Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/uD0KIHm-hQosUuqL-Vj3yA0d0yo.roa
File: uD0KIHm-hQosUuqL-Vj3yA0d0yo.roa (raw, json)
Hash identifier: j0E551X5DSyeK8vyE/o47RdUCXkGJ1e33T2jq2KcqbQ=
Subject key identifier: B8:3D:0A:20:79:BE:85:0A:2C:52:EA:8B:F9:58:F7:C8:0D:1D:D3:2A
Certificate issuer: /CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Certificate serial: 018570E768E27F76818B64DD589376BEF7C5
Authority key identifier: 86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/uD0KIHm-hQosUuqL-Vj3yA0d0yo.roa
Signing time: Mon 02 Jan 2023 05:14:51 +0000
ROA not before: Mon 02 Jan 2023 05:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44493
IP address blocks: 31.192.233.0/24 maxlen: 24
31.192.232.0/24 maxlen: 24
31.192.234.0/24 maxlen: 24
31.192.238.0/24 maxlen: 24
31.192.237.0/24 maxlen: 24
31.192.236.0/24 maxlen: 24
31.192.235.0/24 maxlen: 24
31.192.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Jun 2023 11:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:68:e2:7f:76:81:8b:64:dd:58:93:76:be:f7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cb742a03bc9c85507217a25204dfff82fccdf9
Validity
Not Before: Jan 2 05:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b83d0a2079be850a2c52ea8bf958f7c80d1dd32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:27:c7:07:60:74:e1:4f:d9:c3:8e:60:ac:30:
8f:a8:7f:f1:3c:3d:a6:7e:91:e5:dd:f2:b6:f2:58:
96:ca:2e:5b:51:a0:6d:db:ed:1a:ed:36:17:57:cf:
bf:27:a1:5b:f2:9f:01:f9:71:5d:50:4d:21:38:da:
57:0d:7d:d6:7e:fe:1e:8a:ad:12:11:59:8a:b9:80:
2d:9f:ad:d3:9d:63:82:a3:be:b0:9a:34:01:d4:90:
2e:a8:fc:1f:5e:f3:76:c0:98:d3:68:39:a1:85:7d:
97:98:24:20:85:3c:ea:3e:2c:7a:ea:5c:3c:79:30:
2f:0a:79:ef:ed:53:52:2a:03:f9:3a:41:38:91:80:
7d:4e:33:22:49:17:dc:cf:7b:eb:d2:ae:96:52:28:
5e:06:9c:fb:5a:84:96:47:71:92:93:18:94:0d:c5:
82:3f:b0:d9:c8:a3:ad:f9:45:f3:6d:0e:40:66:f5:
00:78:76:31:ef:f0:ae:cb:92:b6:30:57:8a:f5:fa:
02:6c:4a:24:e6:0c:20:e2:13:a6:92:9b:dd:4d:44:
d0:13:9a:d2:3a:ec:bd:4e:ee:67:47:6a:f3:47:86:
3d:30:65:2b:dc:d8:9b:cf:24:1a:b5:11:43:2a:ff:
1d:b8:bb:83:0e:d8:7e:3d:9c:17:20:af:79:7e:04:
16:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3D:0A:20:79:BE:85:0A:2C:52:EA:8B:F9:58:F7:C8:0D:1D:D3:2A
X509v3 Authority Key Identifier:
keyid:86:CB:74:2A:03:BC:9C:85:50:72:17:A2:52:04:DF:FF:82:FC:CD:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hst0KgO8nIVQcheiUgTf_4L8zfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/uD0KIHm-hQosUuqL-Vj3yA0d0yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/767ae5-b9a2-4993-81a8-05f18fc212a7/1/hst0KgO8nIVQcheiUgTf_4L8zfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.232.0/21
