Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-q-UR1AUGjz8yHqqw9Z5IhNtk3k.roa
File: 1-q-UR1AUGjz8yHqqw9Z5IhNtk3k.roa (raw, json)
Hash identifier: RSTWhFjHqYJlal0/iYNpU8zP2jiwknChoFctIUJuT98=
Subject key identifier: FA:AF:94:47:50:14:1A:3C:FC:C8:7A:AA:C3:D6:79:22:13:6D:93:79
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D45DCC7CF7B04B123CAE4E5831A3CCF3B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-q-UR1AUGjz8yHqqw9Z5IhNtk3k.roa
Signing time: Fri 26 Jan 2024 13:01:53 +0000
ROA not before: Fri 26 Jan 2024 13:01:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 01 Feb 2024 00:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:dc:c7:cf:7b:04:b1:23:ca:e4:e5:83:1a:3c:cf:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 26 13:01:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faaf944750141a3cfcc87aaac3d67922136d9379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:13:55:bc:37:bc:43:99:b5:78:17:8e:c8:b7:
16:6f:1f:d3:9f:8c:3e:57:f4:b5:00:e3:e5:7c:a3:
9f:2e:dd:89:76:0f:81:a8:94:00:22:67:81:05:41:
a8:57:f7:eb:ec:1e:24:dc:e9:dd:f9:46:f1:87:d4:
3b:c8:2d:5c:29:a0:9c:75:18:6d:bf:7e:a0:68:b7:
16:12:ab:d2:c4:fc:16:f4:ad:1e:cd:54:09:d0:c4:
f8:0c:95:e0:96:96:85:03:6d:e4:40:3c:f4:ea:1d:
ee:ee:7f:1a:29:39:ca:9e:f8:a6:02:36:a0:c2:05:
01:cc:21:78:59:f1:11:78:88:50:0a:cb:d1:53:fd:
5d:ad:e1:74:da:11:96:78:55:18:93:9a:b9:a8:d5:
9b:b4:7a:e3:ee:d2:67:10:10:33:65:e1:2a:d1:e8:
ae:62:98:de:a0:b8:2d:1a:0c:9c:00:57:87:ab:79:
ea:24:25:6d:f0:3d:07:35:51:10:b4:f3:48:0c:cd:
66:28:3d:b0:c8:9e:ef:7c:92:fe:35:64:e9:4a:13:
93:40:b3:2f:76:26:50:c9:4f:99:7e:89:fc:6c:a2:
b7:ae:da:fc:20:74:46:f1:2b:7b:31:91:34:17:bf:
00:1a:27:5b:a7:60:c9:a9:f2:64:19:3f:e4:57:7b:
47:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:AF:94:47:50:14:1A:3C:FC:C8:7A:AA:C3:D6:79:22:13:6D:93:79
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-q-UR1AUGjz8yHqqw9Z5IhNtk3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
87.120.68.0/23
93.123.74.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:e2:b2:ec:e0:9b:8d:1a:b7:3b:68:93:7d:bc:77:16:67:b7:
ef:49:87:a5:2f:4f:0a:86:a8:ed:c4:5c:c5:e6:47:fe:a8:9f:
0d:3a:37:d3:30:ce:e2:a7:89:df:09:ca:1d:c0:6a:54:89:90:
67:fb:c5:89:58:9a:9b:1a:9c:da:bd:0e:39:4d:52:1f:8d:cd:
b8:eb:05:ef:17:97:fa:cc:0c:89:bb:12:e7:b9:79:5b:99:4e:
0b:bb:7e:40:2a:27:36:8c:54:e7:b0:46:95:f4:ab:52:4f:c5:
69:90:1e:84:3e:e2:17:c6:be:6f:d3:d3:d5:16:9f:02:ca:d0:
37:8c:f5:da:78:09:95:a9:9f:56:ee:90:ee:51:33:b0:18:9f:
91:ea:72:e8:20:30:ce:13:5c:40:a8:4b:14:4a:1d:63:1a:ae:
93:c3:af:5a:c3:c0:78:d2:5a:5f:0d:06:33:b5:2b:80:a3:a9:
ff:4d:ab:47:65:24:1c:a0:3d:55:33:a5:76:30:98:9f:b6:d2:
78:89:b0:28:ef:13:9f:ad:cc:5a:98:70:dd:cd:48:94:65:65:
cb:c1:0f:ad:75:32:7b:fb:de:d7:9a:06:bd:3e:37:55:ac:ff:
27:e9:55:71:cc:ee:14:fe:5c:c5:80:e9:d3:c8:b1:a4:6c:9c:
68:88:8e:e1
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY1F3MfPewSxI8rk5YMaPM87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTI2MTMwMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWFmOTQ0NzUwMTQxYTNjZmNjODdhYWFjM2Q2NzkyMjEzNmQ5Mzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBNVvDe8Q5m1eBeOyLcWbx/Tn4w+
V/S1AOPlfKOfLt2Jdg+BqJQAImeBBUGoV/fr7B4k3Ond+Ubxh9Q7yC1cKaCcdRht
v36gaLcWEqvSxPwW9K0ezVQJ0MT4DJXglpaFA23kQDz06h3u7n8aKTnKnvimAjag
wgUBzCF4WfEReIhQCsvRU/1dreF02hGWeFUYk5q5qNWbtHrj7tJnEBAzZeEq0eiu
YpjeoLgtGgycAFeHq3nqJCVt8D0HNVEQtPNIDM1mKD2wyJ7vfJL+NWTpShOTQLMv
diZQyU+Zfon8bKK3rtr8IHRG8St7MZE0F78AGidbp2DJqfJkGT/kV3tH8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPqvlEdQFBo8/Mh6qsPWeSITbZN5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1xLVVSMUFVR2p6OHlIcXF3OVo1SWhOdGszay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAB8N0wME
AVd4RAMEAV17SjANBgkqhkiG9w0BAQsFAAOCAQEAe+Ky7OCbjRq3O2iTfbx3Fme3
70mHpS9PCoao7cRcxeZH/qifDTo30zDO4qeJ3wnKHcBqVImQZ/vFiViamxqc2r0O
OU1SH43NuOsF7xeX+swMibsS57l5W5lOC7t+QConNoxU57BGlfSrUk/FaZAehD7i
F8a+b9PT1RafAsrQN4z12ngJlamfVu6Q7lEzsBifkepy6CAwzhNcQKhLFEodYxqu
k8OvWsPAeNJaXw0GM7UrgKOp/02rR2UkHKA9VTOldjCYn7bSeImwKO8Tn63MWphw
3c1IlGVly8EPrXUye/ve15oGvT43Vaz/J+lVcczuFP5cxYDp08ixpGycaIiO4Q==
-----END CERTIFICATE-----
Generated at Thu Feb 1 01:12:01 2024 by rpki-client on console-fra.rpki-client.org