Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CQdK8QmbzMNYq2qN9P6FGoaA_Kw.roa
File: CQdK8QmbzMNYq2qN9P6FGoaA_Kw.roa (raw, json)
Hash identifier: G2L5QNzikWekv65m5dechQzAvq8ZRGl7dX2ImPiojvA=
Subject key identifier: 09:07:4A:F1:09:9B:CC:C3:58:AB:6A:8D:F4:FE:85:1A:86:80:FC:AC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01919D0BD18137FFA460BDCFF235DE7FA252
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CQdK8QmbzMNYq2qN9P6FGoaA_Kw.roa
Signing time: Thu 29 Aug 2024 07:31:22 +0000
ROA not before: Thu 29 Aug 2024 07:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215211
IP address blocks: 31.57.128.0/17 maxlen: 24
217.60.0.0/17 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Sep 2024 18:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:0b:d1:81:37:ff:a4:60:bd:cf:f2:35:de:7f:a2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 29 07:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09074af1099bccc358ab6a8df4fe851a8680fcac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:1f:0e:cc:73:77:18:e2:30:ec:c1:59:38:
5e:4b:10:51:99:25:af:bc:f8:a8:49:9d:c3:9b:2d:
57:b5:7d:7e:f3:16:03:cd:7c:51:94:26:12:32:01:
3b:61:b0:dc:e2:4a:b6:f5:86:6d:9d:3e:77:6c:c3:
9b:82:ea:6f:a6:74:b0:ea:49:49:0f:64:fb:53:ae:
f1:ab:fb:24:93:f3:9b:69:a2:5f:1d:7e:1f:e8:f1:
11:a7:df:79:8d:ea:45:8b:b8:5b:a1:6b:7d:84:6a:
06:5f:ca:c9:21:6b:5e:26:0b:c1:2f:3c:df:e6:d0:
e4:f2:85:58:24:55:ac:84:be:c8:2e:4d:52:93:68:
2a:e0:22:6f:b2:8e:33:3e:d8:9b:06:15:4b:3b:2c:
c5:24:d1:10:66:8e:4c:0f:61:fb:ec:31:07:ed:99:
68:1b:c6:cd:b2:cb:1b:0d:cc:81:cd:e7:1e:02:a2:
a9:9f:73:c6:fa:25:02:d0:40:6d:35:62:f1:0a:7c:
3f:fd:2c:a2:bf:e4:f9:8e:b1:5f:c8:d3:8a:f9:4c:
a1:a7:9a:fc:a3:15:5c:99:b7:0e:6d:83:df:9f:e9:
a6:22:99:f0:97:2b:7e:5d:df:b7:df:c3:8c:09:ae:
9e:85:44:be:67:c1:ce:d8:2f:fb:74:3b:38:dd:5b:
8e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:07:4A:F1:09:9B:CC:C3:58:AB:6A:8D:F4:FE:85:1A:86:80:FC:AC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CQdK8QmbzMNYq2qN9P6FGoaA_Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.128.0/17
217.60.0.0/17
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
35:c2:71:ee:09:e6:04:17:d3:f8:a8:30:4b:78:58:93:5c:e5:
00:5d:98:ef:83:02:6b:e9:68:9d:19:8e:79:40:a9:9f:57:90:
66:bb:48:14:f9:7e:bb:80:84:aa:81:77:4d:ae:cc:02:b5:c8:
7b:24:96:39:7c:46:38:16:0a:11:53:22:da:63:cb:8b:c5:9f:
c0:db:f2:34:de:77:da:9a:60:5d:00:c5:26:73:89:23:f3:98:
bd:3b:42:18:93:02:c1:93:f1:85:0f:49:ed:a5:17:24:d2:ff:
b9:38:03:1a:d0:1a:ae:d5:03:d2:26:2b:67:32:01:42:31:e1:
0b:71:dc:87:df:f8:ea:68:e9:19:d8:bd:df:86:ee:25:bf:da:
27:0b:58:69:2f:3b:d9:df:fd:a9:b5:ad:98:03:4a:4d:2c:b6:
ad:7f:41:4b:c4:1a:6c:c4:28:dd:66:5f:38:00:bc:ef:b9:9d:
66:5a:d1:5d:b2:83:6a:a3:2c:d1:b3:f2:07:fc:06:de:f8:07:
c8:fb:b3:67:44:93:40:a9:c6:49:81:ec:22:3f:d9:b3:97:f0:
81:22:66:10:23:a1:16:11:35:ae:95:cf:77:52:27:2a:30:d8:
10:4f:2c:cc:39:52:8b:dd:3a:08:fc:4e:66:68:10:66:da:1f:
b2:08:ec:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGdC9GBN/+kYL3P8jXef6JSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwODI5MDczMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTA3NGFmMTA5OWJjY2MzNThhYjZhOGRmNGZlODUxYTg2ODBmY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6UfDsxzdxjiMOzBWTheSxBRmSWv
vPioSZ3Dmy1XtX1+8xYDzXxRlCYSMgE7YbDc4kq29YZtnT53bMObgupvpnSw6klJ
D2T7U67xq/skk/ObaaJfHX4f6PERp995jepFi7hboWt9hGoGX8rJIWteJgvBLzzf
5tDk8oVYJFWshL7ILk1Sk2gq4CJvso4zPtibBhVLOyzFJNEQZo5MD2H77DEH7Zlo
G8bNsssbDcyBzeceAqKpn3PG+iUC0EBtNWLxCnw//Syiv+T5jrFfyNOK+Uyhp5r8
oxVcmbcObYPfn+mmIpnwlyt+Xd+338OMCa6ehUS+Z8HO2C/7dDs43VuO2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAkHSvEJm8zDWKtqjfT+hRqGgPysMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQ1FkSzhRbWJ6TU5ZcTJxTjlQNkZHb2FBX0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHHzmAAwQH
2TwAMA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQA1wnHuCeYEF9P4
qDBLeFiTXOUAXZjvgwJr6WidGY55QKmfV5Bmu0gU+X67gISqgXdNrswCtch7JJY5
fEY4FgoRUyLaY8uLxZ/A2/I03nfammBdAMUmc4kj85i9O0IYkwLBk/GFD0ntpRck
0v+5OAMa0Bqu1QPSJitnMgFCMeELcdyH3/jqaOkZ2L3fhu4lv9onC1hpLzvZ3/2p
ta2YA0pNLLatf0FLxBpsxCjdZl84ALzvuZ1mWtFdsoNqoyzRs/IH/Abe+AfI+7Nn
RJNAqcZJgewiP9mzl/CBImYQI6EWETWulc93UicqMNgQTyzMOVKL3ToI/E5maBBm
2h+yCOy4
-----END CERTIFICATE-----
Generated at Wed Sep 4 20:25:23 2024 by rpki-client on console-fra.rpki-client.org