Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/4F-7_5KLhZ4uy2zbjPeHi5LGpOY.roa
File: 4F-7_5KLhZ4uy2zbjPeHi5LGpOY.roa (raw, json)
Hash identifier: f0BAzE8EqEkojmO+mSDjg6M9I89qhJJukolXsA3EPts=
Subject key identifier: E0:5F:BB:FF:92:8B:85:9E:2E:CB:6C:DB:8C:F7:87:8B:92:C6:A4:E6
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 0185708CE17F3B64A28184BB90F1BF66F206
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/4F-7_5KLhZ4uy2zbjPeHi5LGpOY.roa
Signing time: Mon 02 Jan 2023 03:35:58 +0000
ROA not before: Mon 02 Jan 2023 03:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197618
IP address blocks: 31.29.96.0/19 maxlen: 19
31.29.99.0/24 maxlen: 24
31.29.110.0/24 maxlen: 24
31.29.111.0/24 maxlen: 24
31.29.115.0/24 maxlen: 24
31.29.116.0/23 maxlen: 23
31.29.120.0/24 maxlen: 24
31.29.126.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e1:7f:3b:64:a2:81:84:bb:90:f1:bf:66:f2:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jan 2 03:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e05fbbff928b859e2ecb6cdb8cf7878b92c6a4e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:13:1f:10:43:62:9c:d0:83:f6:95:3f:38:2a:
43:44:73:10:ba:7b:0d:7f:3b:a8:a8:7f:86:82:f0:
72:05:d7:87:61:61:c3:3e:55:3f:d8:f0:fa:94:46:
99:e0:98:61:d0:ef:7f:ea:60:26:77:78:20:e6:67:
bf:d9:67:84:c4:f2:f5:49:51:e4:ef:35:a4:32:28:
95:67:21:19:20:4c:9f:fb:e5:da:ad:13:34:a5:90:
36:c0:42:bb:0f:06:cc:30:21:7b:50:10:17:dc:04:
71:6f:a6:59:7b:cb:f2:3c:c9:ea:9a:c6:3e:5d:d6:
9a:0d:8c:50:18:56:ed:38:cc:c2:cc:20:63:90:ec:
83:6c:01:ce:82:3e:76:aa:8e:9a:25:56:95:41:39:
c3:2c:b3:a0:f4:1a:db:3b:12:da:59:02:f0:07:6e:
3d:26:0e:ab:20:64:20:6c:92:ae:a0:32:71:4b:94:
12:81:aa:eb:76:e4:c8:fd:57:73:33:eb:c9:6d:ab:
a7:ab:44:38:27:4b:fc:3a:a0:c2:6e:9b:10:75:f4:
44:df:ca:a8:95:4a:89:54:6b:e2:e4:19:30:e5:1b:
93:d0:42:07:08:65:69:03:4a:e8:8c:a2:ea:bb:a2:
8e:5e:cf:39:9a:7d:84:37:ef:6b:5a:2e:0e:36:8d:
ca:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5F:BB:FF:92:8B:85:9E:2E:CB:6C:DB:8C:F7:87:8B:92:C6:A4:E6
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/4F-7_5KLhZ4uy2zbjPeHi5LGpOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.96.0/19
Signature Algorithm: sha256WithRSAEncryption
35:66:4d:a7:f5:09:2e:af:83:b6:5b:ba:55:86:67:0a:c2:26:
d9:20:2d:4f:d8:f8:1f:3b:9d:96:e3:ca:8c:59:cd:67:95:36:
96:03:e6:4a:7e:8b:e1:08:f3:f8:60:a0:b6:54:45:da:e2:db:
74:a1:64:7c:1c:1f:b3:ba:e5:10:b4:db:25:ac:8b:ab:0a:75:
5b:0c:7e:07:d9:5e:9d:0c:50:eb:70:af:29:42:eb:b7:32:7d:
70:d3:55:7a:63:41:93:c1:8c:c5:9d:74:e8:3b:ff:b6:fe:f6:
56:2a:11:32:e5:41:60:9d:f4:86:a3:4b:82:42:9d:d4:b3:5b:
7f:b8:07:82:f5:1a:fd:f7:8c:fc:06:17:cd:c1:44:bd:1a:04:
3e:43:a4:3e:b5:e1:b6:b9:a6:c4:b9:23:46:63:2c:6a:32:6d:
88:80:4c:47:dc:f2:b7:e5:c7:c9:e0:0a:3b:40:88:7e:a7:03:
f5:25:a5:0f:6e:24:95:97:60:10:65:f9:6a:42:69:76:b7:0e:
b8:4f:d7:ae:45:b0:91:df:51:d9:52:e3:69:ac:fe:03:0f:cf:
cc:cb:2d:cb:f7:d5:e0:ec:7f:75:65:55:8e:67:1c:2c:28:d9:
ef:67:f1:a3:54:fb:2c:01:6b:61:ca:82:5b:d2:02:89:0d:da:
29:7a:a7:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOF/O2SigYS7kPG/ZvIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDVmYmJmZjkyOGI4NTllMmVjYjZjZGI4Y2Y3ODc4YjkyYzZhNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBMfEENinNCD9pU/OCpDRHMQunsN
fzuoqH+GgvByBdeHYWHDPlU/2PD6lEaZ4Jhh0O9/6mAmd3gg5me/2WeExPL1SVHk
7zWkMiiVZyEZIEyf++XarRM0pZA2wEK7DwbMMCF7UBAX3ARxb6ZZe8vyPMnqmsY+
XdaaDYxQGFbtOMzCzCBjkOyDbAHOgj52qo6aJVaVQTnDLLOg9BrbOxLaWQLwB249
Jg6rIGQgbJKuoDJxS5QSgarrduTI/VdzM+vJbaunq0Q4J0v8OqDCbpsQdfRE38qo
lUqJVGvi5Bkw5RuT0EIHCGVpA0rojKLqu6KOXs85mn2EN+9rWi4ONo3KDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBfu/+Si4WeLsts24z3h4uSxqTmMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvNEYtN181S0xoWjR1eTJ6YmpQZUhpNUxHcE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFHx1gMA0G
CSqGSIb3DQEBCwUAA4IBAQA1Zk2n9Qkur4O2W7pVhmcKwibZIC1P2PgfO52W48qM
Wc1nlTaWA+ZKfovhCPP4YKC2VEXa4tt0oWR8HB+zuuUQtNslrIurCnVbDH4H2V6d
DFDrcK8pQuu3Mn1w01V6Y0GTwYzFnXToO/+2/vZWKhEy5UFgnfSGo0uCQp3Us1t/
uAeC9Rr994z8BhfNwUS9GgQ+Q6Q+teG2uabEuSNGYyxqMm2IgExH3PK35cfJ4Ao7
QIh+pwP1JaUPbiSVl2AQZflqQml2tw64T9euRbCR31HZUuNprP4DD8/Myy3L99Xg
7H91ZVWOZxwsKNnvZ/GjVPssAWthyoJb0gKJDdopeqeG
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:56 2023 by rpki-client on console.sobornost.net