Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/1a031b-a71f-4bee-91e2-d4bd53c94b66/1/v-RGu0-9g5FypzoaF0Z4pDkASa8.roa
File: v-RGu0-9g5FypzoaF0Z4pDkASa8.roa (raw, json)
Hash identifier: MjDkZi9xXunvTHG+NC5qNVFo0DUZCCkPKfDApmoCcf0=
Subject key identifier: BF:E4:46:BB:4F:BD:83:91:72:A7:3A:1A:17:46:78:A4:39:00:49:AF
Certificate issuer: /CN=44def5a77dcc9aac99c34e2d719b8ba0d04e03d1
Certificate serial: 018570FBE07A44398C5B5F905CDB15E8D0DF
Authority key identifier: 44:DE:F5:A7:7D:CC:9A:AC:99:C3:4E:2D:71:9B:8B:A0:D0:4E:03:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RN71p33MmqyZw04tcZuLoNBOA9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/1a031b-a71f-4bee-91e2-d4bd53c94b66/1/v-RGu0-9g5FypzoaF0Z4pDkASa8.roa
Signing time: Mon 02 Jan 2023 05:37:13 +0000
ROA not before: Mon 02 Jan 2023 05:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57329
IP address blocks: 185.151.92.0/22 maxlen: 22
31.31.40.0/21 maxlen: 21
2a06:d440::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:e0:7a:44:39:8c:5b:5f:90:5c:db:15:e8:d0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44def5a77dcc9aac99c34e2d719b8ba0d04e03d1
Validity
Not Before: Jan 2 05:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfe446bb4fbd839172a73a1a174678a4390049af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:72:a0:5d:d5:9d:69:be:df:0d:f3:34:ef:
b9:89:d7:fd:7a:83:72:b5:35:ec:94:55:99:74:fc:
6a:53:20:7b:ca:d7:0a:58:80:86:6d:85:54:17:ae:
21:5d:29:78:a7:84:69:35:0f:34:5d:4f:66:8f:f7:
42:39:fa:b5:01:27:49:3b:9f:aa:52:b1:d4:b4:8f:
0d:a0:c1:11:95:5e:39:8c:21:db:8f:44:a4:30:59:
9a:68:35:87:07:8b:00:b7:68:59:5d:ad:83:5a:45:
49:9e:3b:04:3f:16:7d:9d:9c:a4:76:b0:54:8e:72:
dd:35:06:a6:86:20:cd:e7:35:5c:bc:75:a7:ff:51:
b0:a7:25:e2:44:31:eb:de:31:27:0e:a9:c7:37:e4:
f6:ca:3c:d2:74:b7:38:f1:09:83:de:46:28:a9:cf:
e9:65:65:e5:be:8a:cc:c5:53:2b:f1:0d:41:08:a4:
54:83:16:70:e6:59:4c:9d:37:52:a3:bf:15:07:b6:
55:88:3f:4c:c1:74:46:e7:9f:e0:2f:d3:2a:93:13:
ae:08:42:31:0c:96:2b:82:25:88:b1:b6:d7:37:2b:
6f:1c:1a:a7:21:70:5e:e4:6d:c8:89:69:bf:70:ff:
ec:b0:78:b2:5c:32:86:e6:41:06:e8:e1:fd:18:7d:
39:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E4:46:BB:4F:BD:83:91:72:A7:3A:1A:17:46:78:A4:39:00:49:AF
X509v3 Authority Key Identifier:
keyid:44:DE:F5:A7:7D:CC:9A:AC:99:C3:4E:2D:71:9B:8B:A0:D0:4E:03:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RN71p33MmqyZw04tcZuLoNBOA9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/1a031b-a71f-4bee-91e2-d4bd53c94b66/1/v-RGu0-9g5FypzoaF0Z4pDkASa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/1a031b-a71f-4bee-91e2-d4bd53c94b66/1/RN71p33MmqyZw04tcZuLoNBOA9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.40.0/21
