Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/XKJOMOo9vl8U9lOaTDoMlHTN33Q.roa
File: XKJOMOo9vl8U9lOaTDoMlHTN33Q.roa (raw, json)
Hash identifier: ohQqkFzNJvnkZW+g2ax/RpZDF3oyRWFx9w4mrvfDB9w=
Subject key identifier: 5C:A2:4E:30:EA:3D:BE:5F:14:F6:53:9A:4C:3A:0C:94:74:CD:DF:74
Certificate issuer: /CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Certificate serial: 018571957D49068D0433D45966D0C8176840
Authority key identifier: 8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/XKJOMOo9vl8U9lOaTDoMlHTN33Q.roa
Signing time: Mon 02 Jan 2023 08:25:00 +0000
ROA not before: Mon 02 Jan 2023 08:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56554
IP address blocks: 31.130.224.0/20 maxlen: 24
31.133.128.0/18 maxlen: 24
2001:67c:1230::/46 maxlen: 48
2001:67c:370::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:7d:49:06:8d:04:33:d4:59:66:d0:c8:17:68:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a566885a1d6d5544546cd285d86c4effeaa3c2c
Validity
Not Before: Jan 2 08:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca24e30ea3dbe5f14f6539a4c3a0c9474cddf74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a7:f3:d1:7a:15:13:d5:42:94:60:c7:85:08:
d5:87:4b:37:89:f6:65:7d:93:f3:33:83:34:1c:40:
e8:01:b3:7f:2d:39:d6:22:78:60:5b:58:ca:25:d9:
5b:f3:5e:99:d8:05:93:1a:82:17:6d:08:31:c9:c3:
e2:ea:37:69:b4:b2:89:f0:e1:4d:b3:c6:b1:b1:cd:
69:1c:cc:b9:45:98:58:4c:54:28:2f:67:57:34:26:
60:26:34:a3:9b:d9:0d:8a:e2:d9:fa:0e:86:07:f9:
c2:4c:57:16:ce:b2:70:68:63:3a:c6:b4:42:ff:2c:
25:be:f0:09:86:7e:ec:2c:30:3c:a9:b2:c9:31:c9:
0a:c3:3a:92:93:28:88:30:df:f6:ac:a6:d4:1c:12:
b2:a1:9e:ae:cf:96:88:55:74:a4:b8:ee:1b:3e:1d:
90:10:71:98:74:38:de:4e:29:c7:d5:44:f0:4f:b6:
f3:aa:08:10:b1:38:bf:3c:66:82:49:23:91:9c:4e:
96:45:fb:0c:90:78:25:22:f2:67:4c:43:dc:58:07:
b7:d9:8d:50:ea:a8:3a:00:ab:4b:df:a8:b8:54:c1:
a2:9c:3b:06:44:67:16:89:ea:1f:9f:56:62:60:05:
d6:b1:cf:be:33:56:ac:a3:56:d8:35:7c:5f:fb:7f:
27:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A2:4E:30:EA:3D:BE:5F:14:F6:53:9A:4C:3A:0C:94:74:CD:DF:74
X509v3 Authority Key Identifier:
keyid:8A:56:68:85:A1:D6:D5:54:45:46:CD:28:5D:86:C4:EF:FE:AA:3C:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilZohaHW1VRFRs0oXYbE7_6qPCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/XKJOMOo9vl8U9lOaTDoMlHTN33Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/dcfbc7-64b8-4c91-89a0-1af05a2237c3/1/ilZohaHW1VRFRs0oXYbE7_6qPCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.224.0/20
31.133.128.0/18
IPv6:
2001:67c:370::/48
2001:67c:1230::/46
Signature Algorithm: sha256WithRSAEncryption