Signature Algorithm: sha256WithRSAEncryption
69:fb:fb:8b:ed:bc:3c:53:dc:d6:16:35:86:79:f4:54:f8:0e:
40:4b:69:07:81:84:30:90:de:79:a3:c4:98:21:70:95:c4:f7:
6d:ca:76:c5:0b:d6:02:53:7a:d2:4c:74:b9:be:bc:67:a7:d9:
0c:ee:66:4a:7a:45:25:b9:a0:f0:76:f2:41:b6:45:17:ad:dd:
c9:bc:d8:64:cb:a1:30:28:9a:17:94:9c:64:94:c8:86:83:e7:
c3:74:60:22:43:c8:50:07:3e:58:83:65:59:59:28:c7:90:a3:
92:a8:c9:e6:7c:c6:2b:0a:c3:cf:0c:57:83:f5:57:6a:ad:c0:
0c:12:e0:12:f6:22:a8:a3:c2:47:1c:d8:86:f3:54:f7:72:e7:
12:8c:a4:de:9b:f6:d2:f0:2a:27:ff:e6:50:59:cc:6b:37:5e:
32:c9:2c:a1:be:9e:04:57:2b:95:2a:a7:4a:2d:40:20:13:d3:
f4:4f:af:41:37:ba:2e:ad:6e:e9:85:85:43:c1:1a:11:2d:d8:
b7:f7:8e:3e:e4:24:f4:63:58:8c:4e:8e:ce:bd:b7:54:8d:46:
00:df:f8:18:ba:f5:27:21:d0:f6:29:38:df:8b:4d:1b:7b:6f:
08:e2:ec:5b:71:82:c0:03:32:da:d1:c5:f6:c9:3c:80:f5:5f:
be:a9:f2:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw52jif3aBi2TdWJN2vvfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2I3NDJhMDNiYzljODU1MDcyMTdhMjUyMDRkZmZmODJm
Y2NkZjkwHhcNMjMwMTAyMDUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODNkMGEyMDc5YmU4NTBhMmM1MmVhOGJmOTU4ZjdjODBkMWRkMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnifHB2B04U/Zw45grDCPqH/xPD2m
fpHl3fK28liWyi5bUaBt2+0a7TYXV8+/J6Fb8p8B+XFdUE0hONpXDX3Wfv4eiq0S
EVmKuYAtn63TnWOCo76wmjQB1JAuqPwfXvN2wJjTaDmhhX2XmCQghTzqPix66lw8
eTAvCnnv7VNSKgP5OkE4kYB9TjMiSRfcz3vr0q6WUiheBpz7WoSWR3GSkxiUDcWC
P7DZyKOt+UXzbQ5AZvUAeHYx7/Cuy5K2MFeK9foCbEok5gwg4hOmkpvdTUTQE5rS
Ouy9Tu5nR2rzR4Y9MGUr3NibzyQatRFDKv8duLuDDth+PZwXIK95fgQWRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLg9CiB5voUKLFLqi/lY98gNHdMqMB8GA1UdIwQY
MBaAFIbLdCoDvJyFUHIXolIE3/+C/M35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgt
MDVmMThmYzIxMmE3LzEvdUQwS0lIbS1oUW9zVXVxTC1WajN5QTBkMHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NjdhZTUtYjlhMi00OTkzLTgxYTgtMDVmMThmYzIxMmE3
LzEvaHN0MEtnTzhuSVZRY2hlaVVnVGZfNEw4emZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH8DoMA0G
CSqGSIb3DQEBCwUAA4IBAQBp+/uL7bw8U9zWFjWGefRU+A5AS2kHgYQwkN55o8SY
IXCVxPdtynbFC9YCU3rSTHS5vrxnp9kM7mZKekUluaDwdvJBtkUXrd3JvNhky6Ew
KJoXlJxklMiGg+fDdGAiQ8hQBz5Yg2VZWSjHkKOSqMnmfMYrCsPPDFeD9VdqrcAM
EuAS9iKoo8JHHNiG81T3cucSjKTem/bS8Con/+ZQWcxrN14yySyhvp4EVyuVKqdK
LUAgE9P0T69BN7ourW7phYVDwRoRLdi3944+5CT0Y1iMTo7OvbdUjUYA3/gYuvUn
IdD2KTjfi00be28I4uxbcYLAAzLa0cX2yTyA9V++qfIB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:20 2024 by rpki-client on console-fra.rpki-client.org