Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/QmTAeDq0h8aKVgJ1RC9PH5ujGz0.roa
File: QmTAeDq0h8aKVgJ1RC9PH5ujGz0.roa (raw, json)
Hash identifier: XIgqAnieAcnuaeCMkfTnFMUtJuV8wO5nUcA9zj7uKsQ=
Subject key identifier: 42:64:C0:78:3A:B4:87:C6:8A:56:02:75:44:2F:4F:1F:9B:A3:1B:3D
Certificate issuer: /CN=8e1179f0a35cf07c1629672662866ca001f75bd3
Certificate serial: 018AA7C48A2CE88ED530C8734DA0A3F64D30
Authority key identifier: 8E:11:79:F0:A3:5C:F0:7C:16:29:67:26:62:86:6C:A0:01:F7:5B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhF58KNc8HwWKWcmYoZsoAH3W9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/QmTAeDq0h8aKVgJ1RC9PH5ujGz0.roa
Signing time: Mon 18 Sep 2023 10:09:50 +0000
ROA not before: Mon 18 Sep 2023 10:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48595
IP address blocks: 31.131.128.0/21 maxlen: 21
31.131.136.0/22 maxlen: 22
31.131.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:c4:8a:2c:e8:8e:d5:30:c8:73:4d:a0:a3:f6:4d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1179f0a35cf07c1629672662866ca001f75bd3
Validity
Not Before: Sep 18 10:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4264c0783ab487c68a560275442f4f1f9ba31b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:07:a8:41:5d:91:49:55:15:1a:fe:80:e8:2c:
4c:99:b4:67:d4:51:e1:b2:69:1f:dc:b3:72:22:66:
e3:a9:6e:0b:37:43:e4:33:f1:64:ae:cb:81:29:4a:
d8:7d:f3:9f:ed:60:8b:0c:7c:7f:64:f8:21:c0:c8:
ac:99:35:5f:92:89:ef:53:df:a8:eb:77:c1:e5:64:
50:f7:ef:8c:5d:e9:f1:38:e1:2e:37:ae:73:01:df:
d0:53:02:35:94:df:47:f4:18:76:07:a2:37:2a:b2:
76:39:93:9c:34:1f:be:0a:6b:5b:cc:a5:8e:98:f4:
c4:3b:28:75:dc:e7:e6:0e:5d:fd:a7:a4:d3:c9:f9:
0b:fc:20:82:a2:ab:91:71:ea:3c:46:b6:17:de:85:
b7:a9:31:a1:2f:b3:b1:b8:63:e0:a4:1c:74:d4:52:
77:13:35:ce:65:1f:50:fb:b9:eb:71:1b:3c:57:c3:
5c:8f:cc:e2:b4:94:3d:92:d3:2b:00:16:18:06:56:
d6:95:1b:4b:0f:65:87:e0:f3:7d:12:70:81:41:2b:
d0:39:8d:5d:98:d3:21:80:ba:24:e6:e9:a5:2c:44:
f9:a9:30:dd:1c:eb:de:80:e0:63:83:a2:9c:0e:5c:
fc:e2:2f:b5:4b:e8:03:c9:8e:19:34:3f:94:2a:11:
fb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:64:C0:78:3A:B4:87:C6:8A:56:02:75:44:2F:4F:1F:9B:A3:1B:3D
X509v3 Authority Key Identifier:
keyid:8E:11:79:F0:A3:5C:F0:7C:16:29:67:26:62:86:6C:A0:01:F7:5B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhF58KNc8HwWKWcmYoZsoAH3W9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/QmTAeDq0h8aKVgJ1RC9PH5ujGz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/jhF58KNc8HwWKWcmYoZsoAH3W9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.128.0-31.131.139.255
