Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/lh4zHqaNr7fFZPf9hg8BnRSAEtk.roa
File: lh4zHqaNr7fFZPf9hg8BnRSAEtk.roa (raw, json)
Hash identifier: vPY1IfQWSTEVC3EAUwSfnVYQR1dhMnqEd/fTjIrEd9k=
Subject key identifier: 96:1E:33:1E:A6:8D:AF:B7:C5:64:F7:FD:86:0F:01:9D:14:80:12:D9
Certificate issuer: /CN=daf0a39cfadf910f6b132ad228e606561887a06c
Certificate serial: 01865A79CE351EDD46E40EE351DBE47510B5
Authority key identifier: DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/lh4zHqaNr7fFZPf9hg8BnRSAEtk.roa
Signing time: Thu 16 Feb 2023 13:46:17 +0000
ROA not before: Thu 16 Feb 2023 13:46:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25291
IP address blocks: 31.187.88.0/24 maxlen: 24
91.217.176.0/24 maxlen: 24
2a02:2488:1f10::/44 maxlen: 48
2a02:2488:1010::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 13 Mar 2023 12:39:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:79:ce:35:1e:dd:46:e4:0e:e3:51:db:e4:75:10:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daf0a39cfadf910f6b132ad228e606561887a06c
Validity
Not Before: Feb 16 13:46:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=961e331ea68dafb7c564f7fd860f019d148012d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:01:dc:9a:9a:24:34:16:af:73:53:76:db:3f:
51:9d:bc:0b:32:7d:b0:08:d3:6e:91:e4:18:86:f1:
33:b6:f4:9f:cd:28:ae:e8:48:bd:b6:9e:cc:d0:a4:
f0:d3:a4:9b:6d:0f:60:b1:f9:f6:43:51:c8:46:49:
78:ef:c0:90:c0:47:25:9e:04:10:19:6c:2a:1c:08:
50:f0:c0:85:be:f4:d2:78:97:6e:d1:fb:70:09:59:
46:bc:74:e8:81:81:33:bd:e9:35:f0:64:e9:66:49:
2a:44:e3:c6:32:20:bf:19:0b:1a:1a:5e:d9:3f:f8:
a0:2b:43:5c:ee:8c:69:68:98:36:0b:1a:0c:3b:33:
64:ce:5b:93:78:03:29:8d:b1:72:82:11:1c:87:e8:
c3:d4:4a:43:fd:c1:f6:f8:b4:b2:9b:70:d7:4a:3c:
8e:46:86:b7:a7:40:45:23:df:c5:78:2c:7d:e9:0c:
2f:64:57:dd:31:21:88:a6:2f:ae:a9:66:e0:c6:fc:
2a:d0:7b:f2:f6:d4:72:38:37:a7:17:ed:94:e5:21:
06:27:da:91:50:5f:44:05:77:e6:6b:a0:70:4f:80:
df:ae:98:cf:e8:84:d8:29:bf:d5:e3:f7:00:0f:01:
84:68:97:cd:ab:71:96:83:66:d1:2f:92:83:eb:8e:
8e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:1E:33:1E:A6:8D:AF:B7:C5:64:F7:FD:86:0F:01:9D:14:80:12:D9
X509v3 Authority Key Identifier:
keyid:DA:F0:A3:9C:FA:DF:91:0F:6B:13:2A:D2:28:E6:06:56:18:87:A0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/lh4zHqaNr7fFZPf9hg8BnRSAEtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ffa457-34c8-48c2-9ebc-92b207f641b1/1/2vCjnPrfkQ9rEyrSKOYGVhiHoGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.88.0/24
91.217.176.0/24
IPv6:
2a02:2488:1010::/44
