Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/jxKdUEgP4h5sMb4bXlszuxUaFHQ.roa
File: jxKdUEgP4h5sMb4bXlszuxUaFHQ.roa (raw, json)
Hash identifier: ATtxB52TnbNT0EdDUSI1C/Asz3FGF8BMbWlThQHb+S8=
Subject key identifier: 8F:12:9D:50:48:0F:E2:1E:6C:31:BE:1B:5E:5B:33:BB:15:1A:14:74
Certificate issuer: /CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Certificate serial: 01856D78A1ADDDD270E067DB83C2C1EF8731
Authority key identifier: D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/jxKdUEgP4h5sMb4bXlszuxUaFHQ.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210854
IP address blocks: 31.210.17.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a1:ad:dd:d2:70:e0:67:db:83:c2:c1:ef:87:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f129d50480fe21e6c31be1b5e5b33bb151a1474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bd:83:83:68:6f:66:ee:b8:7c:45:1c:1f:99:
2f:67:5d:7f:2b:70:31:c2:84:a6:ed:31:8c:e7:8a:
b4:1b:d2:1f:c5:f9:7f:91:8b:dc:eb:41:be:21:fe:
1b:25:40:c9:af:2c:f5:f3:22:3e:44:67:d4:17:4b:
03:82:35:f1:a8:45:08:ea:c8:2c:82:27:78:5f:f3:
0f:e6:f2:15:e2:73:54:9a:b8:db:48:78:6f:25:02:
a5:54:7b:87:f9:e7:9d:41:4c:64:50:da:29:f7:26:
66:84:da:b3:be:e7:21:8f:8d:c0:af:44:53:e3:0f:
ae:e5:75:69:f2:ca:98:fd:58:cf:d8:1e:a7:b3:e2:
24:54:f1:f4:e0:ac:d0:1a:48:db:08:f7:c2:0d:95:
10:2e:10:79:d2:c8:9e:a0:6c:d7:40:92:43:29:b0:
aa:a5:6e:05:06:9a:01:ee:13:17:da:e2:b0:2d:d5:
b6:5b:1f:fc:ba:88:f8:12:0f:6b:3e:ce:79:61:7b:
b0:0a:f6:f7:9d:ba:c5:30:13:38:a4:8b:60:24:02:
f1:e8:37:b2:6f:b8:ff:62:42:fe:c9:d7:93:cd:a4:
5c:e3:d6:2f:b7:a6:93:e2:48:e8:55:b2:38:d1:f3:
39:cd:4e:eb:d7:18:9e:10:a5:ad:4c:c9:cf:96:49:
a0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:12:9D:50:48:0F:E2:1E:6C:31:BE:1B:5E:5B:33:BB:15:1A:14:74
X509v3 Authority Key Identifier:
keyid:D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/jxKdUEgP4h5sMb4bXlszuxUaFHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.17.0/24
Signature Algorithm: sha256WithRSAEncryption
27:bc:f4:3e:f1:28:b6:94:17:4f:c1:87:98:04:7b:84:2b:7d:
a9:ec:45:87:95:57:1d:15:32:a2:cb:b1:b5:74:ee:0b:2a:96:
cc:36:54:b1:89:68:e4:0a:3c:9d:48:16:a8:c1:23:a2:ec:5d:
e8:39:4c:08:f1:69:fe:38:cf:ca:7e:67:7f:1d:36:0a:65:09:
29:ee:50:a9:a5:cf:f4:2a:b9:c6:1a:6b:84:42:81:59:d8:ab:
54:31:99:c8:a7:be:f3:63:d8:62:d0:84:e7:68:b6:60:4c:d7:
f0:34:f2:f6:67:79:e7:1a:42:4e:ab:5a:7a:10:7a:20:53:5c:
05:e0:0b:6b:6d:33:97:7f:93:d1:3f:d8:cc:84:55:25:28:4c:
43:a4:74:71:23:a7:6f:fc:ee:f7:21:d2:b9:b8:9b:da:ae:e6:
4f:f9:be:72:5e:a1:e8:59:68:8b:9f:3b:e6:7f:18:8a:26:38:
0c:34:de:a5:bc:da:3c:42:c1:00:6f:69:37:5f:9e:50:38:d0:
83:f6:4a:83:25:23:97:52:66:55:c0:c2:17:a9:ab:e7:46:60:
f9:78:ed:17:91:76:22:62:8e:bf:58:55:39:c5:9e:9b:7d:00:
5f:37:38:61:51:e2:20:cc:1c:b7:e6:de:b9:5c:a2:af:2f:8a:
62:2e:b5:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVteKGt3dJw4Gfbg8LB74cxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MGI1NjVkNzczNjc1M2RiZTdmNjYyNGJkZjFkMmJjMTg5
NmY3YzAwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjEyOWQ1MDQ4MGZlMjFlNmMzMWJlMWI1ZTViMzNiYjE1MWExNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr72Dg2hvZu64fEUcH5kvZ11/K3Ax
woSm7TGM54q0G9Ifxfl/kYvc60G+If4bJUDJryz18yI+RGfUF0sDgjXxqEUI6sgs
gid4X/MP5vIV4nNUmrjbSHhvJQKlVHuH+eedQUxkUNop9yZmhNqzvuchj43Ar0RT
4w+u5XVp8sqY/VjP2B6ns+IkVPH04KzQGkjbCPfCDZUQLhB50sieoGzXQJJDKbCq
pW4FBpoB7hMX2uKwLdW2Wx/8uoj4Eg9rPs55YXuwCvb3nbrFMBM4pItgJALx6Dey
b7j/YkL+ydeTzaRc49Yvt6aT4kjoVbI40fM5zU7r1xieEKWtTMnPlkmg/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8SnVBID+IebDG+G15bM7sVGhR0MB8GA1UdIwQY
MBaAFNgLVl13NnU9vn9mJL3x0rwYlvfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5Mjct
MjMyNzc4MjJmZWZhLzEvanhLZFVFZ1A0aDVzTWI0Ylhsc3p1eFVhRkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5MjctMjMyNzc4MjJmZWZh
LzEvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH9IRMA0G
CSqGSIb3DQEBCwUAA4IBAQAnvPQ+8Si2lBdPwYeYBHuEK32p7EWHlVcdFTKiy7G1
dO4LKpbMNlSxiWjkCjydSBaowSOi7F3oOUwI8Wn+OM/Kfmd/HTYKZQkp7lCppc/0
KrnGGmuEQoFZ2KtUMZnIp77zY9hi0ITnaLZgTNfwNPL2Z3nnGkJOq1p6EHogU1wF
4AtrbTOXf5PRP9jMhFUlKExDpHRxI6dv/O73IdK5uJvaruZP+b5yXqHoWWiLnzvm
fxiKJjgMNN6lvNo8QsEAb2k3X55QONCD9kqDJSOXUmZVwMIXqavnRmD5eO0XkXYi
Yo6/WFU5xZ6bfQBfNzhhUeIgzBy35t65XKKvL4piLrX0
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:59 2024 by rpki-client on console-fra.rpki-client.org