Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/oatfaJk8RUZ7PY4GuVZwjI_dNPs.roa
File: oatfaJk8RUZ7PY4GuVZwjI_dNPs.roa (raw, json)
Hash identifier: 4wSl6tXz/dG5B7sJ6qH6pm3lx31TuFy9Amc89GrT3Po=
Subject key identifier: A1:AB:5F:68:99:3C:45:46:7B:3D:8E:06:B9:56:70:8C:8F:DD:34:FB
Certificate issuer: /CN=79b6ceac5d42a637f36ba1e3fdae90ad5fee2cff
Certificate serial: 0189EB8265B238227F2A8921AFD247B6BA7F
Authority key identifier: 79:B6:CE:AC:5D:42:A6:37:F3:6B:A1:E3:FD:AE:90:AD:5F:EE:2C:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/oatfaJk8RUZ7PY4GuVZwjI_dNPs.roa
Signing time: Sat 12 Aug 2023 20:48:58 +0000
ROA not before: Sat 12 Aug 2023 20:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209733
IP address blocks: 31.24.252.0/24 maxlen: 24
2a13:fb80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 31 Aug 2023 12:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:eb:82:65:b2:38:22:7f:2a:89:21:af:d2:47:b6:ba:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79b6ceac5d42a637f36ba1e3fdae90ad5fee2cff
Validity
Not Before: Aug 12 20:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1ab5f68993c45467b3d8e06b956708c8fdd34fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:eb:03:6b:98:7c:11:d9:9a:4b:97:b2:3e:
9e:c2:c6:ba:e3:1b:1b:5b:c4:c6:e0:15:82:79:43:
9e:1e:ff:57:c1:18:b4:48:b0:2f:5a:fe:61:ad:b6:
6a:7f:da:84:a0:9f:47:0d:1b:19:48:7b:86:85:5e:
f0:f9:02:ca:11:3f:9f:4b:e0:2e:83:2e:77:19:a9:
1a:2d:00:c3:92:12:dc:09:1d:20:d1:2d:bd:bb:5d:
e6:66:51:d6:6f:a3:bb:4e:8f:54:36:58:bc:da:a2:
f7:89:d9:1c:a6:e5:bc:d6:cd:43:d0:96:5b:3a:a8:
58:7e:94:f7:d7:16:86:6c:a5:b3:2b:7c:b7:d1:78:
aa:ae:b8:89:6e:e5:cb:87:d0:7d:f0:19:0a:19:e6:
48:e4:2e:77:94:0f:52:3a:47:72:3d:45:72:8f:da:
b6:73:c0:b4:3e:6d:94:2f:38:ac:9b:d0:35:c9:b1:
89:20:c1:85:07:67:12:33:0c:d8:09:43:5d:c6:1d:
00:cc:e7:86:04:60:02:6d:7b:e1:1b:8d:c2:61:91:
95:75:70:25:de:88:2d:e4:47:35:6e:30:be:96:f7:
79:82:3f:84:82:a9:b7:2b:fe:85:1e:aa:d7:d5:e2:
36:a6:d4:2b:ae:8a:6e:31:65:52:cd:0f:32:cf:5f:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AB:5F:68:99:3C:45:46:7B:3D:8E:06:B9:56:70:8C:8F:DD:34:FB
X509v3 Authority Key Identifier:
keyid:79:B6:CE:AC:5D:42:A6:37:F3:6B:A1:E3:FD:AE:90:AD:5F:EE:2C:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/oatfaJk8RUZ7PY4GuVZwjI_dNPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a7d421-e8cd-4929-aed0-4fe3f61110de/1/ebbOrF1Cpjfza6Hj_a6QrV_uLP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.252.0/24
IPv6:
2a13:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
