Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ID6cdYaF4mg1T-dbYfBmcUVvDzc.roa
File: ID6cdYaF4mg1T-dbYfBmcUVvDzc.roa (raw, json)
Hash identifier: WWokXue4DzhZBS9au6SJ84XblXmWhIsHm58JOWEY7Ac=
Subject key identifier: 20:3E:9C:75:86:85:E2:68:35:4F:E7:5B:61:F0:66:71:45:6F:0F:37
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 018C64BB9DB05D12CF88574C61C2C3781116
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ID6cdYaF4mg1T-dbYfBmcUVvDzc.roa
Signing time: Wed 13 Dec 2023 19:51:06 +0000
ROA not before: Wed 13 Dec 2023 19:51:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207456
IP address blocks: 185.153.188.0/22 maxlen: 24
31.171.132.0/22 maxlen: 24
185.196.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:bb:9d:b0:5d:12:cf:88:57:4c:61:c2:c3:78:11:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Dec 13 19:51:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=203e9c758685e268354fe75b61f06671456f0f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:93:f9:88:2f:2c:26:e8:09:01:05:59:fa:
6b:d2:a9:fc:45:0c:38:f1:63:c2:5f:ec:02:3b:12:
94:f1:70:07:c0:bd:64:02:0e:43:e2:4d:e0:95:ce:
03:4a:cd:b8:01:bd:c6:03:cb:a9:75:e0:67:e6:2e:
fb:06:0b:b0:07:d8:30:9a:91:8e:e2:e1:2c:4b:28:
58:af:16:e7:53:45:8e:e3:6f:64:cb:26:bd:61:eb:
63:0d:58:4a:82:e7:0b:be:ac:e2:59:6d:46:7b:6b:
9a:05:11:47:17:97:66:fc:0a:c2:91:a0:4f:ca:4a:
81:1a:46:d8:cc:29:c2:ab:e8:1e:80:da:ce:de:45:
da:be:88:1c:1c:29:e3:16:d2:f7:f5:77:60:1d:8b:
07:85:54:e3:a9:a5:d3:d9:58:62:58:ff:53:60:b9:
b5:20:a8:9f:92:18:75:71:e3:e7:11:7b:2f:0c:ff:
01:43:9f:75:01:29:c0:94:d6:3f:82:d8:cb:db:7f:
93:97:20:01:68:68:d3:61:48:52:9f:61:8d:2f:c5:
9c:37:41:74:0e:bb:06:47:5b:e0:82:32:07:6f:5e:
ab:eb:18:38:dc:8f:23:5f:ce:4c:e2:63:68:9c:81:
8c:46:b5:51:7a:a0:26:84:b8:c9:2e:b8:4d:6e:fb:
37:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3E:9C:75:86:85:E2:68:35:4F:E7:5B:61:F0:66:71:45:6F:0F:37
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/ID6cdYaF4mg1T-dbYfBmcUVvDzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.132.0/22
185.153.188.0/22
185.196.92.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ff:a0:81:b7:97:32:ab:81:63:b2:87:e4:7e:f4:cb:d6:fb:
f9:79:8a:f5:a8:8e:d7:1c:21:05:70:02:7f:ee:9c:a9:21:0e:
1e:37:93:d2:7c:9d:d9:12:e8:c2:39:48:d2:e6:95:9e:01:a4:
d7:42:a2:e3:7f:7d:4f:b4:bf:90:07:79:18:56:43:66:e3:92:
c6:3e:75:bd:8f:cb:18:06:41:03:e0:79:86:d8:88:eb:40:52:
79:db:51:10:3e:78:4c:61:5a:8c:a8:8f:ed:4c:de:20:e6:ab:
92:bd:d0:a2:84:c0:77:e5:21:73:87:91:21:58:2a:b2:c0:f0:
bc:ac:2c:62:6f:60:e6:88:99:50:dc:c1:e4:a4:d9:a2:9c:f9:
e6:bb:60:24:d6:8c:f3:97:c7:0e:a3:06:ac:2f:49:d8:e4:80:
70:29:af:84:8d:63:50:4b:4c:01:57:45:63:94:ed:7a:b1:f6:
29:a7:89:ea:35:be:0f:d6:21:da:c1:0c:70:1a:8e:16:3d:62:
ae:e1:83:af:fa:51:f6:19:ea:b4:81:12:16:b7:0c:d3:de:8f:
8c:06:53:ad:83:b6:d7:08:84:8f:ed:6c:eb:4c:34:b4:9c:49:
c7:e9:b3:8a:64:2e:c8:b5:a4:73:8d:b0:dc:a1:27:24:09:ce:
03:a3:66:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxku52wXRLPiFdMYcLDeBEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjMxMjEzMTk1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNlOWM3NTg2ODVlMjY4MzU0ZmU3NWI2MWYwNjY3MTQ1NmYwZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL6T+YgvLCboCQEFWfpr0qn8RQw4
8WPCX+wCOxKU8XAHwL1kAg5D4k3glc4DSs24Ab3GA8updeBn5i77BguwB9gwmpGO
4uEsSyhYrxbnU0WO429kyya9YetjDVhKgucLvqziWW1Ge2uaBRFHF5dm/ArCkaBP
ykqBGkbYzCnCq+gegNrO3kXavogcHCnjFtL39XdgHYsHhVTjqaXT2VhiWP9TYLm1
IKifkhh1cePnEXsvDP8BQ591ASnAlNY/gtjL23+TlyABaGjTYUhSn2GNL8WcN0F0
DrsGR1vggjIHb16r6xg43I8jX85M4mNonIGMRrVReqAmhLjJLrhNbvs39wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCA+nHWGheJoNU/nW2HwZnFFbw83MB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvSUQ2Y2RZYUY0bWcxVC1kYllmQm1jVVZ2RHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH6uEAwQC
uZm8AwQCucRcMA0GCSqGSIb3DQEBCwUAA4IBAQBx/6CBt5cyq4FjsofkfvTL1vv5
eYr1qI7XHCEFcAJ/7pypIQ4eN5PSfJ3ZEujCOUjS5pWeAaTXQqLjf31PtL+QB3kY
VkNm45LGPnW9j8sYBkED4HmG2IjrQFJ521EQPnhMYVqMqI/tTN4g5quSvdCihMB3
5SFzh5EhWCqywPC8rCxib2DmiJlQ3MHkpNminPnmu2Ak1ozzl8cOowasL0nY5IBw
Ka+EjWNQS0wBV0VjlO16sfYpp4nqNb4P1iHawQxwGo4WPWKu4YOv+lH2Geq0gRIW
twzT3o+MBlOtg7bXCISP7WzrTDS0nEnH6bOKZC7ItaRzjbDcoSckCc4Do2YV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:40 2024 by rpki-client on console-fra.rpki-client.org