Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/d-D9bO84_heizEYRnbqT1S5EoPw.roa
File: d-D9bO84_heizEYRnbqT1S5EoPw.roa (raw, json)
Hash identifier: wn7dovTkfYDXsP/iabdnVGvCdYFEnIxaN7siTz5GZtg=
Subject key identifier: 77:E0:FD:6C:EF:38:FE:17:A2:CC:46:11:9D:BA:93:D5:2E:44:A0:FC
Certificate issuer: /CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Certificate serial: 018D5BB670BC3AB18B33F333171CDCA5484B
Authority key identifier: DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/d-D9bO84_heizEYRnbqT1S5EoPw.roa
Signing time: Tue 30 Jan 2024 18:51:39 +0000
ROA not before: Tue 30 Jan 2024 18:51:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 31.43.165.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 12:37:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:b6:70:bc:3a:b1:8b:33:f3:33:17:1c:dc:a5:48:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dff24726df3e77f6f4c8e0436613b35110eeaf38
Validity
Not Before: Jan 30 18:51:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77e0fd6cef38fe17a2cc46119dba93d52e44a0fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:df:a9:c9:0e:7c:e7:63:61:dc:ca:9f:89:81:
65:2f:06:83:5f:6d:f4:42:4a:c8:e0:c5:e1:b7:d5:
ee:83:92:c2:25:0d:bf:5e:cc:4a:51:be:1b:db:14:
de:aa:81:d1:80:37:74:97:7d:64:a3:13:c1:82:18:
5d:94:27:51:3f:98:93:54:cc:10:a7:81:ac:0a:fa:
a9:f5:c1:58:f1:c0:f7:11:4c:a3:e6:02:54:22:47:
65:f7:b6:d6:82:54:fd:ca:64:d6:ae:63:0b:b6:a9:
b9:3c:d9:6a:78:42:93:9f:62:4b:3e:8e:4b:d8:c1:
1c:c6:48:8c:9b:28:d7:67:f8:71:96:3d:0d:6a:61:
a1:d7:66:1e:b3:ca:14:70:df:32:af:01:f6:80:96:
67:e1:14:10:90:48:20:f7:ab:65:fe:81:b4:91:79:
0e:cb:f6:6b:d1:d3:3f:cd:74:11:ab:6a:a9:99:05:
54:29:35:fa:50:48:64:e1:91:50:e4:b8:04:fa:aa:
dd:93:4c:52:7a:21:d9:1b:5e:0a:d8:09:94:d4:ba:
5f:29:1d:94:50:e4:6f:a4:95:56:20:ca:e1:ed:3e:
e0:dd:9c:dd:0c:d1:f1:0d:8c:44:b1:2d:dc:41:f7:
e2:b9:38:ba:1b:a0:73:4d:f3:70:95:c1:2b:1a:fa:
9b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E0:FD:6C:EF:38:FE:17:A2:CC:46:11:9D:BA:93:D5:2E:44:A0:FC
X509v3 Authority Key Identifier:
keyid:DF:F2:47:26:DF:3E:77:F6:F4:C8:E0:43:66:13:B3:51:10:EE:AF:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3_JHJt8-d_b0yOBDZhOzURDurzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/d-D9bO84_heizEYRnbqT1S5EoPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a96024-6555-4e8d-af37-62bb6d63e59d/1/3_JHJt8-d_b0yOBDZhOzURDurzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.165.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:45:83:a5:ff:b1:8c:5b:57:ef:f1:bc:e6:6d:7f:09:a0:37:
