Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/595d8c-185a-4f86-a32a-60fa912615cb/1/cfn-3Fz5h6Ncs5Kmicb3G02mSKk.roa
File: cfn-3Fz5h6Ncs5Kmicb3G02mSKk.roa (raw, json)
Hash identifier: o2I0Yo75vmCxbPK6CVF/r0kZxfSWKPoIyT5p6YpuaKg=
Subject key identifier: 71:F9:FE:DC:5C:F9:87:A3:5C:B3:92:A6:89:C6:F7:1B:4D:A6:48:A9
Certificate issuer: /CN=10ad1930af9eafdee10e7686849d41af7ef33439
Certificate serial: 01857082C832B778C352FF4B0177CD51C862
Authority key identifier: 10:AD:19:30:AF:9E:AF:DE:E1:0E:76:86:84:9D:41:AF:7E:F3:34:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EK0ZMK-er97hDnaGhJ1Br37zNDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/595d8c-185a-4f86-a32a-60fa912615cb/1/cfn-3Fz5h6Ncs5Kmicb3G02mSKk.roa
Signing time: Mon 02 Jan 2023 03:24:57 +0000
ROA not before: Mon 02 Jan 2023 03:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198401
IP address blocks: 31.24.83.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c8:32:b7:78:c3:52:ff:4b:01:77:cd:51:c8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10ad1930af9eafdee10e7686849d41af7ef33439
Validity
Not Before: Jan 2 03:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f9fedc5cf987a35cb392a689c6f71b4da648a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:12:1e:28:f1:95:8b:b8:54:5a:2f:25:a1:9f:
31:c6:36:6c:ef:fa:f8:16:26:53:ef:f9:86:b8:b8:
fd:4e:c6:f8:d6:28:dc:5e:3f:0b:b9:91:f6:4f:dc:
d2:e4:29:23:dc:b8:e9:ea:56:4a:2f:da:d2:26:60:
b8:18:84:25:3a:77:60:e9:89:7e:2f:24:25:f9:6f:
f9:58:8f:79:1f:a4:a4:bb:32:a4:40:a8:da:1e:90:
04:4d:be:64:69:5d:2e:b9:98:59:85:11:fd:7c:46:
d6:68:ec:e9:ce:4c:9d:4c:d3:f6:50:dd:1c:15:dc:
af:52:97:d9:4f:16:51:83:b1:c9:3d:a5:05:9c:e1:
80:bf:61:2d:b6:ec:47:bf:23:3d:48:d2:3d:04:80:
a0:26:84:52:aa:30:8f:29:96:50:99:f1:05:be:ab:
f6:c3:34:63:c7:93:e4:8f:0c:2a:9f:df:83:97:8d:
6e:1c:02:78:83:12:a0:5c:82:e9:37:a9:95:8d:c5:
c7:ea:47:72:62:51:4b:33:cd:63:cd:ab:47:c2:da:
b2:d5:ba:26:ad:59:4a:fc:53:7b:7d:b7:81:35:3d:
0f:44:f5:f0:50:9b:82:f0:58:e4:d9:02:61:e8:70:
2f:33:92:76:78:96:e2:17:df:c7:e1:13:29:8c:f3:
7f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F9:FE:DC:5C:F9:87:A3:5C:B3:92:A6:89:C6:F7:1B:4D:A6:48:A9
X509v3 Authority Key Identifier:
keyid:10:AD:19:30:AF:9E:AF:DE:E1:0E:76:86:84:9D:41:AF:7E:F3:34:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EK0ZMK-er97hDnaGhJ1Br37zNDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/595d8c-185a-4f86-a32a-60fa912615cb/1/cfn-3Fz5h6Ncs5Kmicb3G02mSKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/595d8c-185a-4f86-a32a-60fa912615cb/1/EK0ZMK-er97hDnaGhJ1Br37zNDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:2a:06:72:a7:22:b7:a9:46:3a:7a:b2:d5:ec:e8:c7:c8:ea:
