Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ijS-T1dXNaSgT701Mtiw-1QmW4U.roa
File: ijS-T1dXNaSgT701Mtiw-1QmW4U.roa (raw, json)
Hash identifier: CTbJCj1pQV6dcMd2XuwDZfZVYyl9HrCmuvoMz7mBWYQ=
Subject key identifier: 8A:34:BE:4F:57:57:35:A4:A0:4F:BD:35:32:D8:B0:FB:54:26:5B:85
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019008013356CE5C2EDD451AE23F1405024D
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ijS-T1dXNaSgT701Mtiw-1QmW4U.roa
Signing time: Tue 11 Jun 2024 15:53:34 +0000
ROA not before: Tue 11 Jun 2024 15:53:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197722
IP address blocks: 185.31.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 08:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:01:33:56:ce:5c:2e:dd:45:1a:e2:3f:14:05:02:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jun 11 15:53:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a34be4f575735a4a04fbd3532d8b0fb54265b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:b2:cf:db:36:55:45:2b:d8:09:09:fa:c1:
83:68:81:fe:e7:82:48:f0:67:c1:0d:23:7e:93:f0:
5e:91:4c:bd:5a:5d:11:2b:68:7f:2f:d5:23:57:6f:
76:f4:6a:50:47:fe:e6:70:d8:a5:c6:5b:e8:9b:70:
e4:11:0b:12:92:9d:50:36:ea:16:ee:87:26:f6:7e:
d7:1c:c4:78:3d:a3:d0:ee:b9:81:87:7b:03:61:14:
06:ed:f7:b6:06:3f:a8:fb:db:50:32:e3:0f:5a:ee:
27:4f:56:34:7f:0d:eb:63:95:ba:6b:2b:63:7f:82:
68:7b:32:f5:6e:34:4f:d7:b5:37:85:1b:84:de:d6:
83:43:05:7d:60:16:dd:1f:cd:43:3a:13:e2:73:fe:
58:1c:7e:1c:5e:a6:1e:cb:0a:05:36:44:5f:b6:82:
06:71:a0:ae:d5:af:eb:fd:54:73:17:c1:54:0a:4f:
e2:1f:b6:3c:49:a8:a0:f1:7a:ef:a0:25:0c:a1:52:
69:5b:c7:69:6f:7f:34:2e:80:79:be:c7:22:7e:78:
89:54:4b:b0:75:24:8a:10:7f:90:09:f2:2e:e6:70:
99:49:d4:16:19:b3:63:a6:95:84:51:70:8e:c9:ee:
4e:d5:af:96:fa:5b:10:81:f0:5a:35:fb:2d:7a:4c:
ef:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:34:BE:4F:57:57:35:A4:A0:4F:BD:35:32:D8:B0:FB:54:26:5B:85
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ijS-T1dXNaSgT701Mtiw-1QmW4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.104.0/22
Signature Algorithm: sha256WithRSAEncryption
32:f5:03:e0:86:ed:42:32:63:bc:2f:7f:0b:73:58:cd:d4:54:
65:fd:2c:4a:13:65:d9:4a:a5:57:34:27:81:a4:a6:56:3d:56:
46:22:b9:af:71:95:9d:cc:cf:60:45:53:de:b2:db:37:68:7c:
6f:73:33:3a:f1:a8:0a:94:83:b9:38:82:6f:24:7b:82:ff:1a:
37:c4:e1:84:86:78:9c:2f:93:82:c1:04:76:5d:fa:7e:3a:24:
f3:c4:69:c7:36:49:c1:b7:c0:08:09:ac:52:41:2b:02:54:d8:
3c:b0:ef:d9:8e:c1:f2:09:38:89:07:9d:ba:e1:95:98:af:d0:
44:f1:42:b8:51:55:ef:4d:ae:d9:18:f9:2c:b0:97:14:a9:54:
00:3e:6a:d3:d7:bf:0f:d9:45:44:4d:3c:5c:ab:cf:29:47:4d:
a8:fa:50:b9:3b:22:07:4d:de:ec:3e:83:63:d4:ce:c4:7b:61:
1b:ed:39:83:89:3e:61:5b:9e:eb:32:7d:6a:9c:f2:2c:93:1a:
fb:6e:65:1f:54:d8:17:ae:0e:2c:0f:8a:13:ec:b1:7b:19:dd:
53:08:0b:30:09:c4:e8:27:c1:a6:32:bb:be:c1:83:d2:b1:e7:
9c:17:1e:1d:20:d8:6e:36:ed:10:0d:26:83:24:04:f6:0a:e2:
d8:3c:6f:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAIATNWzlwu3UUa4j8UBQJNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNjExMTU1MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTM0YmU0ZjU3NTczNWE0YTA0ZmJkMzUzMmQ4YjBmYjU0MjY1Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkOyz9s2VUUr2AkJ+sGDaIH+54JI
8GfBDSN+k/BekUy9Wl0RK2h/L9UjV2929GpQR/7mcNilxlvom3DkEQsSkp1QNuoW
7ocm9n7XHMR4PaPQ7rmBh3sDYRQG7fe2Bj+o+9tQMuMPWu4nT1Y0fw3rY5W6aytj
f4JoezL1bjRP17U3hRuE3taDQwV9YBbdH81DOhPic/5YHH4cXqYeywoFNkRftoIG
caCu1a/r/VRzF8FUCk/iH7Y8Saig8XrvoCUMoVJpW8dpb380LoB5vscifniJVEuw
dSSKEH+QCfIu5nCZSdQWGbNjppWEUXCOye5O1a+W+lsQgfBaNfstekzvvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIo0vk9XVzWkoE+9NTLYsPtUJluFMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvaWpTLVQxZFhOYVNnVDcwMU10aXctMVFtVzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR9oMA0G
CSqGSIb3DQEBCwUAA4IBAQAy9QPghu1CMmO8L38Lc1jN1FRl/SxKE2XZSqVXNCeB
pKZWPVZGIrmvcZWdzM9gRVPests3aHxvczM68agKlIO5OIJvJHuC/xo3xOGEhnic
L5OCwQR2Xfp+OiTzxGnHNknBt8AICaxSQSsCVNg8sO/ZjsHyCTiJB5264ZWYr9BE
8UK4UVXvTa7ZGPkssJcUqVQAPmrT178P2UVETTxcq88pR02o+lC5OyIHTd7sPoNj
1M7Ee2Eb7TmDiT5hW57rMn1qnPIskxr7bmUfVNgXrg4sD4oT7LF7Gd1TCAswCcTo
J8GmMru+wYPSseecFx4dINhuNu0QDSaDJAT2CuLYPG/4
-----END CERTIFICATE-----
Generated at Tue Jul 2 10:54:20 2024 by rpki-client on console-ams.rpki-client.org