Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/u73SCFxBfPIjJRsHdfJ7RUCk_aE.roa
File: u73SCFxBfPIjJRsHdfJ7RUCk_aE.roa (raw, json)
Hash identifier: RLmlncznYCQbanK3BQR3QspTi+nSbBGlGTvoHO6qPWQ=
Subject key identifier: BB:BD:D2:08:5C:41:7C:F2:23:25:1B:07:75:F2:7B:45:40:A4:FD:A1
Certificate issuer: /CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Certificate serial: 01856D53D48DB7FB5A255396141D6697D829
Authority key identifier: DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/u73SCFxBfPIjJRsHdfJ7RUCk_aE.roa
Signing time: Sun 01 Jan 2023 12:34:48 +0000
ROA not before: Sun 01 Jan 2023 12:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15917
IP address blocks: 217.31.0.0/22 maxlen: 22
217.31.0.0/20 maxlen: 20
217.31.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d4:8d:b7:fb:5a:25:53:96:14:1d:66:97:d8:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de6640357ae4ae10fc0b3e9d98f2a0cb0118903c
Validity
Not Before: Jan 1 12:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbbdd2085c417cf223251b0775f27b4540a4fda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:1b:33:bb:1c:8d:75:60:ec:fc:ef:a5:9d:
c2:56:1f:29:0f:25:4e:9b:90:fc:9c:75:6f:90:1b:
a8:ec:ab:4c:0d:59:d9:0c:a7:23:9c:d7:a4:d5:85:
5e:ed:03:d8:6a:bc:84:15:e9:71:0a:42:2f:f7:2a:
62:70:31:4d:5c:97:53:c1:97:d3:e0:e9:e4:36:31:
d7:ff:04:a9:81:96:ab:75:d6:46:e6:67:4c:36:ba:
e6:4c:69:d5:a6:00:48:04:18:e2:fa:95:85:a3:23:
f3:0b:42:c2:5f:88:48:59:1a:d1:3a:4a:20:f5:71:
b1:cc:a2:18:de:cb:6f:e5:1f:7e:85:4b:48:f2:9c:
d1:82:6e:93:36:93:8a:54:ed:f5:d9:f5:f2:9e:2c:
c0:61:b0:3d:81:17:b8:1e:98:f6:c0:83:f5:ad:95:
0e:7c:be:66:bc:d2:ee:5a:ea:30:a1:90:28:f8:98:
19:cf:06:93:22:f6:25:1e:5d:5d:54:fc:96:e7:d3:
28:57:d6:da:43:d1:74:82:b9:c9:cd:94:5a:64:57:
72:57:09:62:5f:bc:71:b0:5e:00:f1:50:16:8c:31:
95:ed:c9:49:b0:4c:37:2e:bf:5d:e6:98:44:ba:94:
ec:60:70:70:34:f7:0c:2b:9e:fe:98:7a:17:23:1c:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BD:D2:08:5C:41:7C:F2:23:25:1B:07:75:F2:7B:45:40:A4:FD:A1
X509v3 Authority Key Identifier:
keyid:DE:66:40:35:7A:E4:AE:10:FC:0B:3E:9D:98:F2:A0:CB:01:18:90:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3mZANXrkrhD8Cz6dmPKgywEYkDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/u73SCFxBfPIjJRsHdfJ7RUCk_aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/ad19c0-0025-4c49-8480-ff97f62a0945/1/3mZANXrkrhD8Cz6dmPKgywEYkDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.31.0.0/20
