Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rKIvHQC2LMwPZyPtUl5j0Q3PaHo.roa
File: rKIvHQC2LMwPZyPtUl5j0Q3PaHo.roa (raw, json)
Hash identifier: EEKdB/0QbA+KPCVTENGobqkRi2UDMYbOmuOdLpMiGU4=
Subject key identifier: AC:A2:2F:1D:00:B6:2C:CC:0F:67:23:ED:52:5E:63:D1:0D:CF:68:7A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192CC3FF708FB1F57D7B9194F6FE0E33509
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rKIvHQC2LMwPZyPtUl5j0Q3PaHo.roa
Signing time: Sun 27 Oct 2024 04:33:17 +0000
ROA not before: Sun 27 Oct 2024 04:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134972
IP address blocks: 31.59.132.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 08:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:cc:3f:f7:08:fb:1f:57:d7:b9:19:4f:6f:e0:e3:35:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 27 04:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aca22f1d00b62ccc0f6723ed525e63d10dcf687a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:31:af:e4:72:d4:fd:da:d0:51:ee:5b:ec:8b:
d1:20:a3:4e:79:23:1f:6a:be:46:c9:f5:2e:3a:7b:
bc:6a:a4:0d:39:c2:67:a7:ce:3b:cf:6a:2c:e3:9c:
d6:4d:f9:76:e5:ab:8b:b3:37:67:fe:8a:42:c2:c5:
e4:a9:b1:ef:08:63:9a:ea:5e:ac:b9:6e:20:13:86:
9a:06:9e:68:21:f6:9e:71:d5:25:56:32:04:45:95:
82:9c:99:4e:e0:ab:03:cf:98:a3:df:d0:5b:cb:f3:
15:4c:0b:13:e1:56:b1:9c:2a:a6:cc:d8:61:67:63:
02:b9:0f:a9:07:0e:8a:11:ab:8f:5e:6b:be:c6:f8:
42:63:da:a5:74:bd:10:70:f4:6a:e6:51:97:59:47:
14:97:95:2d:f6:05:a3:0c:75:43:06:ba:56:01:d2:
e9:9d:7f:e8:26:ce:e0:a6:11:73:34:3f:85:6e:80:
fe:a8:75:76:04:1b:be:e9:8f:41:fd:19:ca:5e:40:
15:00:10:8e:80:f5:f2:3e:65:39:dc:d6:9b:2a:70:
a2:9e:32:f4:cd:40:bd:e2:59:23:08:ec:d5:51:de:
29:86:72:df:93:82:db:5f:ff:e6:1a:3e:4e:7f:38:
65:15:fc:7a:a9:c5:04:ac:c3:89:5e:bf:58:18:a3:
7d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A2:2F:1D:00:B6:2C:CC:0F:67:23:ED:52:5E:63:D1:0D:CF:68:7A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rKIvHQC2LMwPZyPtUl5j0Q3PaHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.132.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:c0:11:e6:1c:9d:ba:2c:d6:c8:c5:5d:46:8a:70:7f:04:5b:
ef:df:b5:c0:85:bf:0a:59:0e:6e:91:c4:b5:70:b3:7a:81:86:
85:be:f6:c4:ea:fd:5c:9e:4b:18:76:2b:1d:d5:bd:3d:50:79:
45:37:93:85:ce:c2:08:6a:91:99:12:77:68:e5:c5:de:bb:35:
35:83:7e:20:26:1e:a3:ed:7e:c3:97:24:bf:3f:51:3f:46:fe:
aa:0f:35:a3:05:11:3b:40:18:98:98:a4:2c:64:93:b9:b5:d9:
c9:17:2e:db:cc:68:6c:3f:28:84:1f:71:a3:d6:01:15:28:79:
d7:42:14:62:fd:ab:77:46:c9:81:9a:e5:a9:4f:43:38:8b:8e:
47:32:e5:c1:8d:48:a0:f7:cc:6d:9b:54:18:30:62:20:16:90:
9e:72:b2:92:bd:5b:ac:0a:53:87:12:40:8f:81:ca:46:a4:6b:
f6:fb:83:b0:c8:68:11:ce:43:d8:ed:44:70:bc:30:c8:b4:e5:
28:cd:4e:06:ee:d1:c3:f8:aa:f6:2a:5f:82:2a:16:94:12:3b:
27:75:cb:97:7b:6b:69:b5:71:e7:52:3b:2e:22:9d:8e:f6:91:
1e:89:69:da:95:f6:13:a1:95:77:35:e3:ee:b7:b5:72:40:4a:
10:b6:6a:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLMP/cI+x9X17kZT2/g4zUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDI3MDQzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2EyMmYxZDAwYjYyY2NjMGY2NzIzZWQ1MjVlNjNkMTBkY2Y2ODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzGv5HLU/drQUe5b7IvRIKNOeSMf
ar5GyfUuOnu8aqQNOcJnp847z2os45zWTfl25auLszdn/opCwsXkqbHvCGOa6l6s
uW4gE4aaBp5oIfaecdUlVjIERZWCnJlO4KsDz5ij39Bby/MVTAsT4VaxnCqmzNhh
Z2MCuQ+pBw6KEauPXmu+xvhCY9qldL0QcPRq5lGXWUcUl5Ut9gWjDHVDBrpWAdLp
nX/oJs7gphFzND+FboD+qHV2BBu+6Y9B/RnKXkAVABCOgPXyPmU53NabKnCinjL0
zUC94lkjCOzVUd4phnLfk4LbX//mGj5OfzhlFfx6qcUErMOJXr9YGKN9WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyiLx0AtizMD2cj7VJeY9ENz2h6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcktJdkhRQzJMTXdQWnlQdFVsNWowUTNQYUhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHzuEMA0G
CSqGSIb3DQEBCwUAA4IBAQBOwBHmHJ26LNbIxV1GinB/BFvv37XAhb8KWQ5ukcS1
cLN6gYaFvvbE6v1cnksYdisd1b09UHlFN5OFzsIIapGZEndo5cXeuzU1g34gJh6j
7X7DlyS/P1E/Rv6qDzWjBRE7QBiYmKQsZJO5tdnJFy7bzGhsPyiEH3Gj1gEVKHnX
QhRi/at3RsmBmuWpT0M4i45HMuXBjUig98xtm1QYMGIgFpCecrKSvVusClOHEkCP
gcpGpGv2+4OwyGgRzkPY7URwvDDItOUozU4G7tHD+Kr2Kl+CKhaUEjsndcuXe2tp
tXHnUjsuIp2O9pEeiWnalfYToZV3NePut7VyQEoQtmpU
-----END CERTIFICATE-----
Generated at Thu Nov 7 10:45:01 2024 by rpki-client on console-ams.rpki-client.org