Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/0a7826-6db0-4662-901a-975ad03d88e6/1/TLVl3OIwz0_8lErFtWE4nJBWxIE.roa
File: TLVl3OIwz0_8lErFtWE4nJBWxIE.roa (raw, json)
Hash identifier: LGah0zAXz19Pmekj6FVZ8MKmeDJ5SpxhNWL5pXD4Eac=
Subject key identifier: 4C:B5:65:DC:E2:30:CF:4F:FC:94:4A:C5:B5:61:38:9C:90:56:C4:81
Certificate issuer: /CN=72e6826c8628489db041fe78c09ef28b5421e45c
Certificate serial: 01856C65EA19659394A1CCD3CBDF5B4037A0
Authority key identifier: 72:E6:82:6C:86:28:48:9D:B0:41:FE:78:C0:9E:F2:8B:54:21:E4:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuaCbIYoSJ2wQf54wJ7yi1Qh5Fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/0a7826-6db0-4662-901a-975ad03d88e6/1/TLVl3OIwz0_8lErFtWE4nJBWxIE.roa
Signing time: Sun 01 Jan 2023 08:14:56 +0000
ROA not before: Sun 01 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34385
IP address blocks: 31.47.200.0/21 maxlen: 21
217.28.192.0/20 maxlen: 20
2a02:24f8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:ea:19:65:93:94:a1:cc:d3:cb:df:5b:40:37:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e6826c8628489db041fe78c09ef28b5421e45c
Validity
Not Before: Jan 1 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb565dce230cf4ffc944ac5b561389c9056c481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4c:85:90:30:6f:97:1c:ac:27:8a:99:98:89:
60:df:73:88:e4:74:bd:4e:ac:ee:55:1e:12:0d:63:
4a:f7:f8:78:87:10:fd:71:a3:24:4e:40:2c:25:36:
ac:c2:21:00:32:18:f3:40:4c:17:c0:60:2a:fa:2d:
2d:db:c7:03:50:18:12:5a:ca:af:3a:14:10:68:e5:
df:f6:ff:c3:14:2b:56:12:c8:41:fc:35:39:91:56:
e2:5e:61:da:63:35:66:cb:b1:f4:da:b0:ec:4e:1a:
65:f8:00:5c:04:b1:47:46:d0:9e:68:87:05:2c:14:
6f:ca:18:e8:f1:2e:fa:b4:36:d3:87:c2:48:7e:54:
65:69:d3:d4:26:0d:fb:cf:a7:9a:6d:92:fc:e4:38:
e2:3b:ac:e8:4c:88:8d:0d:87:ad:e6:2d:ed:41:65:
98:f5:ad:7e:7d:cd:3c:64:6e:ef:15:cb:44:6a:12:
25:66:92:ae:46:19:7d:14:78:3f:a6:ab:b7:30:4a:
1a:7b:e2:59:e6:f2:91:b0:eb:54:f8:94:24:47:7d:
9f:35:02:83:ef:12:f5:22:b3:d7:33:5c:9b:4a:50:
0a:dc:e8:67:1a:38:b5:69:d0:b0:28:33:33:53:e1:
99:d0:02:25:b2:b4:6b:30:67:39:b2:60:e2:dd:41:
37:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B5:65:DC:E2:30:CF:4F:FC:94:4A:C5:B5:61:38:9C:90:56:C4:81
X509v3 Authority Key Identifier:
keyid:72:E6:82:6C:86:28:48:9D:B0:41:FE:78:C0:9E:F2:8B:54:21:E4:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuaCbIYoSJ2wQf54wJ7yi1Qh5Fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0a7826-6db0-4662-901a-975ad03d88e6/1/TLVl3OIwz0_8lErFtWE4nJBWxIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/0a7826-6db0-4662-901a-975ad03d88e6/1/cuaCbIYoSJ2wQf54wJ7yi1Qh5Fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.200.0/21
