Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa
File: 8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa (raw, json)
Hash identifier: roDnDx2TeCS5WluNolcb65dfq0AjB5+nTxWlkzEoiiM=
Subject key identifier: F1:05:0A:B0:09:D4:F8:DD:E0:30:13:75:BD:1E:51:7D:37:DA:E0:16
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018CC727233FC4E25AC70728672D4D591941
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208972
IP address blocks: 31.169.84.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:23:3f:c4:e2:5a:c7:07:28:67:2d:4d:59:19:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1050ab009d4f8dde0301375bd1e517d37dae016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c9:c5:95:7f:a5:28:c3:f9:ad:b1:67:c3:00:
95:5f:bb:99:21:b8:c8:bc:1b:04:ca:79:be:1a:70:
bd:c4:5d:2a:55:ed:52:07:ae:45:b3:fc:e4:fa:74:
b3:c0:45:3a:95:ec:82:7c:b9:1a:11:d6:3b:0c:cf:
fe:9a:cd:2a:fd:3f:5b:51:20:e5:8e:fa:89:8a:68:
c4:99:e1:81:ae:05:64:cb:1d:57:38:e8:10:61:d8:
6e:cf:50:0c:d7:f1:7d:12:1c:86:4c:38:4e:fa:a5:
fb:25:45:16:d6:6c:e5:11:8c:7f:76:69:8c:9b:29:
2c:78:59:f9:f1:01:85:c4:ca:27:0f:c8:f6:a9:2b:
a2:25:f0:6f:82:f4:7b:fa:19:28:39:af:66:84:e6:
31:34:8e:51:b2:47:46:0c:0c:a4:40:08:3e:bf:b2:
a7:8b:56:b0:48:f7:6d:43:e7:93:3a:1f:2d:ab:34:
a9:f8:94:c5:3e:05:ab:1c:e7:25:7d:0a:b5:b0:be:
37:b5:5e:91:b4:cd:ca:60:e0:a6:f2:69:74:57:05:
2e:71:79:c4:e0:8b:4d:8b:53:06:29:9c:b5:24:e8:
eb:ed:8c:54:cf:46:a9:46:ca:aa:fa:6f:b7:aa:b5:
43:fb:2d:cd:28:7b:99:d9:ef:70:c0:85:89:4c:ed:
92:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:05:0A:B0:09:D4:F8:DD:E0:30:13:75:BD:1E:51:7D:37:DA:E0:16
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/8QUKsAnU-N3gMBN1vR5RfTfa4BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.82.0/24
31.169.84.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:08:5f:d4:dc:ce:6e:94:89:3d:9f:22:68:63:e2:e6:b5:42:
c1:15:3c:cf:c2:26:b0:56:e6:2c:80:37:e9:e4:78:67:bc:65:
d4:74:12:5a:e9:8e:49:a8:da:5b:11:44:85:d6:fb:0d:6d:ad:
13:a4:50:57:66:24:ba:e1:5b:ee:16:4d:db:20:eb:17:08:53:
86:da:d6:2e:36:d9:f5:bb:2e:3f:98:bc:df:7b:10:2c:07:bb:
e7:51:5d:88:df:47:89:d9:20:f0:4b:c7:02:78:a1:77:a6:ae:
e6:1d:2c:5b:3b:ed:34:d2:db:eb:36:0e:a2:a0:aa:a7:3c:91:
72:5c:c3:85:75:1b:09:43:e7:2c:65:d1:22:db:18:1e:70:6c:
5b:18:e9:1e:b7:5c:92:51:ea:d0:36:b0:b2:92:6b:2a:df:34:
5b:27:12:9c:56:95:95:59:bc:44:aa:67:ea:e6:ea:ca:d5:c4:
ac:a3:f0:f5:1b:bb:b0:7b:30:b1:b1:bc:50:03:93:7b:4d:2a:
40:18:44:ea:c0:eb:94:02:40:5c:90:8b:68:8e:b0:30:dd:b3:
9b:d6:16:5e:f0:1c:a6:1a:5d:aa:0e:df:0c:ff:dd:a9:fc:10:
56:78:02:9d:6e:90:f3:1b:83:05:65:da:9f:c7:45:95:11:3b:
75:24:78:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJyM/xOJaxwcoZy1NWRlBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTA1MGFiMDA5ZDRmOGRkZTAzMDEzNzViZDFlNTE3ZDM3ZGFlMDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcnFlX+lKMP5rbFnwwCVX7uZIbjI
vBsEynm+GnC9xF0qVe1SB65Fs/zk+nSzwEU6leyCfLkaEdY7DM/+ms0q/T9bUSDl
jvqJimjEmeGBrgVkyx1XOOgQYdhuz1AM1/F9EhyGTDhO+qX7JUUW1mzlEYx/dmmM
mykseFn58QGFxMonD8j2qSuiJfBvgvR7+hkoOa9mhOYxNI5RskdGDAykQAg+v7Kn
i1awSPdtQ+eTOh8tqzSp+JTFPgWrHOclfQq1sL43tV6RtM3KYOCm8ml0VwUucXnE
4ItNi1MGKZy1JOjr7YxUz0apRsqq+m+3qrVD+y3NKHuZ2e9wwIWJTO2SYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPEFCrAJ1Pjd4DATdb0eUX032uAWMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvOFFVS3NBblUtTjNnTUJOMXZSNVJmVGZhNEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lSAwQA
H6lUAwQAH6laMA0GCSqGSIb3DQEBCwUAA4IBAQAeCF/U3M5ulIk9nyJoY+LmtULB
FTzPwiawVuYsgDfp5HhnvGXUdBJa6Y5JqNpbEUSF1vsNba0TpFBXZiS64VvuFk3b
IOsXCFOG2tYuNtn1uy4/mLzfexAsB7vnUV2I30eJ2SDwS8cCeKF3pq7mHSxbO+00
0tvrNg6ioKqnPJFyXMOFdRsJQ+csZdEi2xgecGxbGOket1ySUerQNrCykmsq3zRb
JxKcVpWVWbxEqmfq5urK1cSso/D1G7uwezCxsbxQA5N7TSpAGETqwOuUAkBckIto
jrAw3bOb1hZe8BymGl2qDt8M/92p/BBWeAKdbpDzG4MFZdqfx0WVETt1JHjL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org