Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/du4bgti-ITMqljSLreTBw_6OaOY.roa
File: du4bgti-ITMqljSLreTBw_6OaOY.roa (raw, json)
Hash identifier: NxeGIiTa0r4N34swrHTHuQvvsGbaQnUFiT14g8tdXNg=
Subject key identifier: 76:EE:1B:82:D8:BE:21:33:2A:96:34:8B:AD:E4:C1:C3:FE:8E:68:E6
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 018BBA6A672DFCCD2BEC48D0FA13B0514546
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/du4bgti-ITMqljSLreTBw_6OaOY.roa
Signing time: Fri 10 Nov 2023 18:06:57 +0000
ROA not before: Fri 10 Nov 2023 18:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216012
IP address blocks: 31.202.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:6a:67:2d:fc:cd:2b:ec:48:d0:fa:13:b0:51:45:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Nov 10 18:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76ee1b82d8be21332a96348bade4c1c3fe8e68e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:35:f6:a5:64:0d:7f:9d:9e:16:5d:cc:86:18:
e6:db:f7:ca:aa:6b:51:93:f5:1a:f1:fd:57:c5:b7:
65:31:78:0d:68:c8:45:cb:d9:4e:89:e0:bf:5a:3c:
29:e5:5a:ba:67:64:49:eb:0d:7b:34:e6:95:47:62:
f7:5b:c2:00:71:4e:c7:57:8e:ed:97:3c:ae:f2:30:
c9:d4:40:3f:f4:9a:37:ea:0a:5c:86:40:0c:07:fc:
62:75:4b:7b:9d:bf:af:06:89:fb:ad:67:cd:af:7b:
0f:26:c2:a8:9f:aa:ec:b6:29:d5:5f:23:74:22:4d:
62:50:17:6b:77:21:5c:48:06:26:a8:15:82:9b:57:
ef:1e:6f:04:5d:f4:19:e4:4b:b9:4d:f3:61:4f:29:
bb:b6:03:33:91:fe:c9:8e:5c:05:10:15:50:02:ba:
fa:c3:f3:83:0c:5b:45:91:c9:a3:d5:66:ef:3a:cb:
0a:df:43:5b:ea:95:b3:00:83:9f:f1:60:32:c1:3e:
f3:28:24:85:16:5d:f3:08:b9:a8:c4:f3:b3:fd:2d:
d6:b2:08:b8:4a:38:d5:8d:6e:94:79:16:59:69:26:
24:e6:d1:53:e9:64:2b:6f:00:57:bf:74:57:ce:74:
fc:6b:89:0c:30:9b:ed:4e:1d:83:c9:98:bb:ae:7d:
f7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EE:1B:82:D8:BE:21:33:2A:96:34:8B:AD:E4:C1:C3:FE:8E:68:E6
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/du4bgti-ITMqljSLreTBw_6OaOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.202.133.0/24
Signature Algorithm: sha256WithRSAEncryption
47:00:d0:04:84:1d:9f:9d:49:b6:f6:ae:8a:16:70:87:bd:9b:
ac:97:e0:8f:df:a6:f4:1a:be:98:06:ae:4b:dc:f3:f4:60:9d:
43:64:2b:ae:2b:f9:74:61:cf:c4:99:cf:33:05:81:e3:b2:1d:
0f:f7:06:e4:84:f1:5b:8b:b1:57:a6:81:68:9b:00:bb:6c:17:
57:03:e7:83:d0:1b:1b:41:84:58:f0:69:08:19:b0:a2:24:13:
44:26:0c:43:64:ff:48:da:73:b0:33:bb:27:15:9f:f7:db:6a:
77:48:3a:32:4b:81:3d:d7:69:8b:82:bd:5a:4d:07:4c:b1:ad:
6c:6e:ca:76:3d:c6:32:52:10:e8:1c:86:07:e0:60:33:4d:5d:
6b:67:ae:f6:02:4a:d3:ba:4e:72:96:bb:76:4b:3c:5b:bd:b8:
51:8e:be:b8:6f:3b:82:e6:ed:9e:0a:c9:87:53:6e:e4:46:22:
ee:f5:dc:aa:2a:b7:f7:1b:65:a7:11:fd:f4:39:24:50:f0:46:
1a:50:b9:3d:fd:79:ee:c7:14:0d:19:84:08:1c:c0:2f:b5:4e:
28:ee:54:12:4a:08:e6:a3:85:88:d7:31:f0:d3:2b:32:28:93:
52:a5:ac:b0:fe:4f:ba:bd:0b:c8:88:05:c6:89:a7:87:9b:61:
7b:85:b9:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu6amct/M0r7EjQ+hOwUUVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2E5YjE3NDVhNWE3MGMzYmY3YmNjMmMyZWUxNjY0NjBh
ZmY3YTgwHhcNMjMxMTEwMTgwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVlMWI4MmQ4YmUyMTMzMmE5NjM0OGJhZGU0YzFjM2ZlOGU2OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDX2pWQNf52eFl3Mhhjm2/fKqmtR
k/Ua8f1XxbdlMXgNaMhFy9lOieC/Wjwp5Vq6Z2RJ6w17NOaVR2L3W8IAcU7HV47t
lzyu8jDJ1EA/9Jo36gpchkAMB/xidUt7nb+vBon7rWfNr3sPJsKon6rstinVXyN0
Ik1iUBdrdyFcSAYmqBWCm1fvHm8EXfQZ5Eu5TfNhTym7tgMzkf7JjlwFEBVQArr6
w/ODDFtFkcmj1WbvOssK30Nb6pWzAIOf8WAywT7zKCSFFl3zCLmoxPOz/S3Wsgi4
SjjVjW6UeRZZaSYk5tFT6WQrbwBXv3RXznT8a4kMMJvtTh2DyZi7rn33LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbuG4LYviEzKpY0i63kwcP+jmjmMB8GA1UdIwQY
MBaAFK56mxdFpacMO/e8wsLuFmRgr/eoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMt
Y2M5YTc1OGM5OTE2LzEvZHU0Ymd0aS1JVE1xbGpTTHJlVEJ3XzZPYU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82ZTkwOWQtZDMyNS00OGExLTk0NDMtY2M5YTc1OGM5OTE2
LzEvcm5xYkYwV2xwd3c3OTd6Q3d1NFdaR0N2OTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8qFMA0G
CSqGSIb3DQEBCwUAA4IBAQBHANAEhB2fnUm29q6KFnCHvZusl+CP36b0Gr6YBq5L
3PP0YJ1DZCuuK/l0Yc/Emc8zBYHjsh0P9wbkhPFbi7FXpoFomwC7bBdXA+eD0Bsb
QYRY8GkIGbCiJBNEJgxDZP9I2nOwM7snFZ/322p3SDoyS4E912mLgr1aTQdMsa1s
bsp2PcYyUhDoHIYH4GAzTV1rZ672AkrTuk5ylrt2SzxbvbhRjr64bzuC5u2eCsmH
U27kRiLu9dyqKrf3G2WnEf30OSRQ8EYaULk9/XnuxxQNGYQIHMAvtU4o7lQSSgjm
o4WI1zHw0ysyKJNSpayw/k+6vQvIiAXGiaeHm2F7hbke
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:10 2024 by rpki-client on console-ams.rpki-client.org