217.28.192.0/20
IPv6:
2a02:24f8::/32
Signature Algorithm: sha256WithRSAEncryption
78:47:0e:20:5a:3d:fb:2d:2c:98:e4:b6:73:7d:d9:63:85:a1:
16:ff:30:68:6f:87:b1:3e:a4:57:22:ce:e6:da:96:41:8b:54:
3e:6a:60:da:51:cc:43:88:e1:3c:35:ee:2b:f1:9f:fd:02:63:
8f:f4:70:cb:64:bd:63:e1:e3:6d:8f:96:6e:19:9f:ad:22:59:
e6:fe:6d:36:19:14:1e:09:87:bc:4f:02:31:0d:b3:54:e0:c2:
61:3a:df:7a:ef:b8:95:7c:59:12:11:9f:a0:a7:de:05:e9:ca:
01:9f:30:fe:d6:f7:06:d9:f9:e2:c4:aa:45:40:9a:c9:e0:8e:
a7:f8:aa:0b:ad:d0:cc:8c:aa:c4:da:ad:87:42:dd:80:b1:82:
23:6e:69:9c:8e:17:a0:90:7a:fe:51:0b:3f:88:8a:3e:63:ed:
e6:65:c5:c6:d6:c4:7b:e7:31:73:1a:bd:db:41:cd:cc:01:33:
fc:02:54:3e:64:5c:ac:ba:ea:cd:e5:c2:f4:e9:2b:cc:4b:ba:
d7:a4:6e:d1:d3:76:9f:e5:98:a0:2d:ee:27:1f:a6:1d:5f:21:
b3:a8:4a:3b:9d:d3:78:12:3a:ea:23:37:da:28:99:a7:f6:26:
f2:59:de:56:67:23:d9:bb:3c:b7:95:c6:09:27:91:69:d1:13:
7e:3e:7c:36
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsZeoZZZOUoczTy99bQDegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTY4MjZjODYyODQ4OWRiMDQxZmU3OGMwOWVmMjhiNTQy
MWU0NWMwHhcNMjMwMTAxMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I1NjVkY2UyMzBjZjRmZmM5NDRhYzViNTYxMzg5YzkwNTZjNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEyFkDBvlxysJ4qZmIlg33OI5HS9
TqzuVR4SDWNK9/h4hxD9caMkTkAsJTaswiEAMhjzQEwXwGAq+i0t28cDUBgSWsqv
OhQQaOXf9v/DFCtWEshB/DU5kVbiXmHaYzVmy7H02rDsThpl+ABcBLFHRtCeaIcF
LBRvyhjo8S76tDbTh8JIflRladPUJg37z6eabZL85DjiO6zoTIiNDYet5i3tQWWY
9a1+fc08ZG7vFctEahIlZpKuRhl9FHg/pqu3MEoae+JZ5vKRsOtU+JQkR32fNQKD
7xL1IrPXM1ybSlAK3OhnGji1adCwKDMzU+GZ0AIlsrRrMGc5smDi3UE3vQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEy1ZdziMM9P/JRKxbVhOJyQVsSBMB8GA1UdIwQY
MBaAFHLmgmyGKEidsEH+eMCe8otUIeRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VhQ2JJWW9TSjJ3UWY1NHdKN3lpMVFoNUZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8wYTc4MjYtNmRiMC00NjYyLTkwMWEt
OTc1YWQwM2Q4OGU2LzEvVExWbDNPSXd6MF84bEVyRnRXRTRuSkJXeElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8wYTc4MjYtNmRiMC00NjYyLTkwMWEtOTc1YWQwM2Q4OGU2
LzEvY3VhQ2JJWW9TSjJ3UWY1NHdKN3lpMVFoNUZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHy/IAwQE
2RzAMA0EAgACMAcDBQAqAiT4MA0GCSqGSIb3DQEBCwUAA4IBAQB4Rw4gWj37LSyY
5LZzfdljhaEW/zBob4exPqRXIs7m2pZBi1Q+amDaUcxDiOE8Ne4r8Z/9AmOP9HDL
ZL1j4eNtj5ZuGZ+tIlnm/m02GRQeCYe8TwIxDbNU4MJhOt9677iVfFkSEZ+gp94F
6coBnzD+1vcG2fnixKpFQJrJ4I6n+KoLrdDMjKrE2q2HQt2AsYIjbmmcjhegkHr+
UQs/iIo+Y+3mZcXG1sR75zFzGr3bQc3MATP8AlQ+ZFysuurN5cL06SvMS7rXpG7R
03af5ZigLe4nH6YdXyGzqEo7ndN4EjrqIzfaKJmn9ibyWd5WZyPZuzy3lcYJJ5Fp
0RN+Pnw2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:05 2024 by rpki-client on console-ams.rpki-client.org