59:b1:40:d3:29:b0:fa:b5:c3:7d:0b:33:ec:d0:7b:44:f7:d2:
96:e0:b4:e6:e4:c1:f1:ab:16:ec:e2:9d:2e:59:5a:dc:36:eb:
31:9a:c2:e2:e0:0f:bc:b1:90:64:e8:ec:17:3e:c5:b0:75:1f:
89:4d:be:53:96:76:52:13:1c:7e:11:20:50:db:d8:54:49:57:
94:50:4f:6c:61:ce:14:44:14:5c:ce:f7:dc:63:76:b5:2d:d7:
d4:8f:aa:8e:e6:1b:53:3f:02:af:7f:32:70:b1:80:14:bc:57:
39:c9:1e:d1:bf:e5:85:6c:4c:7c:e3:69:60:4d:ad:4a:e6:45:
0c:86:e6:87:8f:51:ce:7c:47:d3:fb:26:69:89:b7:48:aa:a3:
50:70:5d:34:19:43:90:0e:31:ca:c4:ab:23:4f:66:21:12:13:
04:56:9d:f4:0c:fa:3e:ca:d8:23:e3:45:63:c0:99:05:63:cb:
0f:71:d5:50:89:31:16:f0:9b:88:dd:f3:b7:b9:93:c4:ac:01:
f6:db:62:4d:79:bf:2c:11:9a:b3:c0:eb:46:44:d3:2e:85:9f:
4b:14:39:53:2a:1e:cc:de:cd:2a:8e:4d:bd:12:52:b1:11:fc:
20:f1:89:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1btnC8OrGLM/MzFxzcpUhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZjI0NzI2ZGYzZTc3ZjZmNGM4ZTA0MzY2MTNiMzUxMTBl
ZWFmMzgwHhcNMjQwMTMwMTg1MTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2UwZmQ2Y2VmMzhmZTE3YTJjYzQ2MTE5ZGJhOTNkNTJlNDRhMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt+pyQ5852Nh3MqfiYFlLwaDX230
QkrI4MXht9Xug5LCJQ2/XsxKUb4b2xTeqoHRgDd0l31koxPBghhdlCdRP5iTVMwQ
p4GsCvqp9cFY8cD3EUyj5gJUIkdl97bWglT9ymTWrmMLtqm5PNlqeEKTn2JLPo5L
2MEcxkiMmyjXZ/hxlj0NamGh12Yes8oUcN8yrwH2gJZn4RQQkEgg96tl/oG0kXkO
y/Zr0dM/zXQRq2qpmQVUKTX6UEhk4ZFQ5LgE+qrdk0xSeiHZG14K2AmU1LpfKR2U
UORvpJVWIMrh7T7g3ZzdDNHxDYxEsS3cQffiuTi6G6BzTfNwlcErGvqbDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfg/WzvOP4XosxGEZ26k9UuRKD8MB8GA1UdIwQY
MBaAFN/yRybfPnf29MjgQ2YTs1EQ7q84MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzct
NjJiYjZkNjNlNTlkLzEvZC1EOWJPODRfaGVpekVZUm5icVQxUzVFb1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOTYwMjQtNjU1NS00ZThkLWFmMzctNjJiYjZkNjNlNTlk
LzEvM19KSEp0OC1kX2IweU9CRFpoT3pVUkR1cnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyulMA0G
CSqGSIb3DQEBCwUAA4IBAQAeRYOl/7GMW1fv8bzmbX8JoDdZsUDTKbD6tcN9CzPs
0HtE99KW4LTm5MHxqxbs4p0uWVrcNusxmsLi4A+8sZBk6OwXPsWwdR+JTb5TlnZS
Exx+ESBQ29hUSVeUUE9sYc4URBRczvfcY3a1LdfUj6qO5htTPwKvfzJwsYAUvFc5
yR7Rv+WFbEx842lgTa1K5kUMhuaHj1HOfEfT+yZpibdIqqNQcF00GUOQDjHKxKsj
T2YhEhMEVp30DPo+ytgj40VjwJkFY8sPcdVQiTEW8JuI3fO3uZPErAH222JNeb8s
EZqzwOtGRNMuhZ9LFDlTKh7M3s0qjk29ElKxEfwg8Yme
-----END CERTIFICATE-----
Generated at Tue Feb 20 17:51:15 2024 by rpki-client on console-fra.rpki-client.org