Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/wXfH4NLAViw-yDwNt0Aifl_Vm8w.roa
File: wXfH4NLAViw-yDwNt0Aifl_Vm8w.roa (raw, json)
Hash identifier: gM+4x1mhHp15IIkvsMECa+LCb7WunYn5vOVmKHo5rfU=
Subject key identifier: C1:77:C7:E0:D2:C0:56:2C:3E:C8:3C:0D:B7:40:22:7E:5F:D5:9B:CC
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018631390F6ACF76F1F00C0721C67A1EDA62
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/wXfH4NLAViw-yDwNt0Aifl_Vm8w.roa
Signing time: Wed 08 Feb 2023 13:31:08 +0000
ROA not before: Wed 08 Feb 2023 13:31:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 31.40.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 22 Feb 2023 23:26:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:39:0f:6a:cf:76:f1:f0:0c:07:21:c6:7a:1e:da:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 8 13:31:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c177c7e0d2c0562c3ec83c0db740227e5fd59bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:db:25:27:38:5c:10:3d:dd:d4:97:58:f1:d3:
f3:a7:a9:92:77:48:82:c2:c3:9d:0a:1c:eb:c2:bb:
f0:f2:39:8c:2d:58:02:4c:46:8b:06:8f:0c:dc:a2:
83:d9:7c:e6:61:2c:28:65:81:eb:a3:20:1c:03:3c:
59:c1:be:cd:ce:4d:9f:87:dc:b4:25:5a:9f:65:bd:
1a:fa:4b:ef:30:6e:09:49:97:25:ba:d9:fb:c3:c9:
3f:f2:0e:25:eb:f2:8c:67:94:ed:22:e6:1b:f9:e6:
a7:5a:17:a2:09:38:3d:be:3f:a6:15:5d:ef:ee:6f:
5a:52:d4:a2:35:73:c1:87:8e:fb:b7:42:5d:5f:9c:
b2:89:b8:46:0b:c4:e4:49:a4:a1:fd:70:54:d8:e2:
bc:6d:4a:87:ef:d9:46:33:16:b7:a0:b9:99:35:0d:
cc:6b:5b:45:10:dd:7d:a4:93:75:fe:a9:6e:7f:2f:
f1:fd:6c:dd:35:c4:fd:e6:1b:23:61:29:16:16:5f:
b6:0a:69:7d:8f:2c:38:91:53:64:83:b2:9b:84:fe:
f0:90:4f:59:a5:67:93:28:48:4e:bf:6d:44:d0:63:
94:39:e0:e9:77:de:27:fa:80:fc:c2:05:da:2d:8f:
20:d1:02:61:f0:e9:9c:88:02:2b:81:50:0e:1e:e8:
2a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:77:C7:E0:D2:C0:56:2C:3E:C8:3C:0D:B7:40:22:7E:5F:D5:9B:CC
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/wXfH4NLAViw-yDwNt0Aifl_Vm8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
85.8.144.0/22
141.98.48.0/22
188.119.68.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:a7:e2:61:6d:54:7e:bb:ff:e6:cc:98:e7:ac:2f:92:e1:01:
0c:3d:a8:69:ae:3c:45:de:79:0f:6b:ca:1e:1e:1d:2d:83:ab:
e1:8b:ea:a5:9c:4f:c7:25:27:37:be:88:a9:ea:73:3a:1f:0a:
2c:09:a7:bc:67:74:2f:10:56:66:93:9a:56:ae:ae:88:c5:6f:
50:b1:76:0b:56:7c:ba:01:e0:11:9e:62:4f:4f:59:9f:07:a4:
7f:cb:75:df:99:3f:8c:20:d4:39:0d:ea:14:5d:06:fb:ff:28:
e5:4a:d4:13:ec:49:71:e8:a6:1c:7d:d2:ef:53:02:e2:2e:c2:
22:4d:80:92:a7:3c:98:c0:d1:97:65:b1:87:b6:d7:8f:0a:1f:
7e:42:1d:11:28:55:cb:7e:5e:01:f7:1b:9f:aa:51:87:0a:df:
8f:4d:de:d4:bb:2d:aa:7a:7b:13:82:ff:81:dd:1c:36:c0:36:
d8:8c:ec:9c:f2:74:ca:22:f3:56:35:0d:a5:c3:77:d0:62:4e:
5f:77:a9:03:56:69:6c:50:88:a5:b0:92:40:3d:c1:67:21:0c:
13:2f:d0:c9:44:a9:1b:19:9c:e8:2c:e3:88:e7:69:8d:5f:48:
c6:a2:c8:0f:54:d4:4f:f3:b5:fd:bc:20:ca:4e:f1:63:14:56:
f1:af:0b:e0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYxOQ9qz3bx8AwHIcZ6HtpiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjA4MTMzMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTc3YzdlMGQyYzA1NjJjM2VjODNjMGRiNzQwMjI3ZTVmZDU5YmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytslJzhcED3d1JdY8dPzp6mSd0iC
wsOdChzrwrvw8jmMLVgCTEaLBo8M3KKD2XzmYSwoZYHroyAcAzxZwb7Nzk2fh9y0
JVqfZb0a+kvvMG4JSZclutn7w8k/8g4l6/KMZ5TtIuYb+eanWheiCTg9vj+mFV3v
7m9aUtSiNXPBh477t0JdX5yyibhGC8TkSaSh/XBU2OK8bUqH79lGMxa3oLmZNQ3M
a1tFEN19pJN1/qlufy/x/WzdNcT95hsjYSkWFl+2Cml9jyw4kVNkg7KbhP7wkE9Z
pWeTKEhOv21E0GOUOeDpd94n+oD8wgXaLY8g0QJh8OmciAIrgVAOHugqPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMF3x+DSwFYsPsg8DbdAIn5f1ZvMMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvd1hmSDROTEFWaXcteUR3TnQwQWlmbF9WbTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHyjEAwQC
VQiQAwQCjWIwAwQCvHdEAwQC1GsEAwQC1HNkMA0GCSqGSIb3DQEBCwUAA4IBAQBa
p+JhbVR+u//mzJjnrC+S4QEMPahprjxF3nkPa8oeHh0tg6vhi+qlnE/HJSc3voip
6nM6HwosCae8Z3QvEFZmk5pWrq6IxW9QsXYLVny6AeARnmJPT1mfB6R/y3XfmT+M
INQ5DeoUXQb7/yjlStQT7Elx6KYcfdLvUwLiLsIiTYCSpzyYwNGXZbGHttePCh9+
Qh0RKFXLfl4B9xufqlGHCt+PTd7Uuy2qensTgv+B3Rw2wDbYjOyc8nTKIvNWNQ2l
w3fQYk5fd6kDVmlsUIilsJJAPcFnIQwTL9DJRKkbGZzoLOOI52mNX0jGosgPVNRP
87X9vCDKTvFjFFbxrwvg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org