Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_H5KO8WAOw9UDrgw2VpTYuhPpjY.roa
File: _H5KO8WAOw9UDrgw2VpTYuhPpjY.roa (raw, json)
Hash identifier: BAsk9JvC5yPwfJddYrEgFvytcuc1fkhaTe4B0oXNeAE=
Subject key identifier: FC:7E:4A:3B:C5:80:3B:0F:54:0E:B8:30:D9:5A:53:62:E8:4F:A6:36
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018B8C37E9A88FB3C9B8D64ED85AE6D73F14
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_H5KO8WAOw9UDrgw2VpTYuhPpjY.roa
Signing time: Wed 01 Nov 2023 18:49:16 +0000
ROA not before: Wed 01 Nov 2023 18:49:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6939
IP address blocks: 31.40.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
77.241.72.0/22 maxlen: 22
84.54.0.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
139.28.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:37:e9:a8:8f:b3:c9:b8:d6:4e:d8:5a:e6:d7:3f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Nov 1 18:49:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc7e4a3bc5803b0f540eb830d95a5362e84fa636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2d:95:e7:42:57:76:1c:a5:31:7f:19:a6:30:
3f:3a:b3:49:ed:3b:16:56:71:da:97:c3:d6:a7:56:
f5:89:6a:00:d0:01:ac:78:02:a7:98:57:2d:64:a7:
70:91:71:a9:b4:52:5d:bd:e9:e3:3c:10:1a:7f:50:
74:65:a8:fb:31:5c:dc:ae:33:5d:c0:3f:89:76:83:
c9:fd:17:77:1c:1b:f6:c0:4a:6c:8d:e8:8b:2f:7d:
f4:c2:ee:58:b7:61:b9:4b:0c:25:34:1e:64:7d:5f:
f9:da:37:9b:59:bc:69:a6:1a:d9:b7:2b:35:72:6d:
51:ff:3d:8d:f7:8f:b4:b7:8e:b1:65:3e:e4:6e:aa:
21:3f:74:ef:0d:4a:d1:8a:0c:02:6c:2a:99:a0:2e:
89:80:d4:ce:91:46:7f:b4:87:4f:45:de:38:33:46:
a7:f8:09:ef:b2:ac:38:75:1f:33:0f:85:df:1b:32:
6f:9a:15:b9:8f:f0:e1:70:51:8f:c9:e6:e9:c7:06:
22:fe:4d:cf:9e:9c:6f:47:0a:5f:b0:43:01:8d:fb:
f1:38:15:30:78:ab:b8:90:19:af:fb:44:bf:45:9d:
3c:01:90:d5:41:19:9c:cc:5d:4e:08:58:1f:19:7d:
b2:11:51:49:49:14:ec:c1:f5:c6:8d:fe:55:33:76:
3b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7E:4A:3B:C5:80:3B:0F:54:0E:B8:30:D9:5A:53:62:E8:4F:A6:36
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_H5KO8WAOw9UDrgw2VpTYuhPpjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
77.241.72.0/22
84.54.0.0/22
85.8.144.0/22
139.28.212.0/22
212.87.196.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
71:b4:29:96:7d:9d:54:c4:96:97:d6:00:a6:5f:b0:1e:e8:ff:
e8:74:01:df:df:38:0a:94:de:c9:83:60:4e:35:28:fe:fe:38:
85:33:f8:04:21:0a:6d:4c:a5:f1:42:8a:fe:78:b3:cd:68:6a:
76:32:82:09:e1:2c:0c:88:23:e5:05:d9:73:94:97:07:1f:eb:
2c:e2:ed:05:31:95:99:6c:6b:74:a5:66:f3:2d:6b:7f:13:fb:
06:ea:46:47:b3:6b:94:c2:b0:94:90:b4:3b:ee:c4:01:8c:f2:
87:d1:67:69:ac:49:17:cf:f2:00:ee:5d:8e:ce:aa:4e:65:25:
27:ff:b3:58:a8:9e:49:ec:b7:55:35:29:cd:03:dc:0a:ba:eb:
dd:93:59:be:9c:47:b3:a5:f3:1e:ce:c7:fc:04:be:eb:df:8a:
ba:40:f1:90:1f:e7:d3:31:01:bc:ee:29:04:27:67:de:cb:e3:
0d:f3:79:4c:c8:2a:f3:38:d3:00:72:34:32:5c:49:81:b2:e8:
8c:8d:24:2d:bf:5e:c7:5c:19:64:12:bf:fe:8d:d7:e2:42:45:
8d:4e:1d:9f:01:92:8d:26:5d:c3:12:d5:1a:f0:6c:fe:dc:f2:
2e:48:05:4a:b2:46:36:47:88:b8:4e:1d:5f:64:65:86:b8:6e:
a8:44:2d:ea
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYuMN+moj7PJuNZO2Frm1z8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMTAxMTg0OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdlNGEzYmM1ODAzYjBmNTQwZWI4MzBkOTVhNTM2MmU4NGZhNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii2V50JXdhylMX8ZpjA/OrNJ7TsW
VnHal8PWp1b1iWoA0AGseAKnmFctZKdwkXGptFJdvenjPBAaf1B0Zaj7MVzcrjNd
wD+JdoPJ/Rd3HBv2wEpsjeiLL330wu5Yt2G5SwwlNB5kfV/52jebWbxpphrZtys1
cm1R/z2N94+0t46xZT7kbqohP3TvDUrRigwCbCqZoC6JgNTOkUZ/tIdPRd44M0an
+Anvsqw4dR8zD4XfGzJvmhW5j/DhcFGPyebpxwYi/k3PnpxvRwpfsEMBjfvxOBUw
eKu4kBmv+0S/RZ08AZDVQRmczF1OCFgfGX2yEVFJSRTswfXGjf5VM3Y7NwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPx+SjvFgDsPVA64MNlaU2LoT6Y2MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvX0g1S084V0FPdzlVRHJndzJWcFRZdWhQcGpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCHyjEAwQC
TfFIAwQCVDYAAwQCVQiQAwQCixzUAwQC1FfEAwQC1HNkMA0GCSqGSIb3DQEBCwUA
A4IBAQBxtCmWfZ1UxJaX1gCmX7Ae6P/odAHf3zgKlN7Jg2BONSj+/jiFM/gEIQpt
TKXxQor+eLPNaGp2MoIJ4SwMiCPlBdlzlJcHH+ss4u0FMZWZbGt0pWbzLWt/E/sG
6kZHs2uUwrCUkLQ77sQBjPKH0WdprEkXz/IA7l2OzqpOZSUn/7NYqJ5J7LdVNSnN
A9wKuuvdk1m+nEezpfMezsf8BL7r34q6QPGQH+fTMQG87ikEJ2fey+MN83lMyCrz
ONMAcjQyXEmBsuiMjSQtv17HXBlkEr/+jdfiQkWNTh2fAZKNJl3DEtUa8Gz+3PIu
SAVKskY2R4i4Th1fZGWGuG6oRC3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org