Signature Algorithm: sha256WithRSAEncryption
78:01:9a:70:9e:63:77:a7:ef:30:72:eb:d8:14:f2:3f:4d:65:
98:af:3b:c7:23:50:8e:d7:5f:99:b1:29:a0:b2:85:18:94:e7:
c4:81:90:b3:9e:b3:aa:fc:e3:b1:d5:40:72:25:f0:69:ed:67:
f2:08:3a:fe:c2:d4:8b:d8:72:e6:c1:08:d0:9b:00:d6:35:f7:
8e:f4:ec:ec:94:77:bf:90:8e:e9:4c:23:41:bb:ad:11:70:f4:
c9:05:e1:5d:e8:c3:64:13:11:96:05:2d:6c:54:7d:46:6c:79:
a3:8a:bc:b7:c6:ef:a1:a6:d6:c1:73:df:55:7b:19:05:46:44:
0c:51:95:9e:25:7a:79:0a:f1:d1:e3:26:de:6a:b5:5c:f2:6d:
32:64:06:7f:c1:69:57:38:a8:eb:7b:97:90:e8:cc:2e:52:a8:
c9:0d:72:2b:12:ae:40:11:c9:bf:68:92:84:bc:d7:d8:84:95:
a5:e5:7d:94:11:07:f1:d6:bb:bc:d9:34:38:21:8c:a0:05:7c:
11:5f:a4:e1:06:3c:2e:b7:aa:34:aa:6e:88:7c:c1:d2:8e:04:
46:b3:42:84:d3:e6:c7:d1:55:51:52:76:ea:a5:67:89:de:7f:
24:bf:be:dc:34:68:c3:e9:1c:57:c0:d0:bd:93:79:d8:95:93:
47:9e:ad:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9SNt/taJVOWFB1ml9gpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNjY0MDM1N2FlNGFlMTBmYzBiM2U5ZDk4ZjJhMGNiMDEx
ODkwM2MwHhcNMjMwMTAxMTIzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJkZDIwODVjNDE3Y2YyMjMyNTFiMDc3NWYyN2I0NTQwYTRmZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq4bM7scjXVg7PzvpZ3CVh8pDyVO
m5D8nHVvkBuo7KtMDVnZDKcjnNek1YVe7QPYaryEFelxCkIv9ypicDFNXJdTwZfT
4OnkNjHX/wSpgZarddZG5mdMNrrmTGnVpgBIBBji+pWFoyPzC0LCX4hIWRrROkog
9XGxzKIY3stv5R9+hUtI8pzRgm6TNpOKVO312fXynizAYbA9gRe4Hpj2wIP1rZUO
fL5mvNLuWuowoZAo+JgZzwaTIvYlHl1dVPyW59MoV9baQ9F0grnJzZRaZFdyVwli
X7xxsF4A8VAWjDGV7clJsEw3Lr9d5phEupTsYHBwNPcMK57+mHoXIxw01wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLu90ghcQXzyIyUbB3Xye0VApP2hMB8GA1UdIwQY
MBaAFN5mQDV65K4Q/As+nZjyoMsBGJA8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAt
ZmY5N2Y2MmEwOTQ1LzEvdTczU0NGeEJmUElqSlJzSGRmSjdSVUNrX2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9hZDE5YzAtMDAyNS00YzQ5LTg0ODAtZmY5N2Y2MmEwOTQ1
LzEvM21aQU5YcmtyaEQ4Q3o2ZG1QS2d5d0VZa0R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R8AMA0G
CSqGSIb3DQEBCwUAA4IBAQB4AZpwnmN3p+8wcuvYFPI/TWWYrzvHI1CO11+ZsSmg
soUYlOfEgZCznrOq/OOx1UByJfBp7WfyCDr+wtSL2HLmwQjQmwDWNfeO9OzslHe/
kI7pTCNBu60RcPTJBeFd6MNkExGWBS1sVH1GbHmjiry3xu+hptbBc99VexkFRkQM
UZWeJXp5CvHR4ybearVc8m0yZAZ/wWlXOKjre5eQ6MwuUqjJDXIrEq5AEcm/aJKE
vNfYhJWl5X2UEQfx1ru82TQ4IYygBXwRX6ThBjwut6o0qm6IfMHSjgRGs0KE0+bH
0VVRUnbqpWeJ3n8kv77cNGjD6RxXwNC9k3nYlZNHnq2+
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:14:55 2024 by rpki-client on console.sobornost.net