Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/I5ulHANCVmNhldepSleLyKXQu8E.roa
File: I5ulHANCVmNhldepSleLyKXQu8E.roa (raw, json)
Hash identifier: d3on8yQDMzQyoS/uttnt/g9lgfB5yfUF34/Ds92jv4A=
Subject key identifier: 23:9B:A5:1C:03:42:56:63:61:95:D7:A9:4A:57:8B:C8:A5:D0:BB:C1
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01856F8B92C8897152FF8895FEF0F2577D72
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/I5ulHANCVmNhldepSleLyKXQu8E.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211252
IP address blocks: 194.31.96.0/24 maxlen: 24
194.99.44.0/24 maxlen: 24
194.99.46.0/24 maxlen: 24
31.210.21.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:92:c8:89:71:52:ff:88:95:fe:f0:f2:57:7d:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=239ba51c034256636195d7a94a578bc8a5d0bbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f1:ce:a2:72:50:f3:fa:78:c3:dd:7e:4f:26:
33:81:2c:37:8a:bb:f5:c3:85:51:8f:34:f0:a5:9b:
f2:43:d0:e4:38:ad:c9:ef:e7:40:d8:17:c4:f9:3b:
1c:b4:f6:07:6d:4e:32:16:68:88:f9:7f:d7:3d:53:
0a:ff:5e:0d:08:d0:eb:d5:d8:9e:15:7d:95:1c:f5:
8b:9c:04:10:52:ef:ed:88:a3:a9:b7:b5:8e:a8:ad:
3c:72:ef:be:8f:f1:54:8b:1f:3d:7e:b4:4b:b1:ee:
6c:61:e9:c4:cd:9a:57:e5:59:04:aa:c5:ce:cf:e7:
d9:08:0a:01:bd:f9:8f:88:bf:e1:08:86:25:69:3b:
2c:d4:16:32:3a:1d:0f:b5:cd:06:c6:4b:d1:59:f1:
eb:7c:f0:3d:80:20:14:fc:83:da:c4:db:6b:d6:c4:
cc:97:92:d4:f3:84:30:9c:e0:17:8b:e3:51:69:e8:
ef:61:15:2b:40:d7:ef:a8:8d:a1:d4:cd:ba:57:7d:
9a:cc:80:a0:b9:f2:86:6f:57:b8:f5:33:9f:7b:d0:
0e:46:dd:a2:14:08:bc:82:69:a1:b1:07:b6:7a:e3:
b2:5c:21:b7:2c:49:d0:1d:ae:f2:7f:df:22:18:f2:
02:b0:87:31:e9:b1:a2:03:a9:33:39:57:e5:ce:1b:
57:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9B:A5:1C:03:42:56:63:61:95:D7:A9:4A:57:8B:C8:A5:D0:BB:C1
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/I5ulHANCVmNhldepSleLyKXQu8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.21.0/24
194.31.96.0/24
194.99.44.0/24
194.99.46.0/24
Signature Algorithm: sha256WithRSAEncryption
97:e3:bb:1d:37:99:86:6f:6f:c6:8b:45:b1:0d:95:c4:da:7b:
bd:9e:e4:72:ac:00:83:31:c9:f3:d1:b8:9e:dc:f9:46:c9:ad:
e3:a8:56:11:6f:16:07:e9:39:cb:d0:4d:84:21:ee:db:bd:f0:
4e:2f:d5:fa:5d:ba:44:7a:fe:9b:16:a7:61:45:3c:51:91:3f:
0e:2a:ea:ba:60:e6:0a:b6:cb:34:b9:2c:1a:f2:d3:fd:1d:82:
01:bb:4a:42:12:0b:3e:a4:b3:d9:d0:27:c9:50:04:37:d9:3a:
3d:fd:b3:90:c5:0a:5f:a0:24:9f:a4:13:73:e4:df:d5:e1:d9:
de:73:c2:03:5b:43:09:64:3d:d0:91:ba:a0:85:b7:a1:62:38:
8b:c3:d3:ef:95:ea:fd:e5:74:4c:d8:e3:57:04:25:85:76:ac:
06:d6:31:f2:64:89:98:81:16:a9:01:ab:01:04:a8:49:f9:23:
bf:13:d1:24:83:51:dc:15:b6:a7:c5:3b:b4:94:b9:ca:d0:76:
ad:19:f4:37:70:d4:42:c4:4e:71:4b:34:17:22:32:d4:86:be:
f3:fd:f4:f2:7f:a5:97:85:a6:84:37:f4:21:c6:dd:e2:c9:c7:
54:f5:d3:73:00:1c:56:c0:2b:a4:03:3d:81:a2:0b:86:b7:0e:
29:25:5c:6b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvi5LIiXFS/4iV/vDyV31yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzliYTUxYzAzNDI1NjYzNjE5NWQ3YTk0YTU3OGJjOGE1ZDBiYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvHOonJQ8/p4w91+TyYzgSw3irv1
w4VRjzTwpZvyQ9DkOK3J7+dA2BfE+TsctPYHbU4yFmiI+X/XPVMK/14NCNDr1die
FX2VHPWLnAQQUu/tiKOpt7WOqK08cu++j/FUix89frRLse5sYenEzZpX5VkEqsXO
z+fZCAoBvfmPiL/hCIYlaTss1BYyOh0Ptc0GxkvRWfHrfPA9gCAU/IPaxNtr1sTM
l5LU84QwnOAXi+NRaejvYRUrQNfvqI2h1M26V32azICgufKGb1e49TOfe9AORt2i
FAi8gmmhsQe2euOyXCG3LEnQHa7yf98iGPICsIcx6bGiA6kzOVflzhtXbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCObpRwDQlZjYZXXqUpXi8il0LvBMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvSTV1bEhBTkNWbU5obGRlcFNsZUx5S1hRdThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH9IVAwQA
wh9gAwQAwmMsAwQAwmMuMA0GCSqGSIb3DQEBCwUAA4IBAQCX47sdN5mGb2/Gi0Wx
DZXE2nu9nuRyrACDMcnz0bie3PlGya3jqFYRbxYH6TnL0E2EIe7bvfBOL9X6XbpE
ev6bFqdhRTxRkT8OKuq6YOYKtss0uSwa8tP9HYIBu0pCEgs+pLPZ0CfJUAQ32To9
/bOQxQpfoCSfpBNz5N/V4dnec8IDW0MJZD3QkbqghbehYjiLw9Pvler95XRM2ONX
BCWFdqwG1jHyZImYgRapAasBBKhJ+SO/E9Ekg1HcFbanxTu0lLnK0HatGfQ3cNRC
xE5xSzQXIjLUhr7z/fTyf6WXhaaEN/Qhxt3iycdU9dNzABxWwCukAz2BoguGtw4p
JVxr
-----END CERTIFICATE-----
Generated at Fri Nov 3 07:26:31 2023 by rpki-client on console-ams.rpki-client.org