Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/Z_70FHAWtDbWm_zAqsKW0zfJwqI.roa
File: Z_70FHAWtDbWm_zAqsKW0zfJwqI.roa (raw, json)
Hash identifier: D4k+VTXpWfcLq3ekDcvdWlCgxqaM0BCmKPDjF/xUz8c=
Subject key identifier: 67:FE:F4:14:70:16:B4:36:D6:9B:FC:C0:AA:C2:96:D3:37:C9:C2:A2
Certificate issuer: /CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Certificate serial: 0186123DDC7DE6E04D0D7064070481C565AB
Authority key identifier: 3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/Z_70FHAWtDbWm_zAqsKW0zfJwqI.roa
Signing time: Thu 02 Feb 2023 13:08:09 +0000
ROA not before: Thu 02 Feb 2023 13:08:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204326
IP address blocks: 31.132.40.0/22 maxlen: 24
185.18.240.0/22 maxlen: 24
171.22.92.0/22 maxlen: 24
2a0d:9f40::/29 maxlen: 48
2a09:3cc0::/29 maxlen: 48
2a04:d00::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:12:3d:dc:7d:e6:e0:4d:0d:70:64:07:04:81:c5:65:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1e3fddf7884d785a708fd4e664b62de910ebe8
Validity
Not Before: Feb 2 13:08:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67fef4147016b436d69bfcc0aac296d337c9c2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4b:e2:4d:c9:95:eb:3c:ef:c2:3a:f2:f8:c9:
96:7b:40:c3:b6:55:61:a6:be:ae:e9:0c:70:d3:fc:
c7:67:37:9a:99:18:5f:98:be:d8:9d:8f:a6:33:c1:
ec:0e:11:37:a5:8d:d3:70:21:ea:3e:84:db:79:80:
0c:7a:12:ec:79:43:98:24:67:24:b0:c5:53:73:fb:
b8:2c:e1:08:65:23:46:13:fa:e1:90:0c:9e:95:4c:
2a:77:36:b8:74:43:56:18:72:f3:c3:ed:93:2b:c3:
72:62:22:97:3f:39:42:9b:92:c8:2b:55:dc:df:06:
57:86:21:c4:af:81:2d:2b:65:e7:80:b4:7a:f5:cb:
af:be:2b:dc:29:a5:00:4e:3d:06:c1:38:2c:e5:be:
83:90:0a:d0:af:27:24:bd:52:05:ed:e8:79:26:09:
17:2f:6b:ed:3f:fa:95:9d:8b:a3:45:8d:da:fa:9c:
ea:31:8c:03:d2:e9:b0:a7:26:cc:d1:96:46:f2:90:
87:06:58:45:dc:63:b8:49:d8:60:56:61:e4:65:a8:
52:67:56:b1:e9:a1:8b:ac:f2:92:09:45:f0:4e:80:
1b:a5:4e:a5:6c:eb:47:57:ca:9b:c0:b7:ff:86:33:
d9:10:43:b1:82:c9:29:21:b7:09:88:3b:48:5a:c8:
8e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FE:F4:14:70:16:B4:36:D6:9B:FC:C0:AA:C2:96:D3:37:C9:C2:A2
X509v3 Authority Key Identifier:
keyid:3C:1E:3F:DD:F7:88:4D:78:5A:70:8F:D4:E6:64:B6:2D:E9:10:EB:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PB4_3feITXhacI_U5mS2LekQ6-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/Z_70FHAWtDbWm_zAqsKW0zfJwqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4e8e74-77e6-41eb-9047-59c18ada352f/1/PB4_3feITXhacI_U5mS2LekQ6-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.40.0/22
171.22.92.0/22
185.18.240.0/22
