Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/Fd7lXmjsjSInPQXJ3Bcw2hNHJXg.roa
File: Fd7lXmjsjSInPQXJ3Bcw2hNHJXg.roa (raw, json)
Hash identifier: j0Q308ZU14+ZtiXHnQnEbEDv2cQuk4r8zwKspMt1mXg=
Subject key identifier: 15:DE:E5:5E:68:EC:8D:22:27:3D:05:C9:DC:17:30:DA:13:47:25:78
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 0193E5A7325F5936E96FCE7F86977E872C01
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/Fd7lXmjsjSInPQXJ3Bcw2hNHJXg.roa
Signing time: Fri 20 Dec 2024 19:59:20 +0000
ROA not before: Fri 20 Dec 2024 19:59:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 31.130.144.0/21 maxlen: 24
31.130.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e5:a7:32:5f:59:36:e9:6f:ce:7f:86:97:7e:87:2c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Dec 20 19:59:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15dee55e68ec8d22273d05c9dc1730da13472578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:13:95:cc:b1:70:3a:1d:c5:01:64:bc:bb:e8:
a3:30:8e:b7:4a:b5:38:fd:20:01:a5:82:73:79:54:
d1:d3:2f:71:d2:4d:73:44:66:89:1d:76:1f:8a:b7:
f6:d6:bd:72:5a:d5:60:fb:69:f8:8d:0c:5f:32:f8:
d0:93:35:ba:22:21:ac:a7:2f:90:5a:73:47:b4:7d:
3d:73:6c:cd:11:aa:2f:65:f2:f2:6f:4b:48:4d:5e:
d5:ac:64:f0:01:76:bc:4f:84:ca:93:e7:a3:ab:c3:
e7:52:71:16:87:35:83:03:79:62:e6:96:32:16:c9:
16:d6:f8:d3:49:6e:12:ce:f6:fd:95:23:7a:e5:46:
11:16:3b:89:56:26:44:1a:59:0f:89:8e:30:66:fb:
d5:75:f3:f9:23:c5:65:3a:1c:8d:a0:b4:f1:ca:58:
57:11:83:37:13:c6:87:9d:25:4b:43:6d:29:c7:57:
d9:f4:82:6c:9f:f3:68:7a:01:34:c2:a9:c0:0d:90:
0d:b3:04:e6:cf:64:ed:9f:42:59:8c:6b:ab:de:16:
90:b7:7f:de:91:62:e8:c1:80:64:22:f6:bc:60:f1:
2b:50:b7:71:3f:75:e2:b3:41:ab:24:54:43:51:fd:
60:c1:1f:cd:b5:3c:11:4b:65:01:c4:1d:63:5a:a1:
fd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DE:E5:5E:68:EC:8D:22:27:3D:05:C9:DC:17:30:DA:13:47:25:78
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/Fd7lXmjsjSInPQXJ3Bcw2hNHJXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.144.0-31.130.155.255
Signature Algorithm: sha256WithRSAEncryption
d1:ae:e3:49:f9:08:28:4f:a3:2a:f8:d7:bb:bd:c5:2c:56:0f:
46:d4:59:eb:d7:7b:d4:af:34:d8:eb:2a:64:cc:b1:cb:89:2c:
16:48:ff:db:21:99:f7:09:9e:86:b3:c9:00:bf:cc:cb:fa:1d:
e9:76:03:b0:f0:7d:ac:9d:a6:27:9a:30:ec:b8:99:10:a2:3f:
89:51:f2:29:96:1c:23:c4:28:d2:2d:d4:a7:da:bc:e7:0e:65:
dd:2b:e3:ad:9f:fd:78:04:75:82:05:cb:2d:3b:5e:9b:73:f9:
6f:71:97:b2:46:88:3c:83:38:db:af:49:fc:48:56:15:92:a0:
28:4d:5c:1e:58:2a:bd:30:2e:2c:37:32:3d:c9:21:d1:0f:4b:
e0:d0:e7:77:90:95:94:c3:02:7f:43:7f:4c:54:b2:a5:ee:39:
ff:0a:aa:00:71:b8:06:22:ef:42:d3:07:48:0f:0d:0d:38:59:
11:e3:94:70:8f:d1:b1:b5:58:d2:1d:ab:38:32:6e:6b:01:b7:
db:7d:f0:47:1d:4b:f0:14:54:24:4b:73:1e:84:43:ad:b1:bb:
85:ea:69:92:e5:a5:cb:5a:bd:ad:fd:1c:b3:a2:17:46:8d:ce:
00:74:96:cb:0c:07:4d:c2:76:bf:a5:e9:96:17:8d:08:48:c2:
0d:72:2b:dc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZPlpzJfWTbpb85/hpd+hywBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQxMjIwMTk1OTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRlZTU1ZTY4ZWM4ZDIyMjczZDA1YzlkYzE3MzBkYTEzNDcyNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBOVzLFwOh3FAWS8u+ijMI63SrU4
/SABpYJzeVTR0y9x0k1zRGaJHXYfirf21r1yWtVg+2n4jQxfMvjQkzW6IiGspy+Q
WnNHtH09c2zNEaovZfLyb0tITV7VrGTwAXa8T4TKk+ejq8PnUnEWhzWDA3li5pYy
FskW1vjTSW4Szvb9lSN65UYRFjuJViZEGlkPiY4wZvvVdfP5I8VlOhyNoLTxylhX
EYM3E8aHnSVLQ20px1fZ9IJsn/NoegE0wqnADZANswTmz2Ttn0JZjGur3haQt3/e
kWLowYBkIva8YPErULdxP3Xis0GrJFRDUf1gwR/NtTwRS2UBxB1jWqH9cQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBXe5V5o7I0iJz0FydwXMNoTRyV4MB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvRmQ3bFhtanNqU0luUFFYSjNCY3cyaE5ISlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAQfgpAD
BAIfgpgwDQYJKoZIhvcNAQELBQADggEBANGu40n5CChPoyr417u9xSxWD0bUWevX
e9SvNNjrKmTMscuJLBZI/9shmfcJnoazyQC/zMv6Hel2A7DwfaydpieaMOy4mRCi
P4lR8imWHCPEKNIt1KfavOcOZd0r462f/XgEdYIFyy07Xptz+W9xl7JGiDyDONuv
SfxIVhWSoChNXB5YKr0wLiw3Mj3JIdEPS+DQ53eQlZTDAn9Df0xUsqXuOf8KqgBx
uAYi70LTB0gPDQ04WRHjlHCP0bG1WNIdqzgybmsBt9t98EcdS/AUVCRLcx6EQ62x
u4XqaZLlpctava39HLOiF0aNzgB0lssMB03Cdr+l6ZYXjQhIwg1yK9w=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:55:46 2025 by rpki-client