Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/zoqgD1OtV0etVGHL--TCQ3wJaJo.roa
File: zoqgD1OtV0etVGHL--TCQ3wJaJo.roa (raw, json)
Hash identifier: pj7/5uiWVbQoPdnW5ENE03RDHvyG75ePwwwSBC4rjlI=
Subject key identifier: CE:8A:A0:0F:53:AD:57:47:AD:54:61:CB:FB:E4:C2:43:7C:09:68:9A
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 018CC793D7C3A2B737335D8E47BB5A3B5FE8
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/zoqgD1OtV0etVGHL--TCQ3wJaJo.roa
Signing time: Tue 02 Jan 2024 00:30:04 +0000
ROA not before: Tue 02 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 31.210.23.0/24 maxlen: 24
194.59.216.0/22 maxlen: 24
162.12.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 08:13:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:d7:c3:a2:b7:37:33:5d:8e:47:bb:5a:3b:5f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Jan 2 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce8aa00f53ad5747ad5461cbfbe4c2437c09689a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e8:38:4c:2c:f7:61:d7:e2:86:06:0d:86:91:
c2:fb:d3:d4:65:1b:6b:8e:a5:07:0c:8a:4e:35:35:
d7:f2:8f:de:0b:14:3b:d0:1f:bd:46:6b:bf:1a:f2:
a0:be:de:2c:4c:b9:8c:5e:87:c9:ef:4f:38:e5:6b:
76:4e:87:7b:b2:16:57:e8:31:09:f3:1c:84:98:92:
4e:19:00:c4:42:b7:6e:94:b0:8b:ff:3f:dd:eb:9d:
94:3d:ca:ec:0a:01:3d:38:d0:e7:9a:89:92:83:77:
d8:7b:25:5a:c0:b4:34:99:e5:4f:55:e2:81:93:66:
00:c9:af:cb:00:ee:b7:e2:48:25:29:61:a0:5c:a8:
d5:da:ff:8b:cc:85:d1:40:ce:2f:62:7e:7a:85:6c:
5f:e0:72:dc:7a:7c:be:ef:cd:56:c0:61:c6:ed:36:
7d:18:44:fb:ad:97:b6:c4:54:2c:01:f1:61:20:4e:
21:08:d5:d5:66:ba:74:09:ad:9e:31:46:99:68:5a:
c0:1c:d1:3f:2b:cb:50:e3:72:56:37:f2:a3:95:8a:
5d:f4:13:91:8f:c2:10:a3:df:d5:4c:f8:3f:64:e8:
b2:ed:79:9d:32:db:03:a4:60:59:37:03:e8:e5:fc:
37:4b:c2:c3:d1:45:6a:7b:0c:f5:2a:20:e9:2e:af:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8A:A0:0F:53:AD:57:47:AD:54:61:CB:FB:E4:C2:43:7C:09:68:9A
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/zoqgD1OtV0etVGHL--TCQ3wJaJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.23.0/24
162.12.204.0/23
194.59.216.0/22
Signature Algorithm: sha256WithRSAEncryption
00:64:22:f1:e9:11:34:7c:7f:68:14:00:ab:1b:da:e5:19:94:
3d:21:ad:f1:86:ed:f0:10:73:49:17:18:89:c5:ff:cf:0e:b9:
86:3f:f3:64:82:cf:3d:03:ef:04:29:07:3b:c4:c6:6b:86:86:
dd:e6:54:c6:51:89:29:d3:da:53:c0:b2:49:be:bb:8b:f0:52:
f2:20:df:0d:33:6f:e5:80:db:f2:c3:c4:6b:32:89:6a:b4:ef:
c4:01:b3:c3:ff:90:c3:44:fc:5a:1a:cd:8c:1d:eb:ae:8f:94:
67:03:0c:a4:e9:93:21:0e:36:18:a3:ac:9e:aa:fe:b3:a4:8c:
43:c9:4b:9b:be:65:8a:c8:f5:00:ff:da:96:88:1c:fa:59:bd:
49:68:af:cd:7e:86:96:f9:dd:49:6c:b0:20:fc:d5:e6:fd:f8:
26:60:6b:fc:ac:25:e7:c6:c5:55:ef:e8:93:5b:64:f7:d2:01:
13:24:13:53:6c:1e:76:01:69:93:f7:2b:56:09:c4:07:98:a2:
49:31:50:f2:e3:64:cb:12:93:6e:d5:7f:9c:fe:3e:86:5f:63:
9c:9a:31:83:c9:f9:e4:c1:79:ae:92:26:e8:58:87:fa:e5:21:
e2:37:1d:f5:92:5b:24:e4:f8:c8:2b:a6:d0:22:0b:c2:7d:41:
89:39:00:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHk9fDorc3M12OR7taO1/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjQwMTAyMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZThhYTAwZjUzYWQ1NzQ3YWQ1NDYxY2JmYmU0YzI0MzdjMDk2ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOg4TCz3YdfihgYNhpHC+9PUZRtr
jqUHDIpONTXX8o/eCxQ70B+9Rmu/GvKgvt4sTLmMXofJ70845Wt2Tod7shZX6DEJ
8xyEmJJOGQDEQrdulLCL/z/d652UPcrsCgE9ONDnmomSg3fYeyVawLQ0meVPVeKB
k2YAya/LAO634kglKWGgXKjV2v+LzIXRQM4vYn56hWxf4HLceny+781WwGHG7TZ9
GET7rZe2xFQsAfFhIE4hCNXVZrp0Ca2eMUaZaFrAHNE/K8tQ43JWN/KjlYpd9BOR
j8IQo9/VTPg/ZOiy7XmdMtsDpGBZNwPo5fw3S8LD0UVqewz1KiDpLq/MvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM6KoA9TrVdHrVRhy/vkwkN8CWiaMB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvem9xZ0QxT3RWMGV0VkdITC0tVENRM3dKYUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH9IXAwQB
ogzMAwQCwjvYMA0GCSqGSIb3DQEBCwUAA4IBAQAAZCLx6RE0fH9oFACrG9rlGZQ9
Ia3xhu3wEHNJFxiJxf/PDrmGP/Nkgs89A+8EKQc7xMZrhobd5lTGUYkp09pTwLJJ
vruL8FLyIN8NM2/lgNvyw8RrMolqtO/EAbPD/5DDRPxaGs2MHeuuj5RnAwyk6ZMh
DjYYo6yeqv6zpIxDyUubvmWKyPUA/9qWiBz6Wb1JaK/NfoaW+d1JbLAg/NXm/fgm
YGv8rCXnxsVV7+iTW2T30gETJBNTbB52AWmT9ytWCcQHmKJJMVDy42TLEpNu1X+c
/j6GX2OcmjGDyfnkwXmukiboWIf65SHiNx31klsk5PjIK6bQIgvCfUGJOQC0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:56 2025 by rpki-client