Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/WsdAA4xXRXPKk_0E8a9hUTTa250.roa
File: WsdAA4xXRXPKk_0E8a9hUTTa250.roa (raw, json)
Hash identifier: Cq6o1pkPK+Fmvk9dsr0JJk01DLWihEFPxMmnX/c+Zpo=
Subject key identifier: 5A:C7:40:03:8C:57:45:73:CA:93:FD:04:F1:AF:61:51:34:DA:DB:9D
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018CC7272051621C67CEC11761F2DB54770F
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/WsdAA4xXRXPKk_0E8a9hUTTa250.roa
Signing time: Mon 01 Jan 2024 22:31:19 +0000
ROA not before: Mon 01 Jan 2024 22:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.83.0/24 maxlen: 24
31.169.80.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 14:16:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:20:51:62:1c:67:ce:c1:17:61:f2:db:54:77:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 1 22:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ac740038c574573ca93fd04f1af615134dadb9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:55:da:1c:73:94:2b:ea:6b:e8:ba:0f:b9:83:
f9:75:39:ca:c9:a9:d2:00:cd:d9:50:75:7a:65:62:
fe:20:40:8a:b8:d5:b2:ff:e6:fb:aa:51:2d:fc:e0:
6e:e4:e9:58:bf:c5:4c:04:05:7f:d1:98:45:09:41:
22:aa:d7:ab:0b:2c:f3:a8:7b:64:42:f2:87:8a:d3:
ce:44:dc:72:b3:c4:b1:34:f0:b2:8f:11:b5:4f:f0:
e0:16:0e:d7:c4:f6:29:c0:9e:e0:ad:90:82:ab:49:
15:98:ec:52:a4:41:07:f9:3d:30:b8:a8:cd:d8:ff:
a0:a4:86:35:b7:b0:c9:34:51:9c:71:9b:cd:aa:ce:
fc:8e:54:05:f1:b9:ea:1d:86:8f:0c:1e:d6:03:83:
c3:93:30:db:55:bc:11:a9:b0:a0:55:ee:5a:f5:21:
5b:cc:82:a9:d8:41:55:38:c1:e2:e2:95:99:d9:37:
bb:01:f9:b8:41:a2:31:8d:b0:5a:72:22:94:b8:13:
86:3f:3f:8d:21:fa:a0:cd:e0:8d:ae:a6:87:0f:31:
35:c7:b1:9b:4b:f4:c6:46:c1:ff:48:ec:f1:f4:85:
28:cb:3e:2f:76:96:20:55:5e:ac:87:67:ae:2b:72:
59:03:b4:3c:59:96:1e:40:04:f0:1d:11:dc:0d:9d:
b1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C7:40:03:8C:57:45:73:CA:93:FD:04:F1:AF:61:51:34:DA:DB:9D
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/WsdAA4xXRXPKk_0E8a9hUTTa250.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.83.0/24
31.169.86.0/24
31.169.88.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3d:4f:aa:49:37:35:3a:49:ed:6e:72:e7:25:9c:19:83:77:
61:02:fb:ed:85:2d:aa:d0:6b:ca:dc:6b:22:14:ef:0d:d5:fb:
69:8a:fd:98:76:93:79:0c:e0:f0:f9:46:8f:41:66:56:48:7e:
08:c5:21:0b:24:d5:65:59:57:71:e4:41:a2:c3:fa:44:34:31:
bc:84:61:3b:cb:56:fe:53:3f:e1:05:74:d3:7d:86:1e:52:44:
22:0c:cf:9c:0a:49:e8:35:52:4f:5a:94:b6:b9:4b:9e:23:cd:
45:6e:7f:fd:cf:b9:28:9b:e2:6a:bd:cb:df:a4:9b:52:1e:c5:
48:f3:24:45:81:f6:09:24:b0:1a:94:ee:8a:ef:f8:44:67:fe:
e7:c6:f2:d7:fa:83:95:41:b6:c1:32:ae:12:21:23:55:88:82:
ff:74:4d:ba:57:d2:23:c0:b0:57:56:b5:3e:e2:26:02:6b:60:
02:ce:e4:6c:2d:c9:7a:ad:ee:f1:fa:47:f8:0c:a9:c7:07:9b:
a0:ed:e2:d5:66:ba:b4:84:60:84:29:01:3f:9c:14:3b:84:7e:
94:04:e5:3e:8c:04:83:c8:0c:96:9d:8f:ca:b8:2c:65:4e:d9:
4b:63:16:8a:38:ab:92:f6:78:6e:9d:a0:6d:76:06:10:25:ca:
f8:ed:fc:fa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJyBRYhxnzsEXYfLbVHcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMTAxMjIzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWM3NDAwMzhjNTc0NTczY2E5M2ZkMDRmMWFmNjE1MTM0ZGFkYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVXaHHOUK+pr6LoPuYP5dTnKyanS
AM3ZUHV6ZWL+IECKuNWy/+b7qlEt/OBu5OlYv8VMBAV/0ZhFCUEiqterCyzzqHtk
QvKHitPORNxys8SxNPCyjxG1T/DgFg7XxPYpwJ7grZCCq0kVmOxSpEEH+T0wuKjN
2P+gpIY1t7DJNFGccZvNqs78jlQF8bnqHYaPDB7WA4PDkzDbVbwRqbCgVe5a9SFb
zIKp2EFVOMHi4pWZ2Te7Afm4QaIxjbBaciKUuBOGPz+NIfqgzeCNrqaHDzE1x7Gb
S/TGRsH/SOzx9IUoyz4vdpYgVV6sh2euK3JZA7Q8WZYeQATwHRHcDZ2xwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFrHQAOMV0VzypP9BPGvYVE02tudMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvV3NkQUE0eFhSWFBLa18wRThhOWhVVFRhMjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH6lQAwQA
H6lTAwQAH6lWAwQAH6lYMA0GCSqGSIb3DQEBCwUAA4IBAQBWPU+qSTc1OkntbnLn
JZwZg3dhAvvthS2q0GvK3GsiFO8N1ftpiv2YdpN5DODw+UaPQWZWSH4IxSELJNVl
WVdx5EGiw/pENDG8hGE7y1b+Uz/hBXTTfYYeUkQiDM+cCknoNVJPWpS2uUueI81F
bn/9z7kom+JqvcvfpJtSHsVI8yRFgfYJJLAalO6K7/hEZ/7nxvLX+oOVQbbBMq4S
ISNViIL/dE26V9IjwLBXVrU+4iYCa2ACzuRsLcl6re7x+kf4DKnHB5ug7eLVZrq0
hGCEKQE/nBQ7hH6UBOU+jASDyAyWnY/KuCxlTtlLYxaKOKuS9nhunaBtdgYQJcr4
7fz6
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:54 2024 by rpki-client on console-ams.rpki-client.org