2a02:2488:1f10::/44
Signature Algorithm: sha256WithRSAEncryption
0b:b6:fc:e1:1e:86:4c:3a:9e:50:10:57:fa:ee:df:77:06:d9:
45:ec:e6:f6:7a:fb:80:75:28:d6:93:00:74:b5:ad:1b:d9:0d:
8b:b4:ea:ec:79:a9:6b:77:be:87:32:17:13:f7:1a:e7:ef:58:
ee:1c:07:5b:e7:c3:67:b2:d8:28:db:46:ba:19:be:5e:28:6d:
ce:95:d2:e5:c8:36:8d:0e:b7:fc:38:8e:c9:80:1e:1b:25:7f:
1a:0f:67:f3:83:c3:b9:59:84:95:4f:9e:81:e9:75:a7:cd:ff:
b3:43:95:c7:77:3e:e5:91:46:0f:f8:34:d1:cb:b1:51:23:c4:
b1:26:d8:41:54:e3:f8:a2:3b:c8:29:3f:d5:8e:a9:54:f2:7d:
0d:0e:13:4a:d0:0b:c8:ae:2c:b0:13:30:d0:5d:75:2a:bd:ae:
e7:8e:bf:92:98:07:29:d3:f5:b2:5e:d6:01:f1:4f:fd:ec:de:
1c:7c:62:18:61:0a:15:ab:91:5b:5a:0a:f7:a4:73:91:01:e8:
bb:bb:23:93:ad:87:47:4c:ca:f5:db:d5:2a:5e:64:e3:32:a2:
f5:e7:5b:45:50:c7:7f:91:07:ba:02:75:52:f2:a5:87:44:83:
f6:bc:f9:21:dc:ab:07:c4:46:8b:77:12:7e:e5:6c:da:3b:74:
bb:16:18:d8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYZaec41Ht1G5A7jUdvkdRC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZjBhMzljZmFkZjkxMGY2YjEzMmFkMjI4ZTYwNjU2MTg4
N2EwNmMwHhcNMjMwMjE2MTM0NjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjFlMzMxZWE2OGRhZmI3YzU2NGY3ZmQ4NjBmMDE5ZDE0ODAxMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgHcmpokNBavc1N22z9RnbwLMn2w
CNNukeQYhvEztvSfzSiu6Ei9tp7M0KTw06SbbQ9gsfn2Q1HIRkl478CQwEclngQQ
GWwqHAhQ8MCFvvTSeJdu0ftwCVlGvHTogYEzvek18GTpZkkqROPGMiC/GQsaGl7Z
P/igK0Nc7oxpaJg2CxoMOzNkzluTeAMpjbFyghEch+jD1EpD/cH2+LSym3DXSjyO
Roa3p0BFI9/FeCx96QwvZFfdMSGIpi+uqWbgxvwq0Hvy9tRyODenF+2U5SEGJ9qR
UF9EBXfma6BwT4DfrpjP6ITYKb/V4/cADwGEaJfNq3GWg2bRL5KD646O7wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJYeMx6mja+3xWT3/YYPAZ0UgBLZMB8GA1UdIwQY
MBaAFNrwo5z635EPaxMq0ijmBlYYh6BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMt
OTJiMjA3ZjY0MWIxLzEvbGg0ekhxYU5yN2ZGWlBmOWhnOEJuUlNBRXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mZmE0NTctMzRjOC00OGMyLTllYmMtOTJiMjA3ZjY0MWIx
LzEvMnZDam5QcmZrUTlyRXlyU0tPWUdWaGlIb0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAH7tYAwQA
W9mwMBgEAgACMBIDBwQqAiSIEBADBwQqAiSIHxAwDQYJKoZIhvcNAQELBQADggEB
AAu2/OEehkw6nlAQV/ru33cG2UXs5vZ6+4B1KNaTAHS1rRvZDYu06ux5qWt3vocy
FxP3GufvWO4cB1vnw2ey2CjbRroZvl4obc6V0uXINo0Ot/w4jsmAHhslfxoPZ/OD
w7lZhJVPnoHpdafN/7NDlcd3PuWRRg/4NNHLsVEjxLEm2EFU4/iiO8gpP9WOqVTy
fQ0OE0rQC8iuLLATMNBddSq9rueOv5KYBynT9bJe1gHxT/3s3hx8YhhhChWrkVta
Cvekc5EB6Lu7I5Oth0dMyvXb1SpeZOMyovXnW0VQx3+RB7oCdVLypYdEg/a8+SHc
qwfERot3En7lbNo7dLsWGNg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:42 2024 by rpki-client on console-ams.rpki-client.org