46:5f:7d:22:31:8c:ae:ea:c6:fa:eb:a4:24:e2:23:ca:9b:71:
55:8d:9f:c4:56:5b:19:86:0d:15:93:5c:8d:25:52:29:76:59:
0d:d0:ad:41:2b:04:3b:23:04:e3:f6:fe:6c:d8:e1:93:9e:36:
ed:ae:8d:cb:67:f7:43:22:10:aa:78:d2:8d:40:bb:6c:06:a4:
4e:66:6f:c2:77:d6:50:f3:6a:bc:3b:90:72:30:44:37:56:68:
d3:b9:95:7b:fc:2c:65:65:1e:0f:ec:db:b3:0d:da:fa:2b:16:
27:a7:a2:13:db:f6:6e:c8:ef:43:32:bc:da:98:16:cc:fa:fc:
dc:df:2a:c6:3c:39:11:c5:95:73:ac:46:a6:26:dc:2e:48:e3:
fd:5a:70:48:e9:5c:f5:13:cb:bd:12:1c:4d:30:eb:e9:31:a7:
9c:fe:3d:58:bd:15:63:d8:b6:31:54:6d:5f:ca:ce:77:e4:81:
60:12:99:28:b0:37:bb:87:70:76:e4:1e:62:c5:36:be:eb:7b:
93:06:fc:a4:fe:22:69:6d:33:ab:39:fd:a8:2d:b6:91:d5:36:
ed:ba:f2:4b:09:39:21:d0:0a:e6:a3:5f:07:fd:e3:9d:b7:6d:
1a:4d:b3:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsgyt3jDUv9LAXfNUchiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWQxOTMwYWY5ZWFmZGVlMTBlNzY4Njg0OWQ0MWFmN2Vm
MzM0MzkwHhcNMjMwMTAyMDMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY5ZmVkYzVjZjk4N2EzNWNiMzkyYTY4OWM2ZjcxYjRkYTY0OGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxIeKPGVi7hUWi8loZ8xxjZs7/r4
FiZT7/mGuLj9Tsb41ijcXj8LuZH2T9zS5Ckj3Ljp6lZKL9rSJmC4GIQlOndg6Yl+
LyQl+W/5WI95H6SkuzKkQKjaHpAETb5kaV0uuZhZhRH9fEbWaOzpzkydTNP2UN0c
FdyvUpfZTxZRg7HJPaUFnOGAv2EttuxHvyM9SNI9BICgJoRSqjCPKZZQmfEFvqv2
wzRjx5Pkjwwqn9+Dl41uHAJ4gxKgXILpN6mVjcXH6kdyYlFLM81jzatHwtqy1bom
rVlK/FN7fbeBNT0PRPXwUJuC8Fjk2QJh6HAvM5J2eJbiF9/H4RMpjPN/HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHH5/txc+YejXLOSponG9xtNpkipMB8GA1UdIwQY
MBaAFBCtGTCvnq/e4Q52hoSdQa9+8zQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUswWk1LLWVyOTdoRG5hR2hKMUJyMzd6TkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81OTVkOGMtMTg1YS00Zjg2LWEzMmEt
NjBmYTkxMjYxNWNiLzEvY2ZuLTNGejVoNk5jczVLbWljYjNHMDJtU0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81OTVkOGMtMTg1YS00Zjg2LWEzMmEtNjBmYTkxMjYxNWNi
LzEvRUswWk1LLWVyOTdoRG5hR2hKMUJyMzd6TkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHxhTMA0G
CSqGSIb3DQEBCwUAA4IBAQCwKgZypyK3qUY6erLV7OjHyOpGX30iMYyu6sb666Qk
4iPKm3FVjZ/EVlsZhg0Vk1yNJVIpdlkN0K1BKwQ7IwTj9v5s2OGTnjbtro3LZ/dD
IhCqeNKNQLtsBqROZm/Cd9ZQ82q8O5ByMEQ3VmjTuZV7/CxlZR4P7NuzDdr6KxYn
p6IT2/ZuyO9DMrzamBbM+vzc3yrGPDkRxZVzrEamJtwuSOP9WnBI6Vz1E8u9EhxN
MOvpMaec/j1YvRVj2LYxVG1fys535IFgEpkosDe7h3B25B5ixTa+63uTBvyk/iJp
bTOrOf2oLbaR1TbtuvJLCTkh0Armo18H/eOdt20aTbOn
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:55 2024 by rpki-client on console-fra.rpki-client.org