Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VXsqygqO92iCVo3Xkda1ATLNl0I.roa
File: VXsqygqO92iCVo3Xkda1ATLNl0I.roa (raw, json)
Hash identifier: b2z6x+gkClhl40/rja/3o1aGJCoiD8Ifb3zorbiu/Us=
Subject key identifier: 55:7B:2A:CA:0A:8E:F7:68:82:56:8D:D7:91:D6:B5:01:32:CD:97:42
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018B0414F3CBFEB62BA05AA2EF5283589353
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VXsqygqO92iCVo3Xkda1ATLNl0I.roa
Signing time: Fri 06 Oct 2023 08:22:43 +0000
ROA not before: Fri 06 Oct 2023 08:22:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.83.0/24 maxlen: 24
31.169.80.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 20:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:14:f3:cb:fe:b6:2b:a0:5a:a2:ef:52:83:58:93:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Oct 6 08:22:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=557b2aca0a8ef76882568dd791d6b50132cd9742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:92:3f:07:be:ae:2a:19:7e:0a:d7:c8:9c:96:
45:bb:b5:11:5c:e5:f5:d3:a1:13:bd:a7:4e:dc:43:
3a:1a:b8:47:1d:42:26:63:99:ac:e6:69:44:d7:55:
14:fe:a5:1e:b9:d8:c8:10:cb:9b:da:b6:f6:1c:f9:
80:ed:1f:de:19:9a:9b:7a:7f:10:f5:83:4a:e7:46:
53:27:db:8d:d5:f4:78:30:69:53:1d:4e:64:2b:ce:
5e:fd:5a:6c:55:96:61:52:6a:04:16:f6:b9:01:8f:
29:e9:06:c8:16:4d:58:b4:48:53:a0:c4:2c:63:8b:
b3:01:0e:ed:fb:48:90:c4:b1:f5:45:e5:b1:04:7e:
91:dc:9b:46:4f:be:0f:67:89:39:98:70:12:7a:d7:
62:ea:76:09:b6:55:50:e9:9e:03:67:e5:89:6a:09:
f2:1a:29:90:e3:da:18:e8:16:ed:f2:d7:29:96:fb:
b4:d5:0f:87:7b:a1:60:32:bd:0e:b4:71:b1:75:07:
8a:3e:58:6f:75:f2:e7:95:a7:b5:be:25:20:6f:15:
0a:76:e6:3e:6b:33:9f:16:e8:43:df:47:1a:5e:74:
37:93:e5:08:95:15:0a:25:6f:1e:63:21:18:90:90:
0c:85:41:e7:c1:a9:bd:cb:99:8b:63:da:e0:7d:72:
6a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7B:2A:CA:0A:8E:F7:68:82:56:8D:D7:91:D6:B5:01:32:CD:97:42
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/VXsqygqO92iCVo3Xkda1ATLNl0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.82.0/23
31.169.86.0/24
31.169.88.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b0:0e:d3:14:34:68:7a:8c:5b:bb:7e:d6:45:17:47:75:9c:
e8:c9:d7:e1:e1:aa:ca:c9:cf:52:1c:e3:dd:e1:e1:0e:a5:c0:
64:64:0c:29:e6:42:a0:87:fc:0a:ae:44:e7:46:0a:43:fb:14:
47:58:da:5c:29:3e:ee:6e:df:6b:dd:44:e5:b4:3e:c4:fc:df:
dd:a6:25:97:e3:ef:11:86:55:c3:ab:39:5e:67:7b:81:56:85:
7a:97:d5:39:25:e3:c8:5c:45:45:44:2e:45:0d:d4:f9:7d:32:
a9:7b:67:b4:06:8a:2c:90:93:ac:6b:68:7e:de:f5:aa:7a:83:
5f:03:2f:29:cf:18:fe:cb:09:18:76:64:25:62:81:af:79:ff:
50:bf:d8:82:fb:12:6e:ca:5d:d7:a7:6e:41:24:d0:9e:ae:d4:
ea:e1:33:29:6e:2d:5a:d2:60:4a:5d:02:8c:33:9b:15:50:e8:
fe:f0:af:fc:76:c7:ff:1d:8a:ea:9d:63:85:80:5e:61:05:6c:
f8:6b:08:a9:05:c2:2c:de:d9:57:b6:3f:89:45:4a:ba:3b:e9:
fa:e7:97:29:64:4b:69:67:42:b0:45:ca:74:fe:d9:1d:8b:d5:
50:f9:14:77:05:f1:f2:e3:85:2f:eb:d7:7a:80:2d:a3:3d:96:
f7:47:ab:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsEFPPL/rYroFqi71KDWJNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMxMDA2MDgyMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdiMmFjYTBhOGVmNzY4ODI1NjhkZDc5MWQ2YjUwMTMyY2Q5NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5I/B76uKhl+CtfInJZFu7URXOX1
06ETvadO3EM6GrhHHUImY5ms5mlE11UU/qUeudjIEMub2rb2HPmA7R/eGZqben8Q
9YNK50ZTJ9uN1fR4MGlTHU5kK85e/VpsVZZhUmoEFva5AY8p6QbIFk1YtEhToMQs
Y4uzAQ7t+0iQxLH1ReWxBH6R3JtGT74PZ4k5mHASetdi6nYJtlVQ6Z4DZ+WJagny
GimQ49oY6Bbt8tcplvu01Q+He6FgMr0OtHGxdQeKPlhvdfLnlae1viUgbxUKduY+
azOfFuhD30caXnQ3k+UIlRUKJW8eYyEYkJAMhUHnwam9y5mLY9rgfXJq4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFV7KsoKjvdoglaN15HWtQEyzZdCMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvVlhzcXlncU85MmlDVm8zWGtkYTFBVExObDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH6lQAwQB
H6lSAwQAH6lWAwQAH6lYMA0GCSqGSIb3DQEBCwUAA4IBAQBMsA7TFDRoeoxbu37W
RRdHdZzoydfh4arKyc9SHOPd4eEOpcBkZAwp5kKgh/wKrkTnRgpD+xRHWNpcKT7u
bt9r3UTltD7E/N/dpiWX4+8RhlXDqzleZ3uBVoV6l9U5JePIXEVFRC5FDdT5fTKp
e2e0BooskJOsa2h+3vWqeoNfAy8pzxj+ywkYdmQlYoGvef9Qv9iC+xJuyl3Xp25B
JNCertTq4TMpbi1a0mBKXQKMM5sVUOj+8K/8dsf/HYrqnWOFgF5hBWz4awipBcIs
3tlXtj+JRUq6O+n655cpZEtpZ0KwRcp0/tkdi9VQ+RR3BfHy44Uv69d6gC2jPZb3
R6t7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org