Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-XJqMs10byIz0gdWv56f3zSQ1dM.roa
File: 1-XJqMs10byIz0gdWv56f3zSQ1dM.roa (raw, json)
Hash identifier: RRGRXWHH8iQf/W7Pd63eL6Eh0Ak/PmzYQRHb2SfzIbA=
Subject key identifier: F9:72:6A:32:CD:74:6F:22:33:D2:07:56:BF:9E:9F:DF:34:90:D5:D3
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 01914532D749033E603F7CC8E06EA0CA6CAD
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-XJqMs10byIz0gdWv56f3zSQ1dM.roa
Signing time: Mon 12 Aug 2024 06:07:25 +0000
ROA not before: Mon 12 Aug 2024 06:07:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204817
IP address blocks: 31.222.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:32:d7:49:03:3e:60:3f:7c:c8:e0:6e:a0:ca:6c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Aug 12 06:07:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9726a32cd746f2233d20756bf9e9fdf3490d5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8c:33:f4:8b:b3:b5:0b:41:7a:28:2c:4d:d8:
f6:d7:63:8a:91:36:d4:88:ef:51:c3:b5:00:bb:25:
d9:56:81:94:0c:a7:42:8a:30:a7:6e:44:18:4f:01:
7c:c2:86:77:98:42:f9:14:29:52:28:cf:92:c7:43:
a4:ea:5c:e4:7c:30:3d:07:1d:8a:61:d0:c1:b4:79:
c0:41:ea:f5:56:d9:da:c9:5b:e6:ce:89:e6:3c:12:
77:aa:fe:4a:74:e2:00:fd:1c:b4:6d:ff:55:69:4a:
0d:6a:36:24:2b:7a:a6:16:37:03:7d:ec:b3:24:c9:
ae:80:38:18:cf:b4:17:12:cc:94:b6:74:4a:bf:ed:
29:d5:2e:16:92:b1:e2:76:9e:98:dc:48:a3:54:4a:
fc:5c:e2:26:bd:6b:1e:83:19:1b:57:35:7c:c4:f8:
10:11:ba:67:f0:58:9b:5a:da:bd:74:c6:7c:66:c9:
0c:52:77:73:4d:66:5c:10:2f:4c:8a:7b:f7:9f:9c:
66:d1:de:73:be:c1:81:c7:fc:db:e2:ae:64:0c:91:
7c:20:fe:62:36:2f:3a:0b:c5:a0:56:fa:cf:5c:8e:
4e:f2:76:15:69:6f:95:cc:27:1e:5d:2f:e8:1c:e4:
06:93:e8:d9:72:79:13:57:d6:7f:eb:d7:c9:06:04:
d6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:72:6A:32:CD:74:6F:22:33:D2:07:56:BF:9E:9F:DF:34:90:D5:D3
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/1-XJqMs10byIz0gdWv56f3zSQ1dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:c6:a5:21:a2:8b:93:90:06:55:8a:51:14:54:3e:b3:7f:0e:
fa:44:ec:3d:69:5d:e4:4d:f9:93:94:ce:ea:6c:9d:8a:20:58:
7a:9e:ae:ad:38:e8:46:67:f3:57:a9:21:e2:74:41:6a:bd:9f:
38:75:3e:28:44:5f:5a:fd:bd:9d:07:1f:66:38:cf:bb:34:a3:
fe:94:5b:25:c5:7a:c9:7a:bf:5a:23:1c:6d:da:65:93:98:4a:
d3:58:56:72:b8:ee:a1:e7:d8:0e:78:da:41:ce:16:bc:a0:ed:
32:36:a5:9b:91:3f:9f:c1:a0:71:33:42:cd:9b:2e:45:a8:b1:
0a:d8:fc:89:72:bc:34:cd:ef:6b:8f:74:8f:ca:ff:10:9f:fe:
3a:32:9f:dc:40:e6:6e:50:31:09:42:a1:96:b3:b3:a3:24:0b:
6e:90:e5:19:ab:19:29:7f:ea:1b:4f:90:f9:83:a8:2b:da:bc:
63:0d:4f:0e:9e:ff:ad:a2:88:75:7a:f4:b7:35:8c:27:78:03:
6f:a5:40:fa:b5:7b:19:46:66:f1:ee:0f:1e:7b:b4:8a:3a:cb:
47:8a:11:2b:7e:20:45:57:8b:9b:f6:37:37:1d:3b:53:a1:5a:
92:01:4e:08:33:9e:82:cc:b9:ab:b6:9f:be:b9:36:80:fa:a7:
04:0a:6e:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFFMtdJAz5gP3zI4G6gymytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjQwODEyMDYwNzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcyNmEzMmNkNzQ2ZjIyMzNkMjA3NTZiZjllOWZkZjM0OTBkNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4wz9IuztQtBeigsTdj212OKkTbU
iO9Rw7UAuyXZVoGUDKdCijCnbkQYTwF8woZ3mEL5FClSKM+Sx0Ok6lzkfDA9Bx2K
YdDBtHnAQer1VtnayVvmzonmPBJ3qv5KdOIA/Ry0bf9VaUoNajYkK3qmFjcDfeyz
JMmugDgYz7QXEsyUtnRKv+0p1S4WkrHidp6Y3EijVEr8XOImvWsegxkbVzV8xPgQ
Ebpn8FibWtq9dMZ8ZskMUndzTWZcEC9Minv3n5xm0d5zvsGBx/zb4q5kDJF8IP5i
Ni86C8WgVvrPXI5O8nYVaW+VzCceXS/oHOQGk+jZcnkTV9Z/69fJBgTWEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlyajLNdG8iM9IHVr+en980kNXTMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvMS1YSnFNczEwYnlJejBnZFd2NTZmM3pTUTFkTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvNzQ2NDEwLTAyNmItNDVjOS04MWNkLWYxMjgzNWYwMjQ3
Yi8xL2hkRG5ZX2sxd1hGcFR4Y2dWdXRFSUoyeTRzMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/eWzAN
BgkqhkiG9w0BAQsFAAOCAQEAjMalIaKLk5AGVYpRFFQ+s38O+kTsPWld5E35k5TO
6mydiiBYep6urTjoRmfzV6kh4nRBar2fOHU+KERfWv29nQcfZjjPuzSj/pRbJcV6
yXq/WiMcbdplk5hK01hWcrjuoefYDnjaQc4WvKDtMjalm5E/n8GgcTNCzZsuRaix
Ctj8iXK8NM3va490j8r/EJ/+OjKf3EDmblAxCUKhlrOzoyQLbpDlGasZKX/qG0+Q
+YOoK9q8Yw1PDp7/raKIdXr0tzWMJ3gDb6VA+rV7GUZm8e4PHnu0ijrLR4oRK34g
RVeLm/Y3Nx07U6FakgFOCDOegsy5q7afvrk2gPqnBApuwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:13 2025 by rpki-client