Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UnhVnquNzRQ2Gzb3XTXd8w2wj0c.roa
File: UnhVnquNzRQ2Gzb3XTXd8w2wj0c.roa (raw, json)
Hash identifier: Tgj4q+FGKvluj43CtCzsjgFVR0r8WCZBToSagEPgu20=
Subject key identifier: 52:78:55:9E:AB:8D:CD:14:36:1B:36:F7:5D:35:DD:F3:0D:B0:8F:47
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018E48B1077E523331902DE345F6B7013D16
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UnhVnquNzRQ2Gzb3XTXd8w2wj0c.roa
Signing time: Sat 16 Mar 2024 19:15:45 +0000
ROA not before: Sat 16 Mar 2024 19:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.31.234.0/23 maxlen: 24
81.31.242.0/23 maxlen: 23
81.31.244.0/22 maxlen: 24
185.84.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Apr 2024 09:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:b1:07:7e:52:33:31:90:2d:e3:45:f6:b7:01:3d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Mar 16 19:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5278559eab8dcd14361b36f75d35ddf30db08f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:37:c1:18:45:26:ab:59:28:77:b4:4d:66:b9:
5e:6d:fb:62:bd:f4:12:c4:35:af:40:cf:78:ca:6f:
6b:3b:6a:7a:59:d7:09:3e:74:11:0b:11:2a:55:d1:
3c:90:ee:b4:e9:07:fd:93:e5:8c:f3:e9:1e:8e:56:
82:df:ca:a9:9e:b6:36:67:c7:40:18:96:58:e9:c7:
99:5e:a4:00:d1:69:19:4c:db:07:7e:66:1e:73:b1:
98:54:5d:3c:e4:5d:61:f6:4c:01:2c:be:2c:81:ad:
fa:0b:f5:8b:f6:7a:f1:37:bc:c6:0f:de:62:8e:e8:
52:ff:2d:f2:b0:45:be:73:2e:e2:58:d6:00:14:e8:
2d:05:61:53:84:08:54:2d:6e:c6:84:af:bc:2a:2f:
9f:b2:1e:cd:e1:ed:b2:8b:81:6e:bf:b6:c3:6f:6e:
0d:43:05:4b:4f:28:24:c4:98:bd:ac:40:de:3a:3c:
dd:26:a5:08:a7:6b:7d:f2:1d:b0:d8:52:64:44:67:
9e:25:17:5e:f1:a2:b3:67:58:0f:5b:51:d9:ed:96:
6f:8c:f3:d3:d9:d2:37:75:94:9a:ac:6c:ee:59:0e:
53:f1:51:c8:b1:1a:db:1c:89:27:78:fe:34:91:66:
d3:e8:6d:9a:3c:69:82:1a:3d:f5:8a:3d:95:10:08:
d2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:78:55:9E:AB:8D:CD:14:36:1B:36:F7:5D:35:DD:F3:0D:B0:8F:47
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/UnhVnquNzRQ2Gzb3XTXd8w2wj0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.234.0/23
81.31.242.0-81.31.247.255
185.84.160.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:fa:17:ac:85:08:22:55:55:ff:a3:54:85:15:46:d5:01:48:
07:1c:85:90:58:2c:fb:44:96:2b:b1:ae:36:1d:1d:f0:40:6b:
2a:f1:ed:bb:41:6c:15:13:e2:13:bc:b1:27:c5:5e:79:ba:9f:
40:7e:c2:d5:f7:48:d1:93:a2:36:e7:65:a7:2d:68:19:f6:4c:
15:c5:b3:f7:06:be:91:2f:cd:87:e7:b8:3e:5c:31:c6:01:8e:
15:a8:4c:1d:08:bd:25:79:48:51:d7:75:43:5b:49:b0:4d:d9:
c6:69:d6:42:e5:89:9e:a1:a8:58:be:0d:b0:ed:ec:7f:d5:56:
b8:9e:fa:57:03:d9:22:da:38:6b:6a:2b:db:e0:65:ba:b4:ad:
11:7b:4f:93:ca:a9:a7:e0:54:14:d5:c2:ff:29:ed:67:26:10:
df:04:5c:7b:84:a6:f8:94:a3:86:94:88:81:90:f9:13:2d:24:
cf:14:6f:40:be:aa:3d:eb:ce:e8:ed:c0:66:80:aa:3b:83:00:
73:4c:09:3f:c5:63:26:ce:e7:26:86:51:ae:39:3b:ea:30:d4:
94:8b:f0:d1:ea:0a:c7:f5:87:62:ec:06:7f:7f:fc:c8:a2:a8:
20:05:11:6f:67:d2:4e:23:00:e8:ee:38:d4:c9:e3:aa:7d:14:
42:e7:45:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY5IsQd+UjMxkC3jRfa3AT0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjQwMzE2MTkxNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjc4NTU5ZWFiOGRjZDE0MzYxYjM2Zjc1ZDM1ZGRmMzBkYjA4ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTfBGEUmq1kod7RNZrlebftivfQS
xDWvQM94ym9rO2p6WdcJPnQRCxEqVdE8kO606Qf9k+WM8+kejlaC38qpnrY2Z8dA
GJZY6ceZXqQA0WkZTNsHfmYec7GYVF085F1h9kwBLL4sga36C/WL9nrxN7zGD95i
juhS/y3ysEW+cy7iWNYAFOgtBWFThAhULW7GhK+8Ki+fsh7N4e2yi4Fuv7bDb24N
QwVLTygkxJi9rEDeOjzdJqUIp2t98h2w2FJkRGeeJRde8aKzZ1gPW1HZ7ZZvjPPT
2dI3dZSarGzuWQ5T8VHIsRrbHIkneP40kWbT6G2aPGmCGj31ij2VEAjStwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFJ4VZ6rjc0UNhs291013fMNsI9HMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvVW5oVm5xdU56UlEyR3piM1hUWGQ4dzJ3ajBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBUR/qMAwD
BAFRH/IDBANRH/ADBAG5VKAwDQYJKoZIhvcNAQELBQADggEBAM76F6yFCCJVVf+j
VIUVRtUBSAcchZBYLPtEliuxrjYdHfBAayrx7btBbBUT4hO8sSfFXnm6n0B+wtX3
SNGTojbnZactaBn2TBXFs/cGvpEvzYfnuD5cMcYBjhWoTB0IvSV5SFHXdUNbSbBN
2cZp1kLliZ6hqFi+DbDt7H/VVrie+lcD2SLaOGtqK9vgZbq0rRF7T5PKqafgVBTV
wv8p7WcmEN8EXHuEpviUo4aUiIGQ+RMtJM8Ub0C+qj3rzujtwGaAqjuDAHNMCT/F
YybO5yaGUa45O+ow1JSL8NHqCsf1h2LsBn9//MiiqCAFEW9n0k4jAOjuONTJ46p9
FELnRfg=
-----END CERTIFICATE-----
Generated at Tue Apr 2 14:25:17 2024 by rpki-client on console-fra.rpki-client.org