Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/dU2a7gKll3lGqqrCWII0VSrM4Jg.roa
File: dU2a7gKll3lGqqrCWII0VSrM4Jg.roa (raw, json)
Hash identifier: DGSCKTp4xRhIC0Dbs2FNRaumiEuJodLCphIPK0qkx6s=
Subject key identifier: 75:4D:9A:EE:02:A5:97:79:46:AA:AA:C2:58:82:34:55:2A:CC:E0:98
Certificate issuer: /CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Certificate serial: 01856D4AA80752DA8651A1DC5A3527555200
Authority key identifier: 40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/dU2a7gKll3lGqqrCWII0VSrM4Jg.roa
Signing time: Sun 01 Jan 2023 12:24:47 +0000
ROA not before: Sun 01 Jan 2023 12:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12985
IP address blocks: 31.41.136.0/21 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:a8:07:52:da:86:51:a1:dc:5a:35:27:55:52:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ea5e39f8635736e48df53822a5cacc10b43a1f
Validity
Not Before: Jan 1 12:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=754d9aee02a5977946aaaac2588234552acce098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:bb:7d:d7:7e:e5:89:d2:6e:dd:4c:f6:e8:
9f:01:f5:89:db:2a:a6:46:70:91:5c:09:ba:44:c2:
7f:a6:31:3a:bc:c8:88:81:f7:b4:8c:1c:d6:a8:38:
eb:17:30:9d:b0:88:09:1b:1d:06:15:00:52:36:f5:
0a:d2:5c:56:3a:7f:95:b1:1c:08:13:ee:dc:60:cb:
40:8b:da:d4:dd:72:0a:a8:ba:77:4e:dc:3b:d0:a9:
66:ff:e7:49:8e:ca:31:b0:31:85:12:3a:c0:d1:8d:
2d:66:81:00:aa:19:e8:db:22:d8:58:a8:c1:2b:6f:
b7:de:5a:59:f1:51:90:60:b9:b6:c4:1f:ab:23:06:
e2:72:31:72:d8:71:32:d2:13:82:9d:e8:70:a0:2a:
50:67:85:cd:c9:1c:a0:e1:45:85:be:c7:6b:8a:6d:
e6:6d:d3:df:60:34:0c:17:92:bf:1f:ed:29:25:5c:
32:4b:b5:b6:27:8c:e1:b0:bd:c7:57:c6:4f:20:98:
0f:5c:35:60:44:3b:33:76:06:2a:bc:dd:c0:71:e5:
aa:9a:40:ef:dd:45:b6:b5:5f:0d:75:a8:8d:fd:9e:
52:53:5c:a7:35:ff:9b:ef:f0:03:ea:6d:17:5f:cc:
fd:d2:e5:1a:df:ff:d8:05:0c:20:b7:d0:e8:4b:36:
10:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4D:9A:EE:02:A5:97:79:46:AA:AA:C2:58:82:34:55:2A:CC:E0:98
X509v3 Authority Key Identifier:
keyid:40:EA:5E:39:F8:63:57:36:E4:8D:F5:38:22:A5:CA:CC:10:B4:3A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/dU2a7gKll3lGqqrCWII0VSrM4Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/b62439-7e47-42e1-8fdc-18e91296022d/1/QOpeOfhjVzbkjfU4IqXKzBC0Oh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.136.0/21
Signature Algorithm: sha256WithRSAEncryption
63:3f:b7:61:71:25:11:f6:f9:b3:9c:28:6d:7c:06:55:84:7f:
4a:3d:51:1f:c2:a2:3f:31:fb:9c:33:0a:3b:e0:2d:3a:44:ba:
35:b5:3b:c6:48:17:28:64:e2:db:7e:35:c9:b6:99:fa:e4:ff:
f8:4d:d3:50:63:24:c8:2e:3c:b9:97:59:42:eb:80:67:8a:2b:
a5:03:f4:c3:15:ff:0d:17:15:82:c0:25:0a:9e:18:8f:29:c9:
bb:1f:61:de:65:8c:ed:95:1c:11:0b:e0:f2:a1:a0:29:0f:4e:
6c:a7:5d:56:5e:5e:d5:0a:d3:af:37:fd:e7:bc:b9:23:e9:e9:
20:29:12:c6:fd:c7:31:b3:a3:b8:45:65:48:e9:e4:6d:ae:0e:
95:94:41:42:3d:db:39:ef:cd:a6:1a:21:98:de:8b:89:81:24:
75:45:77:80:36:59:0a:e6:54:52:ad:61:40:59:e0:87:6f:a0:
17:d9:87:1f:d1:08:24:1f:87:79:6b:57:93:24:6d:17:01:21:
af:55:4e:19:71:2b:6e:17:71:94:ff:3f:78:ab:86:e1:c6:80:
c0:0d:b5:42:ca:09:22:9d:fa:89:09:17:cd:d0:76:ec:36:59:
a5:46:34:87:7e:1e:21:24:03:07:d2:65:ef:68:9b:fd:fc:7f:
76:e4:e0:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSqgHUtqGUaHcWjUnVVIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWE1ZTM5Zjg2MzU3MzZlNDhkZjUzODIyYTVjYWNjMTBi
NDNhMWYwHhcNMjMwMTAxMTIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRkOWFlZTAyYTU5Nzc5NDZhYWFhYzI1ODgyMzQ1NTJhY2NlMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHa7fdd+5YnSbt1M9uifAfWJ2yqm
RnCRXAm6RMJ/pjE6vMiIgfe0jBzWqDjrFzCdsIgJGx0GFQBSNvUK0lxWOn+VsRwI
E+7cYMtAi9rU3XIKqLp3Ttw70Klm/+dJjsoxsDGFEjrA0Y0tZoEAqhno2yLYWKjB
K2+33lpZ8VGQYLm2xB+rIwbicjFy2HEy0hOCnehwoCpQZ4XNyRyg4UWFvsdrim3m
bdPfYDQMF5K/H+0pJVwyS7W2J4zhsL3HV8ZPIJgPXDVgRDszdgYqvN3AceWqmkDv
3UW2tV8NdaiN/Z5SU1ynNf+b7/AD6m0XX8z90uUa3//YBQwgt9DoSzYQywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVNmu4CpZd5RqqqwliCNFUqzOCYMB8GA1UdIwQY
MBaAFEDqXjn4Y1c25I31OCKlyswQtDofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMt
MThlOTEyOTYwMjJkLzEvZFUyYTdnS2xsM2xHcXFyQ1dJSTBWU3JNNEpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9iNjI0MzktN2U0Ny00MmUxLThmZGMtMThlOTEyOTYwMjJk
LzEvUU9wZU9maGpWemJramZVNElxWEt6QkMwT2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHymIMA0G
CSqGSIb3DQEBCwUAA4IBAQBjP7dhcSUR9vmznChtfAZVhH9KPVEfwqI/MfucMwo7
4C06RLo1tTvGSBcoZOLbfjXJtpn65P/4TdNQYyTILjy5l1lC64BniiulA/TDFf8N
FxWCwCUKnhiPKcm7H2HeZYztlRwRC+DyoaApD05sp11WXl7VCtOvN/3nvLkj6ekg
KRLG/ccxs6O4RWVI6eRtrg6VlEFCPds5782mGiGY3ouJgSR1RXeANlkK5lRSrWFA
WeCHb6AX2Ycf0QgkH4d5a1eTJG0XASGvVU4ZcStuF3GU/z94q4bhxoDADbVCygki
nfqJCRfN0HbsNlmlRjSHfh4hJAMH0mXvaJv9/H925OBC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:20 2024 by rpki-client on console-fra.rpki-client.org