Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b311d4-e358-4721-ab8d-6e6a5f172be3/1/y7dtrFhrQnARbKKC-pnfPe1DSHI.roa
File: y7dtrFhrQnARbKKC-pnfPe1DSHI.roa (raw, json)
Hash identifier: /v4Gr7ROURe4GTrnyrM4myOefUo0SZyxrBAGUh6ataQ=
Subject key identifier: CB:B7:6D:AC:58:6B:42:70:11:6C:A2:82:FA:99:DF:3D:ED:43:48:72
Certificate issuer: /CN=0b1027ace17f0067f697c65361488192eaf64138
Certificate serial: 01856CE625B7CDE02606660390C93205B90D
Authority key identifier: 0B:10:27:AC:E1:7F:00:67:F6:97:C6:53:61:48:81:92:EA:F6:41:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxAnrOF_AGf2l8ZTYUiBkur2QTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b311d4-e358-4721-ab8d-6e6a5f172be3/1/y7dtrFhrQnARbKKC-pnfPe1DSHI.roa
Signing time: Sun 01 Jan 2023 10:35:00 +0000
ROA not before: Sun 01 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209919
IP address blocks: 31.40.244.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:25:b7:cd:e0:26:06:66:03:90:c9:32:05:b9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1027ace17f0067f697c65361488192eaf64138
Validity
Not Before: Jan 1 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbb76dac586b4270116ca282fa99df3ded434872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:73:b6:d5:f0:3c:a7:88:5b:27:92:e0:4f:
c7:a5:9a:d7:22:40:f6:9c:64:f9:7e:e4:58:db:c5:
ef:51:21:24:1c:b7:0a:25:21:d7:31:69:73:94:b0:
e5:79:7d:79:1e:6f:f9:42:54:4e:bd:8c:bd:d3:37:
32:63:c9:2b:a9:4c:14:71:05:a2:41:e2:9b:ee:c6:
dc:b2:8b:c1:79:c9:80:11:bb:c9:27:89:e1:66:8c:
ca:45:86:91:ee:3b:99:d4:f5:e4:31:3a:07:90:bb:
de:a8:bd:1a:62:21:c0:e3:c2:59:28:d5:89:ef:62:
60:95:15:76:aa:5b:f7:db:12:b3:2a:c6:19:7c:f5:
02:42:fc:93:2a:22:b4:83:4d:68:9c:f1:75:ad:b7:
9a:18:92:e0:9e:9b:52:11:fd:a3:d8:59:5f:59:16:
02:59:8c:c4:5a:8b:21:e4:bc:f5:a4:fb:79:0e:97:
e2:ca:e2:ec:43:b9:2f:91:0d:06:aa:00:3d:ad:c2:
00:44:4f:3b:ed:51:db:50:71:c9:6a:6f:24:28:36:
36:59:89:e7:4e:6f:41:2e:71:7a:e5:2f:6a:98:86:
78:3c:0f:35:a3:27:d6:aa:3a:e2:c7:c3:54:60:22:
0f:e2:37:37:05:db:1d:81:29:18:97:d5:d2:a8:65:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B7:6D:AC:58:6B:42:70:11:6C:A2:82:FA:99:DF:3D:ED:43:48:72
X509v3 Authority Key Identifier:
keyid:0B:10:27:AC:E1:7F:00:67:F6:97:C6:53:61:48:81:92:EA:F6:41:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxAnrOF_AGf2l8ZTYUiBkur2QTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b311d4-e358-4721-ab8d-6e6a5f172be3/1/y7dtrFhrQnARbKKC-pnfPe1DSHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b311d4-e358-4721-ab8d-6e6a5f172be3/1/CxAnrOF_AGf2l8ZTYUiBkur2QTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.244.0/22
