Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HeCaINZI5Ks8BU6qWVr9Uqpz9Q8.roa
File: HeCaINZI5Ks8BU6qWVr9Uqpz9Q8.roa (raw, json)
Hash identifier: 7Q36q8uZBA2ysuC7SXsb+qoGm3LfT1QeD+DFcE8tA/0=
Subject key identifier: 1D:E0:9A:20:D6:48:E4:AB:3C:05:4E:AA:59:5A:FD:52:AA:73:F5:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81EC5247AF09E4EFD140B2E27753F5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HeCaINZI5Ks8BU6qWVr9Uqpz9Q8.roa
Signing time: Sun 01 Jan 2023 13:25:09 +0000
ROA not before: Sun 01 Jan 2023 13:25:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44851
IP address blocks: 31.13.196.0/24 maxlen: 24
93.123.120.0/21 maxlen: 21
93.123.120.0/24 maxlen: 24
93.123.122.0/24 maxlen: 24
93.123.124.0/24 maxlen: 24
93.123.120.0/22 maxlen: 22
93.123.124.0/22 maxlen: 22
93.123.121.0/24 maxlen: 24
93.123.123.0/24 maxlen: 24
93.123.125.0/24 maxlen: 24
93.123.126.0/24 maxlen: 24
93.123.127.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ec:52:47:af:09:e4:ef:d1:40:b2:e2:77:53:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1de09a20d648e4ab3c054eaa595afd52aa73f50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:db:52:b0:7b:12:73:d8:59:a7:c2:e2:53:82:
5c:9b:c7:8c:c0:9b:6c:ea:0a:a5:ef:fd:e8:5d:81:
40:2d:a5:f9:90:6e:6d:77:3a:fa:a8:2d:5b:2a:1b:
d0:97:3b:34:3f:70:35:70:c7:4c:3c:d5:5a:5b:d6:
2b:6f:07:ac:3f:eb:1c:fa:b2:ed:3c:e7:a9:6b:08:
67:f1:fe:38:67:2b:60:69:c8:1a:95:1e:ae:44:17:
d0:2e:73:ff:c9:10:8c:3a:b4:17:6d:57:5b:a0:f2:
50:db:c9:56:51:ea:b1:35:fd:b9:2f:11:27:6a:07:
e0:d6:fa:e1:c2:df:55:9c:37:f6:3b:7b:ea:3b:d6:
37:97:79:4a:20:2b:20:19:65:aa:42:67:89:29:51:
0a:7b:84:fe:c0:b4:4e:7f:93:44:df:fd:65:86:f0:
f8:e9:8b:8b:c9:06:3a:14:80:b6:23:01:5a:96:41:
7e:af:8d:23:0c:ee:81:96:c8:93:59:88:7f:14:53:
7b:58:38:83:e8:7d:61:d8:b0:4b:2a:40:96:7a:7d:
b6:5d:ac:fd:5f:06:18:51:b3:ea:be:c7:6e:38:61:
20:00:14:ee:ca:53:8b:83:f0:2a:78:8c:64:e8:8d:
15:02:0d:5e:18:38:2f:5a:bc:c3:cc:b6:80:7e:b6:
f7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E0:9A:20:D6:48:E4:AB:3C:05:4E:AA:59:5A:FD:52:AA:73:F5:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HeCaINZI5Ks8BU6qWVr9Uqpz9Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.196.0/24
93.123.120.0/21
Signature Algorithm: sha256WithRSAEncryption
42:60:c4:87:63:ea:83:96:0d:d1:bd:ef:2b:93:98:e7:9c:f7:
2e:49:8b:7d:f8:8c:ef:74:8c:5f:07:9a:d8:e3:51:5b:45:d0:
a4:b0:be:e4:38:ab:0e:0b:ee:cd:d1:02:45:6e:11:3b:6a:9e:
08:00:65:02:61:1b:df:a1:f3:a5:8e:fa:87:a3:f5:1a:7c:3a:
40:00:6a:3a:de:ff:58:20:c6:f0:e4:f2:c9:05:93:9a:db:de:
7f:4d:fe:0f:3d:71:21:7e:78:4c:11:08:5f:88:27:6e:81:b4:
27:c9:36:a3:e5:98:ae:a9:65:85:f0:87:11:c7:96:dc:38:e0:
a3:39:24:1d:8f:21:cc:bd:c7:63:8e:c1:89:1e:b1:13:62:61:
bb:35:41:de:5a:ad:f5:cd:2e:22:58:3c:78:6c:7a:52:ec:fa:
4d:12:41:f0:b0:e5:f0:57:aa:7d:89:66:72:0a:38:79:c8:9f:
fc:33:e1:3d:d4:ca:5f:56:07:d6:2f:fa:fe:0b:09:7d:f0:06:
b0:2a:90:72:60:17:f2:44:a8:bb:12:16:ff:f5:43:e8:a1:06:
a0:05:8a:d2:e1:30:08:e7:ee:f0:27:c9:ac:75:82:5b:3b:1e:
47:1f:5d:2a:d1:5b:7a:56:39:e4:60:3a:04:64:a1:df:5f:38:
e5:31:9e:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtgexSR68J5O/RQLLid1P1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGUwOWEyMGQ2NDhlNGFiM2MwNTRlYWE1OTVhZmQ1MmFhNzNmNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtttSsHsSc9hZp8LiU4Jcm8eMwJts
6gql7/3oXYFALaX5kG5tdzr6qC1bKhvQlzs0P3A1cMdMPNVaW9YrbwesP+sc+rLt
POepawhn8f44ZytgacgalR6uRBfQLnP/yRCMOrQXbVdboPJQ28lWUeqxNf25LxEn
agfg1vrhwt9VnDf2O3vqO9Y3l3lKICsgGWWqQmeJKVEKe4T+wLROf5NE3/1lhvD4
6YuLyQY6FIC2IwFalkF+r40jDO6BlsiTWYh/FFN7WDiD6H1h2LBLKkCWen22Xaz9
XwYYUbPqvsduOGEgABTuylOLg/AqeIxk6I0VAg1eGDgvWrzDzLaAfrb3oQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3gmiDWSOSrPAVOqlla/VKqc/UPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGVDYUlOWkk1S3M4QlU2cVdWcjlVcXB6OVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHw3EAwQD
XXt4MA0GCSqGSIb3DQEBCwUAA4IBAQBCYMSHY+qDlg3Rve8rk5jnnPcuSYt9+Izv
dIxfB5rY41FbRdCksL7kOKsOC+7N0QJFbhE7ap4IAGUCYRvfofOljvqHo/UafDpA
AGo63v9YIMbw5PLJBZOa295/Tf4PPXEhfnhMEQhfiCdugbQnyTaj5ZiuqWWF8IcR
x5bcOOCjOSQdjyHMvcdjjsGJHrETYmG7NUHeWq31zS4iWDx4bHpS7PpNEkHwsOXw
V6p9iWZyCjh5yJ/8M+E91MpfVgfWL/r+Cwl98AawKpByYBfyRKi7Ehb/9UPooQag
BYrS4TAI5+7wJ8msdYJbOx5HH10q0Vt6VjnkYDoEZKHfXzjlMZ7x
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org