Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/xbLSbcw1bgXQO-SkEweOGgOxJE4.roa
File: xbLSbcw1bgXQO-SkEweOGgOxJE4.roa (raw, json)
Hash identifier: nwIzdXPsG71xFWhQuDUY2p6Ulr+mvyADnTV1XUw1G3M=
Subject key identifier: C5:B2:D2:6D:CC:35:6E:05:D0:3B:E4:A4:13:07:8E:1A:03:B1:24:4E
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0185728CA84081102BFF7F1AFB29E2ABC8CD
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/xbLSbcw1bgXQO-SkEweOGgOxJE4.roa
Signing time: Mon 02 Jan 2023 12:54:58 +0000
ROA not before: Mon 02 Jan 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34476
IP address blocks: 31.169.75.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:a8:40:81:10:2b:ff:7f:1a:fb:29:e2:ab:c8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 2 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5b2d26dcc356e05d03be4a413078e1a03b1244e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:a7:06:16:ba:bb:79:78:33:d7:1a:cd:6c:
f4:55:33:db:6e:23:0e:3f:c2:6d:a9:22:4d:da:a9:
df:35:0b:69:26:8d:e8:2d:0a:be:51:4d:38:12:fe:
2c:dc:3f:c1:90:56:41:ca:67:1b:ff:e9:00:72:1c:
4d:c9:98:ba:29:d3:6a:28:8d:5c:a2:1c:a4:7a:09:
5c:25:68:e9:72:6f:df:48:61:e9:3f:7f:a7:22:e5:
ca:46:98:d5:b8:4f:49:a4:ac:d5:ee:83:0a:9a:d7:
fb:1d:e6:38:ba:35:d0:a5:0d:af:bd:b8:cc:bb:a7:
9a:1c:11:26:b6:51:ec:b7:6a:a6:3f:f7:d9:da:87:
61:c2:2c:ce:fc:2b:9f:42:6f:96:f0:2e:72:f1:df:
35:80:82:a6:5a:16:2f:70:3b:70:92:63:0b:ed:d0:
2a:99:eb:9a:3b:91:39:50:72:30:f6:a7:bd:d3:0e:
8b:02:ee:06:5f:cd:07:ab:a9:2d:7a:e2:da:fe:8b:
ab:54:ac:84:9c:70:84:7f:af:5b:a7:fc:e3:bc:3b:
3d:d8:d0:c2:93:55:93:96:22:35:8f:84:20:26:66:
db:3b:84:8c:de:00:31:39:7d:ac:09:fa:33:4b:93:
d7:3f:e7:70:c0:54:c7:f2:f5:aa:46:82:81:e6:d4:
60:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B2:D2:6D:CC:35:6E:05:D0:3B:E4:A4:13:07:8E:1A:03:B1:24:4E
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/xbLSbcw1bgXQO-SkEweOGgOxJE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.75.0/24
31.169.85.0/24
31.169.87.0/24
Signature Algorithm: sha256WithRSAEncryption
41:d1:78:20:50:cc:9a:f6:20:67:84:b7:34:2c:80:c1:ae:47:
ce:1d:c3:2d:48:bb:17:55:46:c9:31:44:15:cf:6c:67:ba:a4:
77:0b:ff:77:84:4d:24:50:06:e2:ca:fb:b1:74:ce:ae:a8:d9:
e7:61:a8:2b:1d:d1:1d:be:1f:31:1e:99:63:f2:44:0f:0d:70:
7e:61:60:26:25:f9:98:bb:1a:a2:df:96:ef:ce:8b:da:c7:49:
f8:d5:6f:46:33:47:71:4c:6a:99:69:ec:18:08:83:84:bc:19:
9e:8b:02:7c:b7:69:63:2d:82:ce:5b:db:15:1b:4e:25:a1:f0:
2e:fc:5f:1f:e3:63:8b:5e:b1:de:1b:fc:37:c7:92:75:92:3c:
8f:a1:f2:1a:73:ca:ad:34:ce:d0:af:c1:a3:6a:24:df:a9:0c:
46:c9:0d:65:60:e9:c7:31:11:af:48:8e:13:be:1f:41:47:40:
5f:78:de:fa:ec:b4:fa:bd:32:aa:84:a0:cc:4d:8e:6d:db:a1:
c3:e0:6f:9f:ad:ee:03:51:b6:d1:c9:96:7e:9c:41:83:59:27:
3b:fe:c1:c5:e0:e4:cd:e6:70:8c:1c:6b:35:0c:60:9e:27:4e:
4d:54:ed:c0:84:37:9a:0c:33:01:44:98:a9:63:42:9d:cd:42:
e9:c0:74:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyjKhAgRAr/38a+yniq8jNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMwMTAyMTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIyZDI2ZGNjMzU2ZTA1ZDAzYmU0YTQxMzA3OGUxYTAzYjEyNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktSnBha6u3l4M9cazWz0VTPbbiMO
P8JtqSJN2qnfNQtpJo3oLQq+UU04Ev4s3D/BkFZBymcb/+kAchxNyZi6KdNqKI1c
ohykeglcJWjpcm/fSGHpP3+nIuXKRpjVuE9JpKzV7oMKmtf7HeY4ujXQpQ2vvbjM
u6eaHBEmtlHst2qmP/fZ2odhwizO/CufQm+W8C5y8d81gIKmWhYvcDtwkmML7dAq
meuaO5E5UHIw9qe90w6LAu4GX80Hq6kteuLa/ourVKyEnHCEf69bp/zjvDs92NDC
k1WTliI1j4QgJmbbO4SM3gAxOX2sCfozS5PXP+dwwFTH8vWqRoKB5tRg8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMWy0m3MNW4F0DvkpBMHjhoDsSROMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEveGJMU2JjdzFiZ1hRTy1Ta0V3ZU9HZ094SkU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lLAwQA
H6lVAwQAH6lXMA0GCSqGSIb3DQEBCwUAA4IBAQBB0XggUMya9iBnhLc0LIDBrkfO
HcMtSLsXVUbJMUQVz2xnuqR3C/93hE0kUAbiyvuxdM6uqNnnYagrHdEdvh8xHplj
8kQPDXB+YWAmJfmYuxqi35bvzovax0n41W9GM0dxTGqZaewYCIOEvBmeiwJ8t2lj
LYLOW9sVG04lofAu/F8f42OLXrHeG/w3x5J1kjyPofIac8qtNM7Qr8GjaiTfqQxG
yQ1lYOnHMRGvSI4Tvh9BR0BfeN767LT6vTKqhKDMTY5t26HD4G+fre4DUbbRyZZ+
nEGDWSc7/sHF4OTN5nCMHGs1DGCeJ05NVO3AhDeaDDMBRJipY0KdzULpwHSy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org