Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/CF_Msgl7n-dqbJRPMwFp9STLUCY.roa
File: CF_Msgl7n-dqbJRPMwFp9STLUCY.roa (raw, json)
Hash identifier: b9CkI8hDVHVpcsTQUn6C3Exr22qwViKQAtZbBmwyi3g=
Subject key identifier: 08:5F:CC:B2:09:7B:9F:E7:6A:6C:94:4F:33:01:69:F5:24:CB:50:26
Certificate issuer: /CN=23f87aa18dda6a5d48af80390b2827808cfef285
Certificate serial: 01856E0AF9055B73354AA367691510D76623
Authority key identifier: 23:F8:7A:A1:8D:DA:6A:5D:48:AF:80:39:0B:28:27:80:8C:FE:F2:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I_h6oY3aal1Ir4A5CygngIz-8oU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/CF_Msgl7n-dqbJRPMwFp9STLUCY.roa
Signing time: Sun 01 Jan 2023 15:54:50 +0000
ROA not before: Sun 01 Jan 2023 15:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35112
IP address blocks: 31.24.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:f9:05:5b:73:35:4a:a3:67:69:15:10:d7:66:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23f87aa18dda6a5d48af80390b2827808cfef285
Validity
Not Before: Jan 1 15:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085fccb2097b9fe76a6c944f330169f524cb5026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f4:1b:38:39:b2:0e:10:c3:06:26:12:5d:04:
42:c6:e8:4a:ae:6f:a1:c9:3b:d6:9b:14:52:f2:e1:
bd:4a:88:ed:b8:4e:bb:6f:ae:3f:88:7b:e2:2b:da:
71:8f:52:aa:85:f2:99:64:73:7c:5f:2a:ac:1f:50:
55:eb:d2:39:9f:69:1d:74:f6:8b:ba:3a:fc:df:87:
8a:59:67:ec:29:aa:11:d1:c2:2f:27:e7:28:96:76:
04:70:d0:08:c4:29:e8:0c:cd:72:2f:d5:fc:48:39:
77:ef:30:c8:51:d1:63:e5:9e:f8:c9:62:a9:41:90:
9e:cf:d4:4c:8e:9b:87:e0:09:02:58:db:7f:7e:d7:
2d:14:47:85:19:0b:5b:85:c3:72:2c:90:0c:06:6b:
ca:87:c0:cf:6a:b1:f7:a6:dd:7a:3c:13:a9:31:fc:
36:27:c4:c3:46:27:f1:1f:b9:aa:6c:e1:e1:86:a3:
96:38:bd:22:20:3b:f6:eb:cc:1e:9b:65:49:48:88:
85:ad:06:9e:78:f5:2f:64:8e:63:51:f4:48:8d:f5:
5e:0a:3a:1e:1c:45:98:1b:ce:48:9d:32:c9:ef:d6:
ec:3d:e4:2c:2d:4b:02:0e:cf:96:14:a0:28:c7:8c:
ea:02:15:4d:fb:00:1d:91:2b:34:3f:6c:09:3c:68:
79:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5F:CC:B2:09:7B:9F:E7:6A:6C:94:4F:33:01:69:F5:24:CB:50:26
X509v3 Authority Key Identifier:
keyid:23:F8:7A:A1:8D:DA:6A:5D:48:AF:80:39:0B:28:27:80:8C:FE:F2:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_h6oY3aal1Ir4A5CygngIz-8oU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/CF_Msgl7n-dqbJRPMwFp9STLUCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/c185f6-6274-49da-b2ef-6000cb2d5990/1/I_h6oY3aal1Ir4A5CygngIz-8oU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.87.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:00:15:5e:67:72:52:81:df:4b:78:fb:81:2f:2e:3a:ec:89:
44:b5:6a:21:be:a7:40:6a:ba:9a:36:24:40:73:72:31:1a:99:
81:c7:a3:a4:b2:81:ef:b5:11:3a:00:5a:33:68:fd:f1:61:ae:
4f:03:8e:4b:b4:f5:ac:c2:67:6b:9c:0e:09:33:62:29:c0:59:
8a:12:e4:ef:e5:dd:33:7f:e7:29:8a:21:4e:85:bd:f5:1d:4a:
d4:00:17:98:5a:63:58:f2:ce:0c:86:d3:ac:a2:f6:61:15:9b:
6b:43:5d:ee:d0:80:c1:75:91:26:d2:4c:ad:7c:6b:1a:7c:2a:
07:26:45:24:98:a6:45:98:3f:cc:cc:1d:b1:6c:d9:39:b1:ea:
41:f8:92:7a:76:91:7b:61:92:38:44:7e:f4:69:8c:ad:b1:e1:
d0:1c:97:78:39:7c:a3:7a:39:cc:d2:e7:4f:57:10:1b:8d:28:
06:93:3c:1b:b7:0f:42:e5:63:91:e9:e5:ff:5a:ae:75:ad:a5:
7a:e5:f9:35:8a:38:23:e9:38:40:82:01:c0:45:06:40:0c:46:
12:1d:83:a8:a5:d2:ca:53:8f:27:26:41:57:1e:0c:b3:af:95:
38:e1:b6:c0:8a:64:2a:f8:e0:64:d8:76:d7:41:05:6d:85:43:
20:da:e9:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuCvkFW3M1SqNnaRUQ12YjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjg3YWExOGRkYTZhNWQ0OGFmODAzOTBiMjgyNzgwOGNm
ZWYyODUwHhcNMjMwMTAxMTU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVmY2NiMjA5N2I5ZmU3NmE2Yzk0NGYzMzAxNjlmNTI0Y2I1MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PQbODmyDhDDBiYSXQRCxuhKrm+h
yTvWmxRS8uG9SojtuE67b64/iHviK9pxj1KqhfKZZHN8XyqsH1BV69I5n2kddPaL
ujr834eKWWfsKaoR0cIvJ+colnYEcNAIxCnoDM1yL9X8SDl37zDIUdFj5Z74yWKp
QZCez9RMjpuH4AkCWNt/ftctFEeFGQtbhcNyLJAMBmvKh8DParH3pt16PBOpMfw2
J8TDRifxH7mqbOHhhqOWOL0iIDv268wem2VJSIiFrQaeePUvZI5jUfRIjfVeCjoe
HEWYG85InTLJ79bsPeQsLUsCDs+WFKAox4zqAhVN+wAdkSs0P2wJPGh5kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhfzLIJe5/namyUTzMBafUky1AmMB8GA1UdIwQY
MBaAFCP4eqGN2mpdSK+AOQsoJ4CM/vKFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9oNm9ZM2FhbDFJcjRBNUN5Z25nSXotOG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9jMTg1ZjYtNjI3NC00OWRhLWIyZWYt
NjAwMGNiMmQ1OTkwLzEvQ0ZfTXNnbDduLWRxYkpSUE13RnA5U1RMVUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9jMTg1ZjYtNjI3NC00OWRhLWIyZWYtNjAwMGNiMmQ1OTkw
LzEvSV9oNm9ZM2FhbDFJcjRBNUN5Z25nSXotOG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxhXMA0G
CSqGSIb3DQEBCwUAA4IBAQAfABVeZ3JSgd9LePuBLy467IlEtWohvqdAarqaNiRA
c3IxGpmBx6OksoHvtRE6AFozaP3xYa5PA45LtPWswmdrnA4JM2IpwFmKEuTv5d0z
f+cpiiFOhb31HUrUABeYWmNY8s4MhtOsovZhFZtrQ13u0IDBdZEm0kytfGsafCoH
JkUkmKZFmD/MzB2xbNk5sepB+JJ6dpF7YZI4RH70aYytseHQHJd4OXyjejnM0udP
VxAbjSgGkzwbtw9C5WOR6eX/Wq51raV65fk1ijgj6ThAggHARQZADEYSHYOopdLK
U48nJkFXHgyzr5U44bbAimQq+OBk2HbXQQVthUMg2unV
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:09 2024 by rpki-client on console-ams.rpki-client.org