185.151.92.0/22
IPv6:
2a06:d440::/29
Signature Algorithm: sha256WithRSAEncryption
af:d2:69:d5:5a:d2:c2:35:54:01:1d:3c:05:ba:bf:c5:ab:0d:
10:76:d8:b8:d2:6f:f3:57:2d:d8:a7:dd:3f:a5:63:9a:4b:e2:
ff:9f:6a:43:cf:eb:73:21:0e:4e:1b:fd:bd:50:43:04:d9:2a:
66:73:c0:a3:17:37:2c:47:48:04:8a:db:b8:75:c9:e4:58:a1:
47:bc:bf:05:ac:f3:f2:d6:16:92:6b:4a:20:ed:6f:4c:2c:9f:
bb:7a:3f:7d:59:e0:4c:ea:c2:72:fe:45:da:18:a3:c7:98:73:
1e:e8:cf:5a:d6:6d:f1:de:d5:16:12:61:dc:7b:a9:51:0f:a5:
a1:ba:90:94:97:b9:f3:a9:8e:ce:e9:4e:26:30:be:57:42:3c:
c5:30:c4:39:da:55:9b:22:e2:23:89:d7:01:e6:0c:6e:9f:bb:
e4:ff:58:f3:59:f5:fa:a8:8a:91:5e:7d:97:de:da:b1:4f:de:
6f:aa:19:70:26:28:0f:85:38:0d:10:87:fa:88:72:b4:c6:28:
9e:34:cf:87:76:8f:0a:d8:62:98:83:43:1b:7f:de:6a:8e:de:
12:4d:dc:f0:4f:31:be:fc:33:fe:72:62:cc:aa:76:87:dd:3c:
5d:79:83:01:f2:15:63:f1:c4:ea:6d:8a:72:23:b4:1b:63:a1:
27:5b:cc:1e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw++B6RDmMW1+QXNsV6NDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGVmNWE3N2RjYzlhYWM5OWMzNGUyZDcxOWI4YmEwZDA0
ZTAzZDEwHhcNMjMwMTAyMDUzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmU0NDZiYjRmYmQ4MzkxNzJhNzNhMWExNzQ2NzhhNDM5MDA0OWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq5yoF3VnWm+3w3zNO+5idf9eoNy
tTXslFWZdPxqUyB7ytcKWICGbYVUF64hXSl4p4RpNQ80XU9mj/dCOfq1ASdJO5+q
UrHUtI8NoMERlV45jCHbj0SkMFmaaDWHB4sAt2hZXa2DWkVJnjsEPxZ9nZykdrBU
jnLdNQamhiDN5zVcvHWn/1GwpyXiRDHr3jEnDqnHN+T2yjzSdLc48QmD3kYoqc/p
ZWXlvorMxVMr8Q1BCKRUgxZw5llMnTdSo78VB7ZViD9MwXRG55/gL9MqkxOuCEIx
DJYrgiWIsbbXNytvHBqnIXBe5G3IiWm/cP/ssHiyXDKG5kEG6OH9GH05wwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL/kRrtPvYORcqc6GhdGeKQ5AEmvMB8GA1UdIwQY
MBaAFETe9ad9zJqsmcNOLXGbi6DQTgPRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk43MXAzM01tcXladzA0dGNadUxvTkJPQTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8xYTAzMWItYTcxZi00YmVlLTkxZTIt
ZDRiZDUzYzk0YjY2LzEvdi1SR3UwLTlnNUZ5cHpvYUYwWjRwRGtBU2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS8xYTAzMWItYTcxZi00YmVlLTkxZTItZDRiZDUzYzk0YjY2
LzEvUk43MXAzM01tcXladzA0dGNadUxvTkJPQTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHx8oAwQC
uZdcMA0EAgACMAcDBQMqBtRAMA0GCSqGSIb3DQEBCwUAA4IBAQCv0mnVWtLCNVQB
HTwFur/Fqw0Qdti40m/zVy3Yp90/pWOaS+L/n2pDz+tzIQ5OG/29UEME2Spmc8Cj
FzcsR0gEitu4dcnkWKFHvL8FrPPy1haSa0og7W9MLJ+7ej99WeBM6sJy/kXaGKPH
mHMe6M9a1m3x3tUWEmHce6lRD6WhupCUl7nzqY7O6U4mML5XQjzFMMQ52lWbIuIj
idcB5gxun7vk/1jzWfX6qIqRXn2X3tqxT95vqhlwJigPhTgNEIf6iHK0xiieNM+H
do8K2GKYg0Mbf95qjt4STdzwTzG+/DP+cmLMqnaH3TxdeYMB8hVj8cTqbYpyI7Qb
Y6EnW8we
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:24 2024 by rpki-client on console-fra.rpki-client.org