Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/QZb0nOnXC5KrynT-Zjr_-dZ96dE.roa
File: QZb0nOnXC5KrynT-Zjr_-dZ96dE.roa (raw, json)
Hash identifier: YYN6mylVSrJFzsYIHcrfi2ak2tZ5367Ry1hJfQX9olY=
Subject key identifier: 41:96:F4:9C:E9:D7:0B:92:AB:CA:74:FE:66:3A:FF:F9:D6:7D:E9:D1
Certificate issuer: /CN=ddd5708f429adadba1b4a38c94dd77654afaf97d
Certificate serial: 01856D81C3C9FCB93FCB2CF7DA2BBDAE7E31
Authority key identifier: DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/QZb0nOnXC5KrynT-Zjr_-dZ96dE.roa
Signing time: Sun 01 Jan 2023 13:24:58 +0000
ROA not before: Sun 01 Jan 2023 13:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197667
IP address blocks: 31.41.82.0/24 maxlen: 24
31.41.83.0/24 maxlen: 24
31.41.80.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:c3:c9:fc:b9:3f:cb:2c:f7:da:2b:bd:ae:7e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddd5708f429adadba1b4a38c94dd77654afaf97d
Validity
Not Before: Jan 1 13:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4196f49ce9d70b92abca74fe663afff9d67de9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2f:d9:f6:f2:13:ca:c1:66:41:21:90:ae:aa:
57:f0:fc:ac:10:21:cd:c6:d2:7b:5d:4a:62:6d:3e:
ac:76:60:4f:ff:9f:c4:2c:6f:c0:3d:cc:97:09:8d:
57:e1:a1:61:ab:26:e4:02:29:2a:40:de:30:15:a8:
4f:2e:bc:1c:ac:3a:d9:b0:74:4d:05:c1:b4:ec:29:
23:c1:f6:d9:f8:a7:6e:46:cf:76:2a:5c:c2:51:fb:
5a:16:bc:18:f2:d9:65:d4:47:c2:90:77:d5:5d:d7:
44:5d:1b:aa:f3:5a:94:3e:72:c2:be:00:db:60:b2:
99:c3:f0:b3:1a:49:a1:02:69:1a:ff:35:d3:1b:2c:
2e:30:bf:78:c6:34:c5:64:a7:1e:19:0e:38:de:b3:
ce:55:e5:2b:aa:eb:35:c6:a3:b8:45:5e:1c:98:ef:
b1:67:2b:69:92:f3:9e:58:2f:0e:b1:14:b0:66:94:
eb:a1:5c:33:49:16:0b:9b:25:85:2f:6f:10:fc:77:
38:54:64:96:cc:7d:4f:4c:92:86:50:98:94:1f:df:
4d:b2:4c:e9:09:25:6f:1e:1c:f8:9b:a4:3c:4a:4e:
d1:5b:72:1b:13:5c:d9:83:7b:b7:0d:f3:3c:0e:fc:
24:8d:69:0c:3d:e6:67:55:1b:fa:3b:ef:bd:56:26:
58:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:96:F4:9C:E9:D7:0B:92:AB:CA:74:FE:66:3A:FF:F9:D6:7D:E9:D1
X509v3 Authority Key Identifier:
keyid:DD:D5:70:8F:42:9A:DA:DB:A1:B4:A3:8C:94:DD:77:65:4A:FA:F9:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/QZb0nOnXC5KrynT-Zjr_-dZ96dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/d794a3-f3ae-4fbe-98ea-20e1c3e3f8e2/1/3dVwj0Ka2tuhtKOMlN13ZUr6-X0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.80.0/21
Signature Algorithm: sha256WithRSAEncryption
