Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/j_lKrqsiLbURC0NGl7T0MCfYICw.roa
File: j_lKrqsiLbURC0NGl7T0MCfYICw.roa (raw, json)
Hash identifier: ZkuqX8xYzb5NfWpjPwTmH9S/5b4MSNPujywNqli4/2o=
Subject key identifier: 8F:F9:4A:AE:AB:22:2D:B5:11:0B:43:46:97:B4:F4:30:27:D8:20:2C
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018791627449FD7312F22BF29BC48B42CA7A
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/j_lKrqsiLbURC0NGl7T0MCfYICw.roa
Signing time: Mon 17 Apr 2023 22:42:41 +0000
ROA not before: Mon 17 Apr 2023 22:42:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 31.40.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 29 May 2023 20:18:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:91:62:74:49:fd:73:12:f2:2b:f2:9b:c4:8b:42:ca:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Apr 17 22:42:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ff94aaeab222db5110b434697b4f43027d8202c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2c:ea:ab:f1:7d:74:47:fb:fb:db:ef:02:67:
8d:24:2d:0e:b4:14:d1:d3:2e:d3:a5:7a:cb:2e:20:
23:1d:2c:c1:11:18:f2:3c:55:a2:50:4a:aa:70:9b:
8a:3b:74:6c:9b:1f:75:9a:3a:f8:11:ec:28:31:f4:
e7:53:dd:52:03:a8:d4:90:39:ef:7c:05:85:3f:b2:
66:2f:68:2d:ac:ed:d4:58:21:e0:d4:a7:b2:51:11:
d0:d8:eb:7d:09:51:1d:9f:bf:a4:a7:83:e3:51:6e:
6f:2c:43:0b:16:2e:67:79:d7:7b:20:b0:19:81:48:
1a:1a:f1:49:35:8e:fc:59:9d:03:e6:56:19:4d:18:
de:dc:cd:06:c3:03:d6:86:8a:30:13:61:bd:de:a4:
22:d1:44:06:fd:fb:29:d7:f0:a4:89:47:ee:26:e7:
d5:0a:e6:68:6b:95:40:f1:76:7e:23:0f:ad:96:7e:
28:92:ff:13:5a:dd:5a:bf:a9:b5:5e:de:1c:fe:39:
6d:27:fd:f4:3c:52:19:b4:56:99:e1:7e:49:51:df:
2a:a1:43:cb:70:81:92:27:dc:00:1c:e7:b6:72:7c:
b8:1b:f3:99:ea:bb:d7:c5:fe:2f:1f:d0:d1:37:7a:
24:39:fa:0f:8f:ca:22:a0:58:07:54:d1:ea:0f:c5:
29:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F9:4A:AE:AB:22:2D:B5:11:0B:43:46:97:B4:F4:30:27:D8:20:2C
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/j_lKrqsiLbURC0NGl7T0MCfYICw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
85.8.144.0/22
141.98.48.0/22
188.119.68.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
55:ad:d3:45:7a:cf:95:10:1a:2e:50:1d:f4:a4:b6:94:11:0e:
e2:3b:15:53:c4:5f:81:d1:d4:2f:77:02:f0:77:d9:33:12:ed:
a8:e9:3d:eb:d8:ab:be:d2:22:33:28:19:08:4c:64:a0:2f:d7:
29:6d:4b:3a:69:48:70:4b:57:91:70:49:3d:7c:ef:a7:f1:40:
1e:b6:6f:87:0f:98:da:09:1d:72:f6:60:c8:36:e2:af:68:77:
dc:1a:22:4e:07:57:98:e1:f8:62:41:9d:07:cd:7c:14:84:da:
4b:70:6e:49:8b:b9:f7:35:00:9b:bb:6d:cb:07:56:c1:7d:d2:
92:eb:9b:5a:12:c5:90:2f:57:f0:8c:ed:a1:41:76:3c:38:b7:
8a:d9:97:da:d2:a1:64:df:3b:ab:5a:7e:85:87:7a:03:57:9c:
74:70:e2:2c:7c:3a:70:29:05:4a:dd:45:71:d8:8d:51:2c:9c:
e6:38:36:d8:6c:dd:7a:53:02:c3:85:20:19:79:f5:e5:03:5e:
bf:f8:c2:25:62:ab:58:b5:73:0e:51:15:4d:3e:7a:ba:9f:85:
bf:78:67:7e:0c:8c:85:68:73:8f:ec:05:90:02:6f:66:eb:69:
3b:48:35:8f:6f:4d:3f:09:b1:93:3f:50:90:f4:b2:2a:f3:83:
df:4e:bb:c7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYeRYnRJ/XMS8ivym8SLQsp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwNDE3MjI0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY5NGFhZWFiMjIyZGI1MTEwYjQzNDY5N2I0ZjQzMDI3ZDgyMDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9izqq/F9dEf7+9vvAmeNJC0OtBTR
0y7TpXrLLiAjHSzBERjyPFWiUEqqcJuKO3Rsmx91mjr4EewoMfTnU91SA6jUkDnv
fAWFP7JmL2gtrO3UWCHg1KeyURHQ2Ot9CVEdn7+kp4PjUW5vLEMLFi5nedd7ILAZ
gUgaGvFJNY78WZ0D5lYZTRje3M0GwwPWhoowE2G93qQi0UQG/fsp1/CkiUfuJufV
CuZoa5VA8XZ+Iw+tln4okv8TWt1av6m1Xt4c/jltJ/30PFIZtFaZ4X5JUd8qoUPL
cIGSJ9wAHOe2cny4G/OZ6rvXxf4vH9DRN3okOfoPj8oioFgHVNHqD8UpVQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI/5Sq6rIi21EQtDRpe09DAn2CAsMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEval9sS3Jxc2lMYlVSQzBOR2w3VDBNQ2ZZSUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHyjEAwQC
VQiQAwQCjWIwAwQCvHdEAwQC1GsEAwQC1HNkMA0GCSqGSIb3DQEBCwUAA4IBAQBV
rdNFes+VEBouUB30pLaUEQ7iOxVTxF+B0dQvdwLwd9kzEu2o6T3r2Ku+0iIzKBkI
TGSgL9cpbUs6aUhwS1eRcEk9fO+n8UAetm+HD5jaCR1y9mDINuKvaHfcGiJOB1eY
4fhiQZ0HzXwUhNpLcG5Ji7n3NQCbu23LB1bBfdKS65taEsWQL1fwjO2hQXY8OLeK
2Zfa0qFk3zurWn6Fh3oDV5x0cOIsfDpwKQVK3UVx2I1RLJzmODbYbN16UwLDhSAZ
efXlA16/+MIlYqtYtXMOURVNPnq6n4W/eGd+DIyFaHOP7AWQAm9m62k7SDWPb00/
CbGTP1CQ9LIq84PfTrvH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org