Signature Algorithm: sha256WithRSAEncryption
af:31:9f:eb:4e:16:a4:f1:0f:5c:a7:e0:b1:a4:a4:37:a8:25:
ff:1e:f3:5a:ae:fd:48:02:92:78:4e:f4:78:17:50:2e:20:82:
e2:38:eb:76:43:60:75:aa:4c:c6:86:96:e4:2f:b9:49:04:a9:
c0:5a:97:db:13:54:5e:0b:16:87:6d:68:e2:f2:97:35:31:53:
ad:ae:f9:32:6d:b8:18:61:d9:a3:da:e0:2e:d0:92:0f:b5:ad:
81:9e:ed:01:55:91:53:f2:d0:fd:47:e7:c9:f9:0e:aa:56:79:
97:e9:59:11:eb:06:b8:56:ae:26:84:36:6e:62:b8:ca:57:a2:
57:cc:90:05:13:54:34:59:2e:28:6e:29:f1:88:7f:cb:48:32:
9f:d9:30:0a:35:6a:7f:56:7a:6e:ea:7d:6a:84:0e:a0:8f:77:
7f:14:7b:a5:f7:d9:2e:00:d6:c5:52:fe:6d:f7:79:69:26:a4:
61:1e:04:59:86:fa:c3:39:1b:b3:86:c4:72:ad:45:a5:34:73:
ae:c7:78:86:df:36:f3:e8:7a:69:6c:f7:42:96:19:54:0d:77:
7a:d0:6e:28:01:c5:04:41:14:3a:38:e2:80:46:0f:0e:96:e5:
c0:4c:f3:92:19:cf:16:11:21:f1:54:08:0f:2c:e3:e9:a7:9b:
52:6b:5f:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqnxIos6I7VMMhzTaCj9k0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTE3OWYwYTM1Y2YwN2MxNjI5NjcyNjYyODY2Y2EwMDFm
NzViZDMwHhcNMjMwOTE4MTAwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjY0YzA3ODNhYjQ4N2M2OGE1NjAyNzU0NDJmNGYxZjliYTMxYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgeoQV2RSVUVGv6A6CxMmbRn1FHh
smkf3LNyImbjqW4LN0PkM/FkrsuBKUrYffOf7WCLDHx/ZPghwMismTVfkonvU9+o
63fB5WRQ9++MXenxOOEuN65zAd/QUwI1lN9H9Bh2B6I3KrJ2OZOcNB++CmtbzKWO
mPTEOyh13OfmDl39p6TTyfkL/CCCoquRceo8RrYX3oW3qTGhL7OxuGPgpBx01FJ3
EzXOZR9Q+7nrcRs8V8Ncj8zitJQ9ktMrABYYBlbWlRtLD2WH4PN9EnCBQSvQOY1d
mNMhgLok5umlLET5qTDdHOvegOBjg6KcDlz84i+1S+gDyY4ZND+UKhH7zwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEJkwHg6tIfGilYCdUQvTx+boxs9MB8GA1UdIwQY
MBaAFI4RefCjXPB8FilnJmKGbKAB91vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhGNThLTmM4SHdXS1djbVlvWnNvQUgzVzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lZThmOTAtZWYyYi00M2MwLWIwYzAt
NGNiYzY3MjE5YjRhLzEvUW1UQWVEcTBoOGFLVmdKMVJDOVBINXVqR3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lZThmOTAtZWYyYi00M2MwLWIwYzAtNGNiYzY3MjE5YjRh
LzEvamhGNThLTmM4SHdXS1djbVlvWnNvQUgzVzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAcfg4AD
BAIfg4gwDQYJKoZIhvcNAQELBQADggEBAK8xn+tOFqTxD1yn4LGkpDeoJf8e81qu
/UgCknhO9HgXUC4gguI463ZDYHWqTMaGluQvuUkEqcBal9sTVF4LFodtaOLylzUx
U62u+TJtuBhh2aPa4C7Qkg+1rYGe7QFVkVPy0P1H58n5DqpWeZfpWRHrBrhWriaE
Nm5iuMpXolfMkAUTVDRZLihuKfGIf8tIMp/ZMAo1an9Wem7qfWqEDqCPd38Ue6X3
2S4A1sVS/m33eWkmpGEeBFmG+sM5G7OGxHKtRaU0c67HeIbfNvPoemls90KWGVQN
d3rQbigBxQRBFDo44oBGDw6W5cBM85IZzxYRIfFUCA8s4+mnm1JrXy0=
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:07 2024 by rpki-client on console.sobornost.net