IPv6:
2a04:d00::/29
2a09:3cc0::/29
2a0d:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
80:ae:52:89:c0:b5:96:f8:15:fb:c5:08:27:2c:c0:ed:89:6d:
79:2f:3e:d1:94:77:8d:00:a8:5e:23:41:ef:6b:31:d6:67:04:
9f:f5:21:49:a8:77:83:f9:ea:2a:1b:1d:b7:b5:87:89:28:71:
54:8a:61:c6:bf:02:d5:34:5c:3f:55:93:f4:d5:9a:ca:e4:21:
5f:e8:74:52:4e:88:18:ec:bb:08:67:e4:22:09:16:9e:a2:e6:
a6:f5:57:8d:cc:f6:1b:38:36:8e:a2:0c:f4:d0:6b:79:5f:81:
21:c7:28:52:cb:ef:d5:13:2a:d4:f7:74:70:2b:57:c4:01:91:
f8:96:19:af:30:8f:e8:cd:2c:77:54:94:3f:d7:8e:43:60:9d:
ec:22:6d:ea:94:32:77:2e:b4:1f:c8:20:c0:1c:11:ed:23:20:
bc:89:b0:e2:35:6a:5a:0d:38:89:fc:f0:83:65:f3:63:c5:59:
47:bf:fb:7d:73:2a:f1:f5:2d:a9:93:57:18:0d:d3:ed:ce:d8:
0e:48:79:ec:28:1d:f9:ce:f8:e2:7c:40:88:5b:f6:bd:8b:c4:
ca:ad:de:11:66:a4:bc:a1:00:76:8b:de:37:cc:c0:1b:f4:5e:
b4:ed:c4:1b:6a:c0:77:d6:4d:d4:3a:14:6b:37:92:5b:ac:8d:
de:51:46:63
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYYSPdx95uBNDXBkBwSBxWWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMWUzZmRkZjc4ODRkNzg1YTcwOGZkNGU2NjRiNjJkZTkx
MGViZTgwHhcNMjMwMjAyMTMwODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZlZjQxNDcwMTZiNDM2ZDY5YmZjYzBhYWMyOTZkMzM3YzljMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUviTcmV6zzvwjry+MmWe0DDtlVh
pr6u6Qxw0/zHZzeamRhfmL7YnY+mM8HsDhE3pY3TcCHqPoTbeYAMehLseUOYJGck
sMVTc/u4LOEIZSNGE/rhkAyelUwqdza4dENWGHLzw+2TK8NyYiKXPzlCm5LIK1Xc
3wZXhiHEr4EtK2XngLR69cuvvivcKaUATj0GwTgs5b6DkArQryckvVIF7eh5JgkX
L2vtP/qVnYujRY3a+pzqMYwD0umwpybM0ZZG8pCHBlhF3GO4SdhgVmHkZahSZ1ax
6aGLrPKSCUXwToAbpU6lbOtHV8qbwLf/hjPZEEOxgskpIbcJiDtIWsiOowIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGf+9BRwFrQ21pv8wKrCltM3ycKiMB8GA1UdIwQY
MBaAFDweP933iE14WnCP1OZkti3pEOvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDct
NTljMThhZGEzNTJmLzEvWl83MEZIQVd0RGJXbV96QXFzS1cwemZKd3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80ZThlNzQtNzdlNi00MWViLTkwNDctNTljMThhZGEzNTJm
LzEvUEI0XzNmZUlUWGhhY0lfVTVtUzJMZWtRNi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCH4QoAwQC
qxZcAwQCuRLwMBsEAgACMBUDBQMqBA0AAwUDKgk8wAMFAyoNn0AwDQYJKoZIhvcN
AQELBQADggEBAICuUonAtZb4FfvFCCcswO2JbXkvPtGUd40AqF4jQe9rMdZnBJ/1
IUmod4P56iobHbe1h4kocVSKYca/AtU0XD9Vk/TVmsrkIV/odFJOiBjsuwhn5CIJ
Fp6i5qb1V43M9hs4No6iDPTQa3lfgSHHKFLL79UTKtT3dHArV8QBkfiWGa8wj+jN
LHdUlD/XjkNgnewibeqUMncutB/IIMAcEe0jILyJsOI1aloNOIn88INl82PFWUe/
+31zKvH1LamTVxgN0+3O2A5IeewoHfnO+OJ8QIhb9r2LxMqt3hFmpLyhAHaL3jfM
wBv0XrTtxBtqwHfWTdQ6FGs3klusjd5RRmM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:34 2024 by rpki-client on console-ams.rpki-client.org