83:00:b7:6e:92:5c:f2:2f:85:ac:61:43:3a:42:c0:07:6c:e6:
e8:5e:76:be:74:f9:b1:42:59:75:a1:60:4b:08:b0:c4:9f:23:
28:19:e3:8e:86:82:06:8b:e8:16:6b:88:5e:55:27:d3:98:80:
a6:53:42:fb:35:b9:fd:b4:f2:6f:f1:e3:03:69:bc:3a:d1:bf:
39:71:1d:e4:43:c3:0c:29:33:1f:85:b8:dd:7f:19:1d:2e:bb:
e1:f1:2e:7c:a9:6f:04:01:29:46:2d:32:69:d3:8e:99:e8:74:
1e:26:ab:76:e3:29:f9:54:74:80:7b:12:5f:b8:d8:e6:f2:e7:
39:86:bb:54:6c:0c:28:af:27:f9:15:09:f1:dd:f0:42:6b:ad:
24:f3:3b:ce:1a:56:e2:2b:23:ba:c9:70:b5:74:14:47:3a:07:
23:71:66:eb:64:ce:39:b7:48:b6:41:3a:27:66:68:d3:f8:0f:
b3:a2:22:85:c5:24:23:2a:8a:13:16:3d:13:a6:8f:3d:91:6a:
54:08:2a:21:8a:82:7a:a9:c2:dc:00:2e:5e:dd:7f:74:3c:8b:
d1:d6:89:05:3c:10:b8:52:31:1f:c4:88:36:7c:f8:25:be:14:
3c:5b:f5:a7:06:32:76:68:c8:05:6f:da:be:a5:10:cf:ea:32:
e1:c5:86:ef
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxlX1JBo0EM9RZZtDIF2hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTY2ODg1YTFkNmQ1NTQ0NTQ2Y2QyODVkODZjNGVmZmVh
YTNjMmMwHhcNMjMwMTAyMDgyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2EyNGUzMGVhM2RiZTVmMTRmNjUzOWE0YzNhMGM5NDc0Y2RkZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkafz0XoVE9VClGDHhQjVh0s3ifZl
fZPzM4M0HEDoAbN/LTnWInhgW1jKJdlb816Z2AWTGoIXbQgxycPi6jdptLKJ8OFN
s8axsc1pHMy5RZhYTFQoL2dXNCZgJjSjm9kNiuLZ+g6GB/nCTFcWzrJwaGM6xrRC
/ywlvvAJhn7sLDA8qbLJMckKwzqSkyiIMN/2rKbUHBKyoZ6uz5aIVXSkuO4bPh2Q
EHGYdDjeTinH1UTwT7bzqggQsTi/PGaCSSORnE6WRfsMkHglIvJnTEPcWAe32Y1Q
6qg6AKtL36i4VMGinDsGRGcWieofn1ZiYAXWsc++M1aso1bYNXxf+38nvQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFFyiTjDqPb5fFPZTmkw6DJR0zd90MB8GA1UdIwQY
MBaAFIpWaIWh1tVURUbNKF2GxO/+qjwsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxab2hhSFcxVlJGUnMwb1hZYkU3XzZxUEN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kY2ZiYzctNjRiOC00YzkxLTg5YTAt
MWFmMDVhMjIzN2MzLzEvWEtKT01Pbzl2bDhVOWxPYVREb01sSFROMzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kY2ZiYzctNjRiOC00YzkxLTg5YTAtMWFmMDVhMjIzN2Mz
LzEvaWxab2hhSFcxVlJGUnMwb1hZYkU3XzZxUEN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQEH4LgAwQG
H4WAMBgEAgACMBIDBwAgAQZ8A3ADBwIgAQZ8EjAwDQYJKoZIhvcNAQELBQADggEB
AIMAt26SXPIvhaxhQzpCwAds5uhedr50+bFCWXWhYEsIsMSfIygZ446GggaL6BZr
iF5VJ9OYgKZTQvs1uf208m/x4wNpvDrRvzlxHeRDwwwpMx+FuN1/GR0uu+HxLnyp
bwQBKUYtMmnTjpnodB4mq3bjKflUdIB7El+42Oby5zmGu1RsDCivJ/kVCfHd8EJr
rSTzO84aVuIrI7rJcLV0FEc6ByNxZutkzjm3SLZBOidmaNP4D7OiIoXFJCMqihMW
PROmjz2RalQIKiGKgnqpwtwALl7df3Q8i9HWiQU8ELhSMR/EiDZ8+CW+FDxb9acG
MnZoyAVv2r6lEM/qMuHFhu8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:15:07 2024 by rpki-client on console.sobornost.net