3NmI2NmY2YjcyYjMzYjkyN2Y2MDM3ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGA8jUSfLop/UR70bo0cZJ0csk5/
GT9k3At2FRbz6PjrCRWhHvi54S5jy9KBaCJIMWvsvRnw2/0/zP+P/0SoBWfEeSrR
WZj+vA06epaKS+WBu1krOz04vp3ccVSaG6v+A7cAxKNYSHJLYTMgFIgyZ0kDV4KT
YHMakvXRFZHD34cWtiw9ag/+MpZUD4l5SNmGPC0fjFobfGqZj6CvlbE4bcBoXi2L
Ee7XlNUzyIhERDtjAnTbYgO1yw7jLskhBm/mNXRrPeuNJ7OHLBOgRE0pYsG8FsSm
yqZrb+gHPlk1/WFgvgFkPum7FnEUChxu2/RD9v+2gPA8J6FSaVEeoUOiGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJwLKyR5bIg3a2b2tyszuSf2A31tMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvbkFzckpIbHNpRGRyWnZhM0t6TzVKX1lEZlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHw4kMA0G
CSqGSIb3DQEBCwUAA4IBAQCQuq+biapCKYuX2dfLyeJvrPdA+SkxLC6S5D4aKVQ2
RgEo+MybFwghToYf6Jl+x2jJSRcH2IxVMvgCE1Q62PPOVbcqd26HXzTZHRWOEu3A
NtuMj+Y7NaztvxUQqc/XbeO0j8JWfE6klQnkOao5eyJYTtIff/6BAAhTJZR/EnN+
/Hc8NisiGH1ZWfUfiv79S/X9fe2w7b3NV7uV7T+i0ShU2Fk1J5+Ykt8U3BD73Bba
4Z4ClMZ8gkV+Phw8ZIXwsPOZqbpWs1BFmA/4h86k6w1t0jKI/fXgHo54vTlKfmAH
N6Nb6oMvwpWb1QHiD+Or8nhO9qpVIMFjxkzdy06aA5An
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:41 2024 by rpki-client on console-ams.rpki-client.org