Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/y4bQSuXcwqyu0p0Q21K4mgE8ga0.roa
File: y4bQSuXcwqyu0p0Q21K4mgE8ga0.roa (raw, json)
Hash identifier: RfFM++t01aRlUYfF971PHt9K0ROayLRvz6gb3fNSxRc=
Subject key identifier: CB:86:D0:4A:E5:DC:C2:AC:AE:D2:9D:10:DB:52:B8:9A:01:3C:81:AD
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 0192ECC931BE9FD3E65117CE395B1FD02E49
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/y4bQSuXcwqyu0p0Q21K4mgE8ga0.roa
Signing time: Sat 02 Nov 2024 12:11:01 +0000
ROA not before: Sat 02 Nov 2024 12:11:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58262
IP address blocks: 31.40.3.0/24 maxlen: 24
31.40.4.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
91.226.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:c9:31:be:9f:d3:e6:51:17:ce:39:5b:1f:d0:2e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Nov 2 12:11:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb86d04ae5dcc2acaed29d10db52b89a013c81ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c0:58:28:15:74:04:44:f5:72:24:be:30:66:
74:08:01:9b:92:03:ab:41:6d:49:7c:af:53:2e:0d:
38:4b:8c:8c:bc:41:c6:ce:00:cb:8e:b7:47:e0:6f:
44:c3:a3:ef:87:71:cb:42:d7:91:a0:a7:2f:19:e5:
e0:10:6c:45:b4:51:8f:a8:af:d0:15:0a:9b:81:27:
71:9c:a0:04:9f:32:91:9c:71:a0:58:e9:a2:30:5d:
f5:a3:74:2f:05:8b:cf:50:47:42:29:ea:87:38:2b:
16:1d:48:67:9b:f2:f2:70:a8:b9:6f:c6:aa:6e:2f:
6f:41:f1:73:0d:7a:4c:15:2c:3a:31:c8:a8:ae:3d:
dc:61:e8:c3:cc:3e:d4:66:aa:bc:c2:a9:00:7b:ad:
8e:44:13:2e:e3:6c:b7:dd:dd:6c:8c:b1:0b:79:16:
5e:c4:1f:b6:1e:3a:24:1c:78:d5:a9:d8:69:9c:ff:
05:fc:44:a6:94:cd:ca:63:c3:06:fb:dc:db:bb:a8:
73:09:1d:49:3e:0e:ac:b8:bb:bc:ad:e6:43:04:cb:
28:30:14:33:2f:ca:5d:46:36:42:9a:cb:23:8f:42:
c1:7a:55:8a:f0:c6:96:0c:9d:52:eb:ff:bf:de:43:
0b:5d:df:0b:63:73:71:f3:96:74:d2:8d:88:41:63:
7c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:86:D0:4A:E5:DC:C2:AC:AE:D2:9D:10:DB:52:B8:9A:01:3C:81:AD
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/y4bQSuXcwqyu0p0Q21K4mgE8ga0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.3.0-31.40.5.255
91.226.224.0/24
Signature Algorithm: sha256WithRSAEncryption
24:b8:af:85:e3:b8:51:b4:16:e0:ad:28:f5:eb:ef:1a:1c:d5:
98:72:02:33:2b:67:12:ce:39:42:42:d8:7d:02:ce:da:c8:90:
7a:e0:1b:52:d4:2d:a3:b4:c1:2d:4b:57:11:77:f7:2f:6c:74:
75:7b:57:7f:8c:09:e1:c6:70:f4:ff:e7:b0:dd:a0:97:15:bc:
26:fb:a7:e4:91:9d:c2:cb:09:95:36:fc:0f:07:00:e6:60:1d:
5f:a0:d6:bb:4e:7d:ba:be:e2:36:6f:3b:99:22:e9:e0:41:a4:
96:f8:3b:fb:42:3d:d2:83:a4:b6:f6:0b:e0:ac:8d:c9:60:cf:
2b:5b:e5:76:4b:b0:75:2e:b1:d8:6a:c4:89:58:0d:42:b7:b3:
77:f1:2c:1c:e9:ea:4c:9e:e6:20:14:b5:ec:5e:96:5b:63:d1:
1b:c4:68:90:25:1b:83:1e:15:07:63:84:43:0b:71:9b:1f:55:
15:de:67:7e:41:12:50:06:64:1d:48:e7:c0:f2:d5:a9:24:71:
c6:e1:0b:03:5f:ca:2c:e8:7c:68:bf:bf:59:ab:1f:2a:8d:87:
40:0b:17:34:a0:c6:dc:ed:e2:c6:42:ca:c0:d9:0a:c7:d4:a2:
18:c6:4d:52:54:ad:95:94:e7:f3:59:f6:ef:24:d8:4b:37:f5:
bd:18:56:d2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLsyTG+n9PmURfOOVsf0C5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjQxMTAyMTIxMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjg2ZDA0YWU1ZGNjMmFjYWVkMjlkMTBkYjUyYjg5YTAxM2M4MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8BYKBV0BET1ciS+MGZ0CAGbkgOr
QW1JfK9TLg04S4yMvEHGzgDLjrdH4G9Ew6Pvh3HLQteRoKcvGeXgEGxFtFGPqK/Q
FQqbgSdxnKAEnzKRnHGgWOmiMF31o3QvBYvPUEdCKeqHOCsWHUhnm/LycKi5b8aq
bi9vQfFzDXpMFSw6Mciorj3cYejDzD7UZqq8wqkAe62ORBMu42y33d1sjLELeRZe
xB+2HjokHHjVqdhpnP8F/ESmlM3KY8MG+9zbu6hzCR1JPg6suLu8reZDBMsoMBQz
L8pdRjZCmssjj0LBelWK8MaWDJ1S6/+/3kMLXd8LY3Nx85Z00o2IQWN8dwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMuG0Erl3MKsrtKdENtSuJoBPIGtMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEveTRiUVN1WGN3cXl1MHAwUTIxSzRtZ0U4Z2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfKAMD
BAEfKAQDBABb4uAwDQYJKoZIhvcNAQELBQADggEBACS4r4XjuFG0FuCtKPXr7xoc
1ZhyAjMrZxLOOUJC2H0CztrIkHrgG1LULaO0wS1LVxF39y9sdHV7V3+MCeHGcPT/
57DdoJcVvCb7p+SRncLLCZU2/A8HAOZgHV+g1rtOfbq+4jZvO5ki6eBBpJb4O/tC
PdKDpLb2C+Csjclgzytb5XZLsHUusdhqxIlYDUK3s3fxLBzp6kye5iAUtexelltj
0RvEaJAlG4MeFQdjhEMLcZsfVRXeZ35BElAGZB1I58Dy1akkccbhCwNfyizofGi/
v1mrHyqNh0ALFzSgxtzt4sZCysDZCsfUohjGTVJUrZWU5/NZ9u8k2Es39b0YVtI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:27 2025 by rpki-client