Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa
File: IJEEHQuk18wPN0eZnuqwIct7jWY.roa (raw, json)
Hash identifier: 6LKhr1Yjq5ZzggKgX0TGsViZoG8XzYoAm76sIBI8SMg=
Subject key identifier: 20:91:04:1D:0B:A4:D7:CC:0F:37:47:99:9E:EA:B0:21:CB:7B:8D:66
Certificate issuer: /CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Certificate serial: 0185734CD89EB85DB919DC6C7B52107E1A9D
Authority key identifier: 27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa
Signing time: Mon 02 Jan 2023 16:24:54 +0000
ROA not before: Mon 02 Jan 2023 16:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8758
IP address blocks: 185.104.84.0/22 maxlen: 24
146.185.64.0/19 maxlen: 24
94.46.188.0/22 maxlen: 22
31.207.52.0/22 maxlen: 22
31.207.60.0/22 maxlen: 22
185.63.64.0/22 maxlen: 24
2a04:f340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:d8:9e:b8:5d:b9:19:dc:6c:7b:52:10:7e:1a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Validity
Not Before: Jan 2 16:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2091041d0ba4d7cc0f3747999eeab021cb7b8d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:b8:5f:08:5c:c1:85:2d:34:bf:a4:cf:60:
0f:62:ec:8a:1e:de:6c:79:f6:01:83:e3:a1:21:15:
72:e9:e1:d2:44:c3:e3:62:ad:9b:cb:6a:75:eb:39:
8f:76:50:94:8b:5f:f0:d3:6f:e3:40:26:0d:3b:47:
bf:5b:92:84:92:04:59:fd:fe:63:8f:76:e5:89:69:
4f:97:6b:99:24:bb:67:c4:32:eb:df:40:13:bb:a4:
ba:e7:8f:82:2d:55:b7:11:d3:27:74:03:66:d9:86:
37:36:2d:77:ca:a0:8d:3b:d8:0f:8b:f1:20:ee:6c:
4e:ff:86:c0:58:d4:22:45:4c:b6:38:65:4d:05:ae:
88:f4:3c:62:39:0a:30:e3:3d:c9:c5:2d:27:88:6d:
ea:e4:ec:ba:35:9c:8e:4a:d5:46:18:0d:93:35:34:
42:0b:b1:33:b