Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/StZiLB_4AvTA5yx4Yw6gsOSt9zY.roa
File: StZiLB_4AvTA5yx4Yw6gsOSt9zY.roa (raw, json)
Hash identifier: yS6QhaaezVJc9m+gNHzwqnAavRMQzMUxsBF/LD2mlAk=
Subject key identifier: 4A:D6:62:2C:1F:F8:02:F4:C0:E7:2C:78:63:0E:A0:B0:E4:AD:F7:36
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 01856F8B92705A98FF5CC3A23D14C98818A0
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/StZiLB_4AvTA5yx4Yw6gsOSt9zY.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14178
IP address blocks: 194.31.97.0/24 maxlen: 24
194.31.98.0/24 maxlen: 24
31.210.20.0/24 maxlen: 24
162.12.206.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:92:70:5a:98:ff:5c:c3:a2:3d:14:c9:88:18:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ad6622c1ff802f4c0e72c78630ea0b0e4adf736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d9:4e:13:75:2e:79:48:27:97:ce:04:b5:69:
df:17:9a:72:4f:f3:7f:0c:84:59:65:47:f0:f1:71:
8c:3d:17:f1:01:10:1d:20:67:ed:04:7f:53:e7:f4:
a1:78:ed:9c:63:bc:7a:7c:73:21:8a:a3:69:71:d9:
89:aa:e1:ac:8a:ef:66:7e:c4:af:a0:43:20:95:62:
b8:48:c0:d9:e9:06:a3:4a:24:e2:0a:1b:6c:2e:4f:
14:62:bc:85:eb:e5:e3:c3:0e:bb:e2:98:e6:5a:a2:
86:ac:28:d7:38:72:74:12:c2:db:8d:74:dc:1f:a8:
c5:a4:57:ce:d3:d6:bc:e1:75:b1:e5:1e:65:1c:d0:
07:f6:ef:d6:35:ff:a9:ef:e6:bd:ee:76:9b:d2:d9:
a1:23:34:16:e3:11:7b:a7:95:e4:df:18:b9:80:90:
a8:ed:5a:f8:52:8a:26:32:83:e4:d5:a7:1b:52:1d:
61:57:b9:bb:f2:0e:48:bc:7e:38:b5:3c:3d:de:38:
c7:f8:2b:45:7c:73:35:34:89:67:ee:d3:50:16:3f:
19:89:63:cf:3f:a7:32:f3:46:80:e2:4a:ba:ca:dc:
e0:e1:25:d2:ac:c1:e2:96:75:ae:3d:b4:0e:a8:81:
f8:55:f8:65:fe:3a:8b:e6:65:2a:3f:02:3f:ab:0a:
1a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D6:62:2C:1F:F8:02:F4:C0:E7:2C:78:63:0E:A0:B0:E4:AD:F7:36
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/StZiLB_4AvTA5yx4Yw6gsOSt9zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.20.0/24
162.12.206.0/23
194.31.97.0-194.31.98.255
Signature Algorithm: sha256WithRSAEncryption
6a:75:f9:53:92:0f:15:2d:d0:69:d8:ab:84:7a:a6:59:4d:0b:
8a:8f:e9:52:38:5e:94:29:01:bb:44:bd:81:73:86:56:84:8c:
e7:bd:6c:c9:54:42:c0:7a:1e:8c:96:0e:72:52:e3:b2:b2:b6:
08:be:fa:01:4a:89:a8:fc:14:27:d8:fd:c1:f6:cb:34:d9:5f:
c0:18:be:81:00:e7:2a:cf:e4:7e:7d:be:26:1b:a3:8a:a6:aa:
cc:a2:b4:fd:53:18:97:1c:b7:1f:01:a0:00:77:16:d6:e8:c3:
9f:31:bb:fc:ac:4a:ab:38:4d:76:d0:cd:2b:75:2b:4d:cc:d0:
20:ad:97:77:55:54:dd:84:8b:e9:b7:5f:e0:51:b4:ab:29:49:
f2:98:e9:20:9e:1b:91:7f:c2:54:9b:60:ad:8d:77:95:c4:04:
8b:2e:d7:e8:68:32:70:63:06:08:24:70:c8:b1:27:80:80:e3:
64:33:02:d3:ab:15:0e:6c:33:19:d3:be:27:34:e8:76:69:56:
3f:33:6f:f5:2f:ec:25:88:a7:34:72:76:d8:9b:68:d6:99:d6:
47:72:dd:50:96:0e:21:0a:90:51:6b:e2:f3:10:53:e9:4c:c9:
e6:f0:8d:d8:ad:ac:e6:8c:74:e7:33:94:df:a5:12:13:48:5c:
2b:d1:ac:3c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvi5JwWpj/XMOiPRTJiBigMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ2NjIyYzFmZjgwMmY0YzBlNzJjNzg2MzBlYTBiMGU0YWRmNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttlOE3UueUgnl84EtWnfF5pyT/N/
DIRZZUfw8XGMPRfxARAdIGftBH9T5/SheO2cY7x6fHMhiqNpcdmJquGsiu9mfsSv
oEMglWK4SMDZ6QajSiTiChtsLk8UYryF6+Xjww674pjmWqKGrCjXOHJ0EsLbjXTc
H6jFpFfO09a84XWx5R5lHNAH9u/WNf+p7+a97nab0tmhIzQW4xF7p5Xk3xi5gJCo
7Vr4UoomMoPk1acbUh1hV7m78g5IvH44tTw93jjH+CtFfHM1NIln7tNQFj8ZiWPP
P6cy80aA4kq6ytzg4SXSrMHilnWuPbQOqIH4Vfhl/jqL5mUqPwI/qwoaGwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFErWYiwf+AL0wOcseGMOoLDkrfc2MB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvU3RaaUxCXzRBdlRBNXl4NFl3NmdzT1N0OXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAH9IUAwQB
ogzOMAwDBADCH2EDBADCH2IwDQYJKoZIhvcNAQELBQADggEBAGp1+VOSDxUt0GnY
q4R6pllNC4qP6VI4XpQpAbtEvYFzhlaEjOe9bMlUQsB6HoyWDnJS47Kytgi++gFK
iaj8FCfY/cH2yzTZX8AYvoEA5yrP5H59viYbo4qmqsyitP1TGJcctx8BoAB3Ftbo
w58xu/ysSqs4TXbQzSt1K03M0CCtl3dVVN2Ei+m3X+BRtKspSfKY6SCeG5F/wlSb
YK2Nd5XEBIsu1+hoMnBjBggkcMixJ4CA42QzAtOrFQ5sMxnTvic06HZpVj8zb/Uv
7CWIpzRydtibaNaZ1kdy3VCWDiEKkFFr4vMQU+lMyebwjditrOaMdOczlN+lEhNI
XCvRrDw=
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:47 2024 by rpki-client on console-ams.rpki-client.org