3e:b9:d7:f4:4e:18:0a:d0:d6:7a:f9:72:e9:7b:f1:22:6c:d9:
6e:fc:24:6f:29:39:a3:53:bf:61:f7:f1:83:41:49:2a:c3:f8:
96:63:a2:42:40:ab:21:c0:61:de:ed:96:2e:d1:5c:8c:22:ea:
f0:00:39:af:38:37:6f:24:ac:4c:09:a9:2c:ce:36:cc:f6:b0:
ae:7c:6c:33:a8:2c:22:bb:e5:30:c8:34:47:29:0d:1f:e2:45:
50:42:98:bb:38:11:00:7a:8c:56:09:f9:b4:c9:b1:44:48:5f:
0e:d2:62:08:a6:38:8b:47:c9:a3:b3:36:3f:4d:ca:8b:10:fb:
f3:73:c8:d1:10:60:8a:88:f0:12:f0:fb:e0:15:de:63:b3:3f:
35:5f:e7:ba:40:75:71:b1:52:1e:ef:98:17:94:b5:9a:0d:e2:
45:71:db:fb:82:5b:a5:a6:6f:08:53:83:44:40:be:a4:0e:f4:
f5:0e:2c:bb:cd:51:ed:23:d9:44:e1:d2:77:9a:44:22:fd:3b:
3e:86:c9:b7:d6:e2:ae:3d:e2:60:c6:da:23:a0:84:0c:2a:b3:
8b:4c:91:01:1e:83:46:03:12:38:9a:5a:27:22:c0:5b:dc:f1:
f7:e5:2b:a2:e5:b1:ee:3b:48:50:bb:1c:84:cd:1f:98:14:e2:
37:3d:3f:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnrgmWyOCJ/Kokhr9JHtrp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjZjZWFjNWQ0MmE2MzdmMzZiYTFlM2ZkYWU5MGFkNWZl
ZTJjZmYwHhcNMjMwODEyMjA0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFiNWY2ODk5M2M0NTQ2N2IzZDhlMDZiOTU2NzA4YzhmZGQzNGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoALrA2uYfBHZmkuXsj6ewsa64xsb
W8TG4BWCeUOeHv9XwRi0SLAvWv5hrbZqf9qEoJ9HDRsZSHuGhV7w+QLKET+fS+Au
gy53GakaLQDDkhLcCR0g0S29u13mZlHWb6O7To9UNli82qL3idkcpuW81s1D0JZb
OqhYfpT31xaGbKWzK3y30XiqrriJbuXLh9B98BkKGeZI5C53lA9SOkdyPUVyj9q2
c8C0Pm2ULzism9A1ybGJIMGFB2cSMwzYCUNdxh0AzOeGBGACbXvhG43CYZGVdXAl
3ogt5Ec1bjC+lvd5gj+Egqm3K/6FHqrX1eI2ptQrropuMWVSzQ8yz182+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGrX2iZPEVGez2OBrlWcIyP3TT7MB8GA1UdIwQY
MBaAFHm2zqxdQqY382uh4/2ukK1f7iz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJiT3JGMUNwamZ6YTZIal9hNlFyVl91TFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hN2Q0MjEtZThjZC00OTI5LWFlZDAt
NGZlM2Y2MTExMGRlLzEvb2F0ZmFKazhSVVo3UFk0R3VWWndqSV9kTlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hN2Q0MjEtZThjZC00OTI5LWFlZDAtNGZlM2Y2MTExMGRl
LzEvZWJiT3JGMUNwamZ6YTZIal9hNlFyVl91TFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHxj8MA0E
AgACMAcDBQAqE/uAMA0GCSqGSIb3DQEBCwUAA4IBAQA+udf0ThgK0NZ6+XLpe/Ei
bNlu/CRvKTmjU79h9/GDQUkqw/iWY6JCQKshwGHe7ZYu0VyMIurwADmvODdvJKxM
CakszjbM9rCufGwzqCwiu+UwyDRHKQ0f4kVQQpi7OBEAeoxWCfm0ybFESF8O0mII
pjiLR8mjszY/TcqLEPvzc8jREGCKiPAS8PvgFd5jsz81X+e6QHVxsVIe75gXlLWa
DeJFcdv7glulpm8IU4NEQL6kDvT1Diy7zVHtI9lE4dJ3mkQi/Ts+hsm31uKuPeJg
xtojoIQMKrOLTJEBHoNGAxI4mlonIsBb3PH35Sui5bHuO0hQuxyEzR+YFOI3PT/p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:49 2024 by rpki-client on console-fra.rpki-client.org