Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NuqZcY_yAYDBKIwbMzxqzKk_WMw.roa
File: NuqZcY_yAYDBKIwbMzxqzKk_WMw.roa (raw, json)
Hash identifier: 3S4M/4Z/rVT9K30cxqIan8eXuhk/aFovNstBKPJuE+s=
Subject key identifier: 36:EA:99:71:8F:F2:01:80:C1:28:8C:1B:33:3C:6A:CC:A9:3F:58:CC
Certificate issuer: /CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Certificate serial: 018C892824BDD1A88E602B9DC545E10CB470
Authority key identifier: 34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NuqZcY_yAYDBKIwbMzxqzKk_WMw.roa
Signing time: Wed 20 Dec 2023 21:35:58 +0000
ROA not before: Wed 20 Dec 2023 21:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 31.193.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:28:24:bd:d1:a8:8e:60:2b:9d:c5:45:e1:0c:b4:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a2ea557b42a9fd3a80211506193c2b3389dc6f
Validity
Not Before: Dec 20 21:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36ea99718ff20180c1288c1b333c6acca93f58cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:30:4f:da:0a:99:92:c2:c8:5f:e2:81:a2:c5:
44:e0:0c:a5:83:58:04:c8:8c:17:33:dc:31:63:b1:
09:d3:eb:37:b8:1f:fd:c3:cc:50:23:49:db:25:5e:
10:89:8f:0e:51:57:12:11:6f:06:87:d5:c5:e1:0c:
0c:1a:f7:31:16:b9:77:1c:87:6b:af:cb:f1:0a:b1:
2f:1d:fe:2f:ab:e9:a7:1a:e8:bd:f3:13:3c:5b:2b:
16:5f:60:2e:75:f8:88:91:1d:bc:2d:ae:eb:21:61:
65:7c:1b:ab:df:1e:11:53:de:65:14:79:b6:36:59:
1e:b4:48:a0:92:50:1e:fa:bb:98:fb:86:77:3b:4b:
5a:7f:32:ec:a4:56:03:66:a7:4f:d7:99:e9:d4:51:
8a:ae:a5:65:c5:84:19:ea:21:aa:97:3c:27:aa:d1:
b6:f7:b0:37:7b:d0:b6:32:6c:98:ec:4c:b8:1d:41:
4f:e9:10:71:9e:07:82:53:01:ca:b7:29:f7:2a:ad:
fc:0d:cb:6f:64:e3:c1:29:85:77:cf:e6:e1:32:1a:
55:c6:f3:de:8b:7b:06:78:a8:65:49:65:83:bf:87:
31:78:81:20:27:9a:18:15:a2:96:63:0a:42:8f:71:
b2:45:4e:39:d2:3a:3f:dd:c6:7b:65:90:c5:57:2d:
5f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:EA:99:71:8F:F2:01:80:C1:28:8C:1B:33:3C:6A:CC:A9:3F:58:CC
X509v3 Authority Key Identifier:
keyid:34:A2:EA:55:7B:42:A9:FD:3A:80:21:15:06:19:3C:2B:33:89:DC:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKLqVXtCqf06gCEVBhk8KzOJ3G8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NuqZcY_yAYDBKIwbMzxqzKk_WMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/31315c-81a4-4969-8571-d76346a7adc6/1/NKLqVXtCqf06gCEVBhk8KzOJ3G8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.191.0/24
Signature Algorithm: sha256WithRSAEncryption
