Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4C9GB8uGVo9ZHXxJq0Q4bPWlFgo.roa
File: 4C9GB8uGVo9ZHXxJq0Q4bPWlFgo.roa (raw, json)
Hash identifier: l9+Cflb4+ck5ym2LPECpcYL8BBQZWee+54vq8ssKWbk=
Subject key identifier: E0:2F:46:07:CB:86:56:8F:59:1D:7C:49:AB:44:38:6C:F5:A5:16:0A
Certificate issuer: /CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Certificate serial: 0185704BD0212182957DF210BF502422897F
Authority key identifier: 85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4C9GB8uGVo9ZHXxJq0Q4bPWlFgo.roa
Signing time: Mon 02 Jan 2023 02:24:54 +0000
ROA not before: Mon 02 Jan 2023 02:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57789
IP address blocks: 185.23.7.0/24 maxlen: 24
31.135.192.0/20 maxlen: 20
2a0e:64c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:d0:21:21:82:95:7d:f2:10:bf:50:24:22:89:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7
Validity
Not Before: Jan 2 02:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e02f4607cb86568f591d7c49ab44386cf5a5160a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f0:71:48:3f:7c:e0:c0:28:d6:1c:3e:f8:fb:
3d:1b:e3:37:0a:13:02:cd:0e:03:27:8b:5f:b9:90:
d3:d0:ef:54:73:26:21:fe:3a:28:15:28:18:a9:89:
48:be:b5:b8:d9:67:d4:c7:b0:02:d6:0a:39:59:a2:
47:81:09:67:39:d8:b4:3d:02:d8:ce:16:c5:68:fc:
5c:ac:32:8a:90:e1:ee:c2:b4:d5:e1:1f:fd:39:b0:
90:a2:08:b3:0a:e5:dd:78:fe:3c:e5:1f:54:e0:2f:
a6:b3:93:70:9c:5b:95:2a:be:e3:09:ce:64:7b:77:
5f:92:01:31:39:fa:35:e4:1f:3e:2d:e5:21:da:43:
b8:42:75:9e:03:a1:6a:62:0d:8c:fe:8b:f2:59:1c:
5d:04:aa:ca:ef:21:8c:76:20:cf:54:03:df:3d:48:
9b:d4:2b:8d:4c:e3:c5:54:b9:40:9a:bd:30:8b:95:
bd:5d:1c:09:44:2d:e9:43:76:a5:7e:86:c0:4c:b5:
9e:98:6a:99:f9:9d:92:57:f2:35:43:0d:78:c2:2a:
d5:3a:bd:8b:ad:c6:a5:13:06:c0:90:3c:cf:00:a1:
20:57:87:97:71:8c:c6:70:a8:08:92:7f:0b:50:b0:
b9:a3:4e:35:ae:4a:06:f4:dc:b8:d9:21:bd:cb:ee:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2F:46:07:CB:86:56:8F:59:1D:7C:49:AB:44:38:6C:F5:A5:16:0A
X509v3 Authority Key Identifier:
keyid:85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/4C9GB8uGVo9ZHXxJq0Q4bPWlFgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.192.0/20
185.23.7.0/24
IPv6:
2a0e:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:70:ce:f2:d7:e6:d7:db:77:0f:a9:b5:87:ce:ad:66:24:ec:
90:68:e7:9e:2f:b2:eb:62:87:27:12:d4:3b:5e:5c:49:60:4a:
12:cf:74:10:79:48:8e:7e:56:e6:e6:c5:5c:eb:d2:40:bb:2f:
12:2e:89:ca:dd:af:e7:03:fe:00:26:9e:4d:b3:b0:b3:27:3a:
26:8a:63:31:4a:48:ea:0a:c6:61:4b:af:7e:ca:d3:9e:ac:a9:
a5:28:e2:ba:04:d1:d4:89:0e:60:52:d9:5d:84:4b:b8:0d:6b:
30:9a:57:81:83:9e:a0:5a:68:49:2f:f0:c5:69:0c:fa:a1:7b:
26:fe:bd:e8:b6:aa:73:da:11:48:26:70:47:82:db:a2:f2:13:
09:39:0c:12:92:c8:33:7d:b5:ce:23:2a:36:94:27:03:ef:9e:
0a:fa:f7:94:55:f0:4b:3e:11:7b:a9:ab:3d:ec:92:7a:e1:06:
f0:5e:49:9a:5e:48:2e:0b:a4:d1:af:df:d8:1a:68:22:39:7e:
0a:63:a8:7f:5e:4c:86:33:c6:0c:d5:f8:54:45:0e:9c:37:1e:
6b:4f:c7:97:f6:0b:44:5c:0f:94:aa:e4:f9:98:79:28:a5:79:
7e:c7:fa:b2:c5:b3:5e:c7:0b:0a:6a:cc:12:25:cc:a9:d8:83:
d7:ff:a0:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwS9AhIYKVffIQv1AkIol/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ODAyZmMxZDBmM2UzYTQ0NjI1NjJkMmYwNmYyYjNkZWZm
OGY0ZTcwHhcNMjMwMTAyMDIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJmNDYwN2NiODY1NjhmNTkxZDdjNDlhYjQ0Mzg2Y2Y1YTUxNjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/BxSD984MAo1hw++Ps9G+M3ChMC
zQ4DJ4tfuZDT0O9UcyYh/jooFSgYqYlIvrW42WfUx7AC1go5WaJHgQlnOdi0PQLY
zhbFaPxcrDKKkOHuwrTV4R/9ObCQogizCuXdeP485R9U4C+ms5NwnFuVKr7jCc5k
e3dfkgExOfo15B8+LeUh2kO4QnWeA6FqYg2M/ovyWRxdBKrK7yGMdiDPVAPfPUib
1CuNTOPFVLlAmr0wi5W9XRwJRC3pQ3alfobATLWemGqZ+Z2SV/I1Qw14wirVOr2L
rcalEwbAkDzPAKEgV4eXcYzGcKgIkn8LULC5o041rkoG9Ny42SG9y+4PUQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOAvRgfLhlaPWR18SatEOGz1pRYKMB8GA1UdIwQY
MBaAFIWAL8HQ8+OkRiVi0vBvKz3v+PTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYt
YjA1ODMyYmM2OTYyLzEvNEM5R0I4dUdWbzlaSFh4SnEwUTRiUFdsRmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYtYjA1ODMyYmM2OTYy
LzEvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEH4fAAwQA
uRcHMA0EAgACMAcDBQMqDmTAMA0GCSqGSIb3DQEBCwUAA4IBAQAJcM7y1+bX23cP
qbWHzq1mJOyQaOeeL7LrYocnEtQ7XlxJYEoSz3QQeUiOflbm5sVc69JAuy8SLonK
3a/nA/4AJp5Ns7CzJzomimMxSkjqCsZhS69+ytOerKmlKOK6BNHUiQ5gUtldhEu4
DWswmleBg56gWmhJL/DFaQz6oXsm/r3otqpz2hFIJnBHgtui8hMJOQwSksgzfbXO
Iyo2lCcD754K+veUVfBLPhF7qas97JJ64QbwXkmaXkguC6TRr9/YGmgiOX4KY6h/
XkyGM8YM1fhURQ6cNx5rT8eX9gtEXA+UquT5mHkopXl+x/qyxbNexwsKaswSJcyp
2IPX/6Bf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org