Signature Algorithm: sha256WithRSAEncryption
79:c9:76:b1:ca:7f:84:a1:ec:c6:8f:81:08:4b:5d:fe:16:2a:
52:c3:0b:ac:89:57:07:57:71:8b:8e:91:5f:01:3a:53:34:79:
13:a7:5f:36:b6:d8:c0:11:45:59:70:e4:2a:eb:2b:85:65:2f:
2e:a7:8a:05:fb:88:04:c5:b0:dc:c0:1c:c4:c9:98:fa:2f:bd:
be:70:8d:81:84:f4:1b:13:c8:b4:2c:05:8d:e4:b6:a1:3f:59:
29:e6:f0:af:53:79:7a:70:b8:83:e4:c5:3e:b6:b6:06:30:c3:
6e:22:5f:15:51:8d:79:fd:60:aa:1b:57:36:60:16:c6:d2:f4:
2b:1f:1f:eb:69:b9:4a:a0:90:38:d0:3d:ea:67:de:0f:24:95:
cb:fc:1e:f4:75:01:8e:4a:d2:b0:86:46:3e:0d:b4:8c:3e:f5:
61:33:ea:ba:49:41:7b:e3:ce:84:06:2b:90:74:a0:17:5e:e5:
e3:9f:52:6b:1c:a0:eb:e8:25:af:00:8f:6a:99:6c:1a:89:61:
22:c0:71:c6:4b:1c:39:c8:b0:ff:bf:d1:4c:fe:28:2d:a9:db:
74:21:e2:32:5e:1c:af:04:ef:47:53:e1:91:c8:80:56:4a:03:
c6:4a:9e:8c:d9:b9:4c:a3:65:cb:bf:51:54:bb:5d:d9:ae:02:
a6:e3:b4:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5iW3zeAmBmYDkMkyBbkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTAyN2FjZTE3ZjAwNjdmNjk3YzY1MzYxNDg4MTkyZWFm
NjQxMzgwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmI3NmRhYzU4NmI0MjcwMTE2Y2EyODJmYTk5ZGYzZGVkNDM0ODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSRzttXwPKeIWyeS4E/HpZrXIkD2
nGT5fuRY28XvUSEkHLcKJSHXMWlzlLDleX15Hm/5QlROvYy90zcyY8krqUwUcQWi
QeKb7sbcsovBecmAEbvJJ4nhZozKRYaR7juZ1PXkMToHkLveqL0aYiHA48JZKNWJ
72JglRV2qlv32xKzKsYZfPUCQvyTKiK0g01onPF1rbeaGJLgnptSEf2j2FlfWRYC
WYzEWosh5Lz1pPt5DpfiyuLsQ7kvkQ0GqgA9rcIARE877VHbUHHJam8kKDY2WYnn
Tm9BLnF65S9qmIZ4PA81oyfWqjrix8NUYCIP4jc3BdsdgSkYl9XSqGW20wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMu3baxYa0JwEWyigvqZ3z3tQ0hyMB8GA1UdIwQY
MBaAFAsQJ6zhfwBn9pfGU2FIgZLq9kE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hBbnJPRl9BR2YybDhaVFlVaUJrdXIyUVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9iMzExZDQtZTM1OC00NzIxLWFiOGQt
NmU2YTVmMTcyYmUzLzEveTdkdHJGaHJRbkFSYktLQy1wbmZQZTFEU0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9iMzExZDQtZTM1OC00NzIxLWFiOGQtNmU2YTVmMTcyYmUz
LzEvQ3hBbnJPRl9BR2YybDhaVFlVaUJrdXIyUVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCHyj0MA0G
CSqGSIb3DQEBCwUAA4IBAQB5yXaxyn+EoezGj4EIS13+FipSwwusiVcHV3GLjpFf
ATpTNHkTp182ttjAEUVZcOQq6yuFZS8up4oF+4gExbDcwBzEyZj6L72+cI2BhPQb
E8i0LAWN5LahP1kp5vCvU3l6cLiD5MU+trYGMMNuIl8VUY15/WCqG1c2YBbG0vQr
Hx/rablKoJA40D3qZ94PJJXL/B70dQGOStKwhkY+DbSMPvVhM+q6SUF7486EBiuQ
dKAXXuXjn1JrHKDr6CWvAI9qmWwaiWEiwHHGSxw5yLD/v9FM/igtqdt0IeIyXhyv
BO9HU+GRyIBWSgPGSp6M2blMo2XLv1FUu13ZrgKm47S/
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:26 2024 by rpki-client on console-fra.rpki-client.org