40:4f:48:f9:bc:19:72:65:70:a2:33:bd:76:64:c3:d6:bd:06:
7d:ef:7f:97:22:35:39:45:78:cc:26:f6:b3:3a:2b:b4:53:b9:
d3:6c:b2:26:ad:17:c1:12:a9:bb:f7:13:9f:92:ef:75:79:bc:
15:52:25:09:70:f4:ed:a8:e2:1a:a4:e8:9b:8f:f2:70:bd:f2:
be:5b:a8:9d:06:c5:eb:9d:36:2a:03:4e:1b:b6:2e:5c:a0:aa:
ed:dc:27:87:30:36:2b:2b:e8:e3:08:df:a3:ca:ba:70:fd:5f:
81:df:eb:85:9e:0a:a9:bd:0d:48:93:c2:57:4e:d0:9d:a5:0a:
ad:aa:43:a5:3d:04:20:68:64:a2:90:a9:b6:87:08:38:f6:ab:
31:57:32:d5:d0:e4:bd:40:a9:be:b6:30:39:bf:53:05:95:da:
df:e0:05:17:3e:66:d2:9c:e6:ce:fc:a0:d3:23:3a:7d:5b:05:
4b:8a:fc:8b:8c:47:31:66:84:77:75:35:97:3e:cd:86:8f:92:
7b:92:55:6e:26:b3:78:7f:72:73:51:f0:10:c9:56:81:2c:ca:
e9:f3:b3:39:5d:aa:a5:17:67:40:11:c4:a9:5e:d2:ad:e4:32:
69:4c:f4:f1:70:e3:06:47:af:0e:28:e8:38:d5:94:b9:86:da:
83:02:f8:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyJKCS90aiOYCudxUXhDLRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTJlYTU1N2I0MmE5ZmQzYTgwMjExNTA2MTkzYzJiMzM4
OWRjNmYwHhcNMjMxMjIwMjEzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVhOTk3MThmZjIwMTgwYzEyODhjMWIzMzNjNmFjY2E5M2Y1OGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTBP2gqZksLIX+KBosVE4Aylg1gE
yIwXM9wxY7EJ0+s3uB/9w8xQI0nbJV4QiY8OUVcSEW8Gh9XF4QwMGvcxFrl3HIdr
r8vxCrEvHf4vq+mnGui98xM8WysWX2AudfiIkR28La7rIWFlfBur3x4RU95lFHm2
NlketEigklAe+ruY+4Z3O0tafzLspFYDZqdP15np1FGKrqVlxYQZ6iGqlzwnqtG2
97A3e9C2MmyY7Ey4HUFP6RBxngeCUwHKtyn3Kq38DctvZOPBKYV3z+bhMhpVxvPe
i3sGeKhlSWWDv4cxeIEgJ5oYFaKWYwpCj3GyRU450jo/3cZ7ZZDFVy1fKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbqmXGP8gGAwSiMGzM8asypP1jMMB8GA1UdIwQY
MBaAFDSi6lV7Qqn9OoAhFQYZPCszidxvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEt
ZDc2MzQ2YTdhZGM2LzEvTnVxWmNZX3lBWURCS0l3Yk16eHF6S2tfV013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zMTMxNWMtODFhNC00OTY5LTg1NzEtZDc2MzQ2YTdhZGM2
LzEvTktMcVZYdENxZjA2Z0NFVkJoazhLek9KM0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8G/MA0G
CSqGSIb3DQEBCwUAA4IBAQBAT0j5vBlyZXCiM712ZMPWvQZ973+XIjU5RXjMJvaz
Oiu0U7nTbLImrRfBEqm79xOfku91ebwVUiUJcPTtqOIapOibj/JwvfK+W6idBsXr
nTYqA04bti5coKrt3CeHMDYrK+jjCN+jyrpw/V+B3+uFngqpvQ1Ik8JXTtCdpQqt
qkOlPQQgaGSikKm2hwg49qsxVzLV0OS9QKm+tjA5v1MFldrf4AUXPmbSnObO/KDT
Izp9WwVLivyLjEcxZoR3dTWXPs2Gj5J7klVuJrN4f3JzUfAQyVaBLMrp87M5Xaql
F2dAEcSpXtKt5DJpTPTxcOMGR68OKOg41ZS5htqDAvgo
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:16 2024 by rpki-client on console-fra.rpki-client.org