Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/iWnf6JXYvKOLDRXhZX0Wnz59KCc.roa
File: iWnf6JXYvKOLDRXhZX0Wnz59KCc.roa (raw, json)
Hash identifier: HuA6mBvNLTvwTI2URyV7jKVZgHCrmjtCtBzbTRohwyw=
Subject key identifier: 89:69:DF:E8:95:D8:BC:A3:8B:0D:15:E1:65:7D:16:9F:3E:7D:28:27
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 018C7CEA69441A70B365F494A2B031DCA138
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/iWnf6JXYvKOLDRXhZX0Wnz59KCc.roa
Signing time: Mon 18 Dec 2023 12:33:06 +0000
ROA not before: Mon 18 Dec 2023 12:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.31.242.0/23 maxlen: 23
81.31.244.0/22 maxlen: 24
185.84.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:ea:69:44:1a:70:b3:65:f4:94:a2:b0:31:dc:a1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Dec 18 12:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8969dfe895d8bca38b0d15e1657d169f3e7d2827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:90:9c:89:96:54:e5:a6:0d:42:af:0d:cc:d0:
33:e8:42:13:1a:dd:a8:f4:eb:c1:57:c2:c8:d7:d1:
e2:58:32:5d:00:9c:41:0e:e2:12:9d:cb:8f:0a:4a:
b3:19:f8:d9:0a:dc:be:5b:b0:f4:5a:8b:d1:42:3e:
83:62:86:eb:cc:68:44:b9:d0:49:0d:6a:fa:cb:8d:
ba:20:0a:33:d7:72:ba:d7:ea:89:7e:61:13:ee:b4:
47:6b:3c:68:5c:60:b7:73:7d:c0:95:f4:60:61:94:
85:df:ec:47:e6:ee:9b:8b:4f:59:21:10:e0:15:3b:
27:57:a4:47:6a:f5:3d:05:2c:8f:57:02:06:93:c7:
50:5d:7d:b3:f7:74:71:08:27:1f:52:fe:c4:3b:50:
be:3c:c5:10:07:4f:14:25:d0:3f:cb:93:fe:b3:2d:
00:c0:dd:b5:9d:e7:72:b4:96:20:f7:63:15:ca:3c:
f7:02:b5:b1:fa:e6:16:93:d4:c9:3a:b8:e6:19:24:
7c:b0:9a:9c:36:00:7c:b6:72:b4:bf:1f:49:1a:e8:
83:b1:16:8f:c3:12:9f:6f:d3:f6:3f:7d:ff:1a:b3:
77:bb:01:a2:fc:ee:f7:83:28:8a:cf:0e:c6:f3:df:
ea:6e:f5:9a:b3:87:5f:2c:b0:cf:b0:f0:dc:90:c3:
76:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:69:DF:E8:95:D8:BC:A3:8B:0D:15:E1:65:7D:16:9F:3E:7D:28:27
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/iWnf6JXYvKOLDRXhZX0Wnz59KCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.242.0-81.31.247.255
185.84.160.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:d2:c8:fd:a1:1c:fc:4b:33:6c:5b:77:03:03:d1:bb:98:88:
f9:21:ec:45:53:55:89:eb:23:b5:41:11:59:2c:d3:f3:8d:18:
f4:e2:13:9a:cb:ae:25:09:4e:c0:58:6d:af:93:13:25:08:ce:
97:2e:7a:af:96:76:8f:43:7f:8b:fb:20:2e:f1:75:7d:96:b6:
b0:b8:e8:3b:3c:59:ec:3b:76:5f:38:3e:94:71:13:4d:21:3c:
ed:41:c1:01:fb:ca:24:21:91:1c:1f:f2:24:b5:09:d2:8c:f3:
16:cf:2f:32:09:73:07:25:cb:fa:7c:b0:06:71:0d:45:1a:b4:
7d:dd:23:96:fe:87:8b:5b:c9:17:f3:19:de:a8:75:2c:36:06:
d5:41:a6:ed:33:90:0f:f2:2f:e6:13:e3:91:d0:fe:da:a3:23:
f0:2e:b9:7b:ac:c0:09:c0:da:8f:e8:78:94:f6:ce:9e:2d:49:
bf:7d:fa:70:28:aa:a0:d0:5c:32:72:c6:fc:ad:e2:0f:2d:30:
05:93:39:2e:5c:e1:46:b9:5a:01:2d:45:aa:0e:15:87:e2:af:
f8:7e:9e:9a:4d:f0:fc:e8:fb:2b:cf:29:25:ae:93:72:cf:0c:
7a:6f:9a:4f:1e:7b:d5:54:11:69:4a:18:42:e4:2b:16:41:ef:
bd:2e:17:e4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYx86mlEGnCzZfSUorAx3KE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjMxMjE4MTIzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY5ZGZlODk1ZDhiY2EzOGIwZDE1ZTE2NTdkMTY5ZjNlN2QyODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpCciZZU5aYNQq8NzNAz6EITGt2o
9OvBV8LI19HiWDJdAJxBDuISncuPCkqzGfjZCty+W7D0WovRQj6DYobrzGhEudBJ
DWr6y426IAoz13K61+qJfmET7rRHazxoXGC3c33AlfRgYZSF3+xH5u6bi09ZIRDg
FTsnV6RHavU9BSyPVwIGk8dQXX2z93RxCCcfUv7EO1C+PMUQB08UJdA/y5P+sy0A
wN21nedytJYg92MVyjz3ArWx+uYWk9TJOrjmGSR8sJqcNgB8tnK0vx9JGuiDsRaP
wxKfb9P2P33/GrN3uwGi/O73gyiKzw7G89/qbvWas4dfLLDPsPDckMN2AwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIlp3+iV2Lyjiw0V4WV9Fp8+fSgnMB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvaVduZjZKWFl2S09MRFJYaFpYMFduejU5S0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAFRH/ID
BANRH/ADBAG5VKAwDQYJKoZIhvcNAQELBQADggEBAMfSyP2hHPxLM2xbdwMD0buY
iPkh7EVTVYnrI7VBEVks0/ONGPTiE5rLriUJTsBYba+TEyUIzpcueq+Wdo9Df4v7
IC7xdX2WtrC46Ds8Wew7dl84PpRxE00hPO1BwQH7yiQhkRwf8iS1CdKM8xbPLzIJ
cwcly/p8sAZxDUUatH3dI5b+h4tbyRfzGd6odSw2BtVBpu0zkA/yL+YT45HQ/tqj
I/AuuXuswAnA2o/oeJT2zp4tSb99+nAoqqDQXDJyxvyt4g8tMAWTOS5c4Ua5WgEt
RaoOFYfir/h+nppN8Pzo+yvPKSWuk3LPDHpvmk8ee9VUEWlKGELkKxZB770uF+Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org