Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-K-KAkrrvYdASn4nADvRvAjG_jw.roa
File: 1-K-KAkrrvYdASn4nADvRvAjG_jw.roa (raw, json)
Hash identifier: 1RFchwU8HFu+iFiy+FbZrXDrWCgFfchXkJhBezdSWi4=
Subject key identifier: F8:AF:8A:02:4A:EB:BD:87:40:4A:7E:27:00:3B:D1:BC:08:C6:FE:3C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018EE4F2C8A3355CA14A79AC8E681817B907
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-K-KAkrrvYdASn4nADvRvAjG_jw.roa
Signing time: Tue 16 Apr 2024 03:28:20 +0000
ROA not before: Tue 16 Apr 2024 03:28:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215623
IP address blocks: 31.15.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 03:19:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e4:f2:c8:a3:35:5c:a1:4a:79:ac:8e:68:18:17:b9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 16 03:28:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8af8a024aebbd87404a7e27003bd1bc08c6fe3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:69:cc:4c:f0:08:41:85:c3:ef:94:0e:e0:59:
d9:c8:35:d2:db:46:0b:9f:15:b6:ac:da:22:d3:7b:
63:3f:98:5a:15:c3:9f:1f:52:47:01:1f:27:9f:ec:
57:fc:67:3f:0a:99:a9:4e:85:d7:21:25:bf:c5:28:
12:e8:5d:6f:37:cf:9d:62:0b:b2:90:77:76:d1:00:
85:41:1e:c3:9a:8b:03:dd:66:41:de:4e:a1:e3:f3:
c2:a8:7e:94:d2:26:7f:c8:14:ce:04:b3:ba:47:03:
e1:96:94:85:f7:ff:fb:08:a1:78:a1:5f:bd:40:33:
23:71:a7:45:80:c5:ab:36:14:be:2a:50:6e:5d:f5:
60:33:8d:86:69:e9:66:71:ff:99:d0:b0:bd:26:4e:
80:b6:57:d2:25:2d:95:3e:06:3a:24:d9:87:46:c0:
fa:5f:c1:81:6b:cb:72:6b:0c:d8:5f:b7:f2:d6:fc:
fb:0b:1c:23:22:50:80:5c:12:b2:40:9b:9a:07:82:
86:ae:d3:c7:21:3f:9e:62:e4:4b:ce:b4:7d:d6:08:
08:bd:15:b8:c8:ea:1c:af:cc:c7:bd:25:7b:a7:e9:
56:a5:67:11:f3:39:dd:1b:24:dd:0e:56:92:8c:a1:
6f:7f:b2:4d:8d:82:2f:88:31:64:d0:80:76:16:fd:
17:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AF:8A:02:4A:EB:BD:87:40:4A:7E:27:00:3B:D1:BC:08:C6:FE:3C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/1-K-KAkrrvYdASn4nADvRvAjG_jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:4a:66:4e:76:1c:0e:25:95:96:ba:e4:4c:c4:13:84:b4:fd:
cf:00:cc:6b:43:9c:d8:d4:c5:b9:e1:6c:17:2a:c7:9c:2e:97:
38:00:4c:3b:b0:5c:cc:6f:64:6c:99:df:67:fd:86:56:6a:fc:
96:8e:85:91:53:0b:f9:03:58:9f:06:29:9b:93:8b:8a:15:c8:
02:a6:83:67:29:de:c7:d5:f8:8c:31:a0:52:63:67:65:d0:b0:
dd:a8:5b:65:57:b5:ae:9c:87:2a:7f:b1:59:cb:10:dc:d1:6b:
c5:b5:4d:a6:bc:59:d3:80:47:e3:d8:bd:13:ec:fa:25:73:bf:
4c:6b:e7:04:f5:ee:15:82:bc:f5:1c:66:bb:ae:b6:34:c8:2e:
a4:2d:aa:ed:61:68:71:43:40:11:a1:8b:f5:dc:fa:c9:a6:9e:
0e:ec:09:74:2f:b1:62:21:69:3a:11:95:30:0a:0a:1b:9b:79:
56:69:a1:86:0c:10:f2:3b:ec:01:9c:b8:39:5f:bf:f8:7f:45:
d8:cf:a5:cf:73:65:da:ca:2a:7b:96:45:cd:e2:39:f1:51:b4:
a2:00:86:69:08:88:af:84:eb:ba:ac:43:d9:1c:73:e8:fd:de:
18:94:72:ee:31:f9:bf:4a:fa:6b:b9:49:91:7d:db:c1:47:55:
e0:5f:3a:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY7k8sijNVyhSnmsjmgYF7kHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDE2MDMyODIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFmOGEwMjRhZWJiZDg3NDA0YTdlMjcwMDNiZDFiYzA4YzZmZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGnMTPAIQYXD75QO4FnZyDXS20YL
nxW2rNoi03tjP5haFcOfH1JHAR8nn+xX/Gc/CpmpToXXISW/xSgS6F1vN8+dYguy
kHd20QCFQR7DmosD3WZB3k6h4/PCqH6U0iZ/yBTOBLO6RwPhlpSF9//7CKF4oV+9
QDMjcadFgMWrNhS+KlBuXfVgM42Gaelmcf+Z0LC9Jk6AtlfSJS2VPgY6JNmHRsD6
X8GBa8tyawzYX7fy1vz7CxwjIlCAXBKyQJuaB4KGrtPHIT+eYuRLzrR91ggIvRW4
yOocr8zHvSV7p+lWpWcR8zndGyTdDlaSjKFvf7JNjYIviDFk0IB2Fv0X5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPivigJK672HQEp+JwA70bwIxv48MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMS1LLUtBa3JydllkQVNuNG5BRHZSdkFqR19qdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmUvMWZhNmEzLThkYzUtNGMzNS1hNDliLTE3MWMzNjdiZTc4
Mi8xL2RRaEhYX0RZN0pZRE5nRnVEZ1FpR3BqbDdQSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8PFTAN
BgkqhkiG9w0BAQsFAAOCAQEAw0pmTnYcDiWVlrrkTMQThLT9zwDMa0Oc2NTFueFs
FyrHnC6XOABMO7BczG9kbJnfZ/2GVmr8lo6FkVML+QNYnwYpm5OLihXIAqaDZyne
x9X4jDGgUmNnZdCw3ahbZVe1rpyHKn+xWcsQ3NFrxbVNprxZ04BH49i9E+z6JXO/
TGvnBPXuFYK89Rxmu662NMgupC2q7WFocUNAEaGL9dz6yaaeDuwJdC+xYiFpOhGV
MAoKG5t5VmmhhgwQ8jvsAZy4OV+/+H9F2M+lz3Nl2soqe5ZFzeI58VG0ogCGaQiI
r4TruqxD2Rxz6P3eGJRy7jH5v0r6a7lJkX3bwUdV4F86hQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:08 2025 by rpki-client