Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/8cBqs99LJedngYQKPa0y9m1mLVQ.roa
File: 8cBqs99LJedngYQKPa0y9m1mLVQ.roa (raw, json)
Hash identifier: zQfqpwss8VKzfWxFPBCaSKTJmdDoehnIa2CNkkE7Zcc=
Subject key identifier: F1:C0:6A:B3:DF:4B:25:E7:67:81:84:0A:3D:AD:32:F6:6D:66:2D:54
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 018CCA9998EA186605A27515A027B6A706E7
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/8cBqs99LJedngYQKPa0y9m1mLVQ.roa
Signing time: Tue 02 Jan 2024 14:35:12 +0000
ROA not before: Tue 02 Jan 2024 14:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58262
IP address blocks: 31.40.4.0/24 maxlen: 24
31.40.3.0/24 maxlen: 24
31.40.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 05:06:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:98:ea:18:66:05:a2:75:15:a0:27:b6:a7:06:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Jan 2 14:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1c06ab3df4b25e76781840a3dad32f66d662d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:e3:4d:e0:eb:c4:bc:a6:ef:54:3a:72:71:
85:0b:8c:69:99:d5:6c:22:c9:ca:fc:1e:39:f3:67:
72:75:0a:2e:df:75:b2:ca:4b:11:0d:2e:5f:be:4b:
d3:16:87:9f:a8:84:78:89:b2:05:2e:17:40:df:3a:
1d:18:28:d8:8a:3b:a5:f5:f4:96:dd:af:aa:62:08:
a7:a4:d7:96:8a:9c:15:24:57:3d:a2:a3:9d:e1:05:
65:a9:bd:46:09:57:10:54:b0:39:7e:2c:12:36:9d:
c3:16:a1:07:57:72:a3:90:09:fd:cc:05:7e:3b:87:
69:d8:5f:34:38:ab:e6:fd:9d:6f:58:e8:4f:0f:1e:
df:d0:47:a6:1a:6c:75:80:c8:14:58:60:81:fa:97:
43:e8:34:10:65:cb:7d:11:45:08:a1:ac:bb:91:13:
a7:b7:7a:30:69:3b:e8:b2:e8:ed:bc:28:35:c2:86:
fa:d2:1e:46:65:fb:14:2f:a0:11:54:38:5d:35:af:
c3:a8:71:20:4e:f4:02:6d:f4:c7:79:7f:6d:2e:60:
e1:9a:41:4d:d6:81:cd:dc:10:a8:2b:94:7b:bb:eb:
2e:68:24:4d:c0:ca:1b:89:92:27:bc:22:08:cb:05:
fa:59:e1:27:f0:84:6a:ee:85:e1:49:c3:e2:be:b2:
c1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C0:6A:B3:DF:4B:25:E7:67:81:84:0A:3D:AD:32:F6:6D:66:2D:54
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/8cBqs99LJedngYQKPa0y9m1mLVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.2.0-31.40.4.255
Signature Algorithm: sha256WithRSAEncryption
39:20:64:2a:85:a8:8d:71:40:67:88:93:d1:0a:16:0b:59:c3:
ab:8c:7a:b8:3e:c3:0d:2e:bd:b6:1f:88:38:78:59:87:9b:36:
2b:9a:fd:06:47:78:59:d5:32:40:68:b4:46:a9:26:87:63:d5:
7d:ac:74:b9:2c:d2:d4:84:28:a7:a0:8b:dd:e2:bb:53:e9:40:
f6:11:0b:15:17:80:2c:7a:6d:72:92:a7:69:f5:a1:a6:5c:5c:
7d:67:07:90:cb:37:e4:de:c0:46:7d:51:9d:7a:f7:13:2a:68:
3d:49:bf:6e:70:14:c1:49:c7:f0:35:6d:74:e8:dc:17:8e:98:
f3:31:11:9a:2d:6d:e2:b9:4f:a9:06:b9:ef:bd:1a:65:5d:4e:
17:78:93:0a:99:c6:39:b1:b8:e7:6a:9e:6a:d2:7b:82:da:80:
64:b6:9d:a4:bb:cf:4d:0f:21:5a:5b:b1:84:c0:0c:fc:b7:ba:
f1:b5:f1:ad:1b:3d:d3:26:fc:1e:6d:d7:3a:5a:54:1f:02:e1:
26:f1:29:0c:8b:63:b0:53:f1:09:6a:f3:99:f7:7a:14:b2:26:
a2:b7:c0:99:26:9a:aa:3b:2d:d4:c4:e6:6f:d5:8c:66:d0:7c:
52:27:13:03:79:95:2e:e6:37:af:ec:ad:92:35:e7:84:c7:d8:
58:e9:bf:d8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmZjqGGYFonUVoCe2pwbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjQwMTAyMTQzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWMwNmFiM2RmNGIyNWU3Njc4MTg0MGEzZGFkMzJmNjZkNjYyZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvjTeDrxLym71Q6cnGFC4xpmdVs
IsnK/B4582dydQou33WyyksRDS5fvkvTFoefqIR4ibIFLhdA3zodGCjYijul9fSW
3a+qYginpNeWipwVJFc9oqOd4QVlqb1GCVcQVLA5fiwSNp3DFqEHV3KjkAn9zAV+
O4dp2F80OKvm/Z1vWOhPDx7f0EemGmx1gMgUWGCB+pdD6DQQZct9EUUIoay7kROn
t3owaTvosujtvCg1wob60h5GZfsUL6ARVDhdNa/DqHEgTvQCbfTHeX9tLmDhmkFN
1oHN3BCoK5R7u+suaCRNwMobiZInvCIIywX6WeEn8IRq7oXhScPivrLBvwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPHAarPfSyXnZ4GECj2tMvZtZi1UMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEvOGNCcXM5OUxKZWRuZ1lRS1BhMHk5bTFtTFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEfKAID
BAAfKAQwDQYJKoZIhvcNAQELBQADggEBADkgZCqFqI1xQGeIk9EKFgtZw6uMerg+
ww0uvbYfiDh4WYebNiua/QZHeFnVMkBotEapJodj1X2sdLks0tSEKKegi93iu1Pp
QPYRCxUXgCx6bXKSp2n1oaZcXH1nB5DLN+TewEZ9UZ169xMqaD1Jv25wFMFJx/A1
bXTo3BeOmPMxEZotbeK5T6kGue+9GmVdThd4kwqZxjmxuOdqnmrSe4LagGS2naS7
z00PIVpbsYTADPy3uvG18a0bPdMm/B5t1zpaVB8C4SbxKQyLY7BT8Qlq85n3ehSy
JqK3wJkmmqo7LdTE5m/VjGbQfFInEwN5lS7mN6/srZI154TH2Fjpv9g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:25 2024 by rpki-client on console-ams.rpki-client.org