Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/kU6tNxS36JHOSU0Lt1oo1my7q6c.roa
File: kU6tNxS36JHOSU0Lt1oo1my7q6c.roa (raw, json)
Hash identifier: 6gnWt8lwsTI+22wALlbjMXH54Ekj2WVpRX5RqT64G64=
Subject key identifier: 91:4E:AD:37:14:B7:E8:91:CE:49:4D:0B:B7:5A:28:D6:6C:BB:AB:A7
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 018765EB267824341D6E29D956BBA58E59EE
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/kU6tNxS36JHOSU0Lt1oo1my7q6c.roa
Signing time: Sun 09 Apr 2023 12:08:42 +0000
ROA not before: Sun 09 Apr 2023 12:08:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58262
IP address blocks: 31.40.4.0/24 maxlen: 24
31.40.3.0/24 maxlen: 24
31.40.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:eb:26:78:24:34:1d:6e:29:d9:56:bb:a5:8e:59:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Apr 9 12:08:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=914ead3714b7e891ce494d0bb75a28d66cbbaba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:31:d8:70:f0:53:32:48:fd:f0:19:22:4b:76:
6a:2d:cb:97:98:dd:2f:8b:ce:ff:24:73:3b:b2:2d:
07:6a:d2:c7:48:a1:82:07:b3:19:92:fc:05:a6:19:
30:68:14:11:e2:79:36:b3:7f:c3:a1:5c:25:24:55:
c9:ba:77:c6:c7:f8:e1:7a:9c:f8:26:43:b0:a7:ce:
e6:c0:90:57:3f:d6:1c:29:bf:bc:7c:3a:e9:4c:ae:
25:2a:3d:16:65:00:90:ac:39:91:08:52:13:d2:24:
41:03:8e:d1:04:26:cc:a5:9d:d8:ea:a5:61:34:b5:
2c:2a:2b:4d:46:37:dc:fb:69:57:2f:7d:8b:9a:44:
6f:1d:3e:65:3e:1b:cf:99:08:37:c2:d9:98:b7:9c:
62:48:ee:bd:3d:36:3b:f1:2c:58:bf:2d:8e:2a:dc:
61:d5:67:62:7a:52:4c:9e:4b:5a:c6:ae:53:23:5a:
4c:71:52:8f:5b:30:c2:64:9e:55:90:8f:02:30:74:
76:e9:88:09:17:f2:65:9e:c6:49:87:74:34:1f:54:
c3:fe:a4:10:7c:31:f1:3e:01:83:03:e8:bc:28:78:
95:c1:5b:22:df:94:ba:cc:1d:91:c7:11:3a:aa:7a:
36:7e:5b:9a:81:c1:fd:df:7e:45:32:67:ba:2e:e3:
3a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4E:AD:37:14:B7:E8:91:CE:49:4D:0B:B7:5A:28:D6:6C:BB:AB:A7
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/kU6tNxS36JHOSU0Lt1oo1my7q6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.2.0-31.40.4.255
Signature Algorithm: sha256WithRSAEncryption
5d:15:8b:bd:b9:4e:74:33:d8:f2:e7:da:8a:65:41:25:11:a2:
80:a7:43:c1:50:f8:ac:3c:f9:76:fb:d1:77:59:74:b6:9b:5e:
cc:b7:cd:02:2b:16:2e:00:98:9b:6e:8b:01:7f:d2:35:f4:8f:
d9:bd:7a:91:e2:98:04:4b:84:8d:94:54:21:3f:03:a8:24:fe:
93:7f:c8:79:c4:73:a6:09:ee:a6:18:f6:31:05:7a:fd:57:83:
a2:af:d5:66:b9:d7:00:a6:eb:fa:80:6f:d0:32:a5:21:e7:90:
03:34:2c:f1:89:b8:1d:a9:ce:aa:0c:5a:17:08:63:c8:af:34:
b9:db:e7:05:a0:b1:2c:0f:bb:4a:7e:06:cc:9a:b5:c4:2c:67:
23:5a:c4:5e:db:2d:37:2b:5e:f8:f4:ea:36:12:69:c6:fa:ae:
f1:64:fd:69:d4:b2:1d:6e:ba:51:2a:53:f1:c8:7f:be:f9:6b:
93:1c:9b:67:4b:19:96:ba:c4:f4:8d:b7:5a:ef:58:8e:58:b7:
91:c9:60:6b:b0:83:42:d9:4e:22:fc:b7:d5:ad:f9:da:67:a2:
74:f4:5d:39:09:af:f6:1a:f8:a1:cc:27:65:f2:7a:02:41:cb:
91:50:ae:ec:57:fc:d5:10:58:f5:5c:5d:38:e0:fa:d0:14:8d:
27:d0:55:a1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYdl6yZ4JDQdbinZVruljlnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjMwNDA5MTIwODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRlYWQzNzE0YjdlODkxY2U0OTRkMGJiNzVhMjhkNjZjYmJhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTHYcPBTMkj98BkiS3ZqLcuXmN0v
i87/JHM7si0HatLHSKGCB7MZkvwFphkwaBQR4nk2s3/DoVwlJFXJunfGx/jhepz4
JkOwp87mwJBXP9YcKb+8fDrpTK4lKj0WZQCQrDmRCFIT0iRBA47RBCbMpZ3Y6qVh
NLUsKitNRjfc+2lXL32LmkRvHT5lPhvPmQg3wtmYt5xiSO69PTY78SxYvy2OKtxh
1WdielJMnktaxq5TI1pMcVKPWzDCZJ5VkI8CMHR26YgJF/JlnsZJh3Q0H1TD/qQQ
fDHxPgGDA+i8KHiVwVsi35S6zB2RxxE6qno2fluagcH9335FMme6LuM6FQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJFOrTcUt+iRzklNC7daKNZsu6unMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEva1U2dE54UzM2SkhPU1UwTHQxb28xbXk3cTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAEfKAID
BAAfKAQwDQYJKoZIhvcNAQELBQADggEBAF0Vi725TnQz2PLn2oplQSURooCnQ8FQ
+Kw8+Xb70XdZdLabXsy3zQIrFi4AmJtuiwF/0jX0j9m9epHimARLhI2UVCE/A6gk
/pN/yHnEc6YJ7qYY9jEFev1Xg6Kv1Wa51wCm6/qAb9AypSHnkAM0LPGJuB2pzqoM
WhcIY8ivNLnb5wWgsSwPu0p+BsyatcQsZyNaxF7bLTcrXvj06jYSacb6rvFk/WnU
sh1uulEqU/HIf775a5Mcm2dLGZa6xPSNt1rvWI5Yt5HJYGuwg0LZTiL8t9Wt+dpn
onT0XTkJr/Ya+KHMJ2XyegJBy5FQruxX/NUQWPVcXTjg+tAUjSfQVaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org