55:9c:a4:30:d1:c2:d1:ad:e2:fe:06:3c:43:77:f7:8c:a1:0d:
60:22:3f:94:4f:7d:37:b3:23:2c:d3:b3:65:f0:6a:da:d5:1b:
93:18:0c:b2:57:9c:6e:6b:d8:fa:94:71:5d:bf:61:77:c0:0a:
f5:ac:34:8b:2d:11:f1:9b:fe:18:c2:2f:26:12:68:d9:2e:bc:
48:bd:5e:31:ce:7c:11:f8:15:c8:99:d3:30:b5:50:d5:c0:e5:
cc:fe:cd:30:56:f9:f6:61:19:09:0a:09:54:b8:fd:db:cd:1d:
67:38:74:53:bb:b9:28:b2:94:9b:56:7a:4e:0c:d9:e3:aa:48:
94:84:f3:c8:0f:4f:34:c5:36:e0:4c:a6:89:14:1b:4f:21:58:
99:5c:d3:b7:65:9e:86:82:16:1d:82:68:16:79:ac:96:44:19:
82:e4:b0:cb:8a:b9:d0:16:e7:8f:04:bd:c1:20:16:c8:c0:81:
2d:8d:0f:06:1d:08:a1:d6:28:ce:cd:7a:c0:a4:95:ee:70:d0:
39:90:1f:3c:bf:62:87:c5:9a:fc:d4:b0:1d:b9:a9:63:a4:e7:
0a:d2:14:4a:1d:ee:35:da:ab:f3:a0:f0:bc:5d:c6:ac:f7:93:
b4:ae:ba:38:21:40:f4:03:27:c7:be:3b:1c:7e:b0:7f:5e:b9:
88:77:e2:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtgcPJ/Lk/yyz32iu9rn4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZDU3MDhmNDI5YWRhZGJhMWI0YTM4Yzk0ZGQ3NzY1NGFm
YWY5N2QwHhcNMjMwMTAxMTMyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk2ZjQ5Y2U5ZDcwYjkyYWJjYTc0ZmU2NjNhZmZmOWQ2N2RlOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7i/Z9vITysFmQSGQrqpX8PysECHN
xtJ7XUpibT6sdmBP/5/ELG/APcyXCY1X4aFhqybkAikqQN4wFahPLrwcrDrZsHRN
BcG07CkjwfbZ+KduRs92KlzCUftaFrwY8tll1EfCkHfVXddEXRuq81qUPnLCvgDb
YLKZw/CzGkmhAmka/zXTGywuML94xjTFZKceGQ443rPOVeUrqus1xqO4RV4cmO+x
ZytpkvOeWC8OsRSwZpTroVwzSRYLmyWFL28Q/Hc4VGSWzH1PTJKGUJiUH99Nskzp
CSVvHhz4m6Q8Sk7RW3IbE1zZg3u3DfM8DvwkjWkMPeZnVRv6O++9ViZY+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEGW9Jzp1wuSq8p0/mY6//nWfenRMB8GA1UdIwQY
MBaAFN3VcI9CmtrbobSjjJTdd2VK+vl9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEt
MjBlMWMzZTNmOGUyLzEvUVpiMG5PblhDNUtyeW5ULVpqcl8tZFo5NmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9kNzk0YTMtZjNhZS00ZmJlLTk4ZWEtMjBlMWMzZTNmOGUy
LzEvM2RWd2owS2EydHVodEtPTWxOMTNaVXI2LVgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDHylQMA0G
CSqGSIb3DQEBCwUAA4IBAQBVnKQw0cLRreL+BjxDd/eMoQ1gIj+UT303syMs07Nl
8Gra1RuTGAyyV5xua9j6lHFdv2F3wAr1rDSLLRHxm/4Ywi8mEmjZLrxIvV4xznwR
+BXImdMwtVDVwOXM/s0wVvn2YRkJCglUuP3bzR1nOHRTu7kospSbVnpODNnjqkiU
hPPID080xTbgTKaJFBtPIViZXNO3ZZ6GghYdgmgWeayWRBmC5LDLirnQFuePBL3B
IBbIwIEtjQ8GHQih1ijOzXrApJXucNA5kB88v2KHxZr81LAdualjpOcK0hRKHe41
2qvzoPC8Xcas95O0rro4IUD0AyfHvjscfrB/XrmId+L1
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:37 2024 by rpki-client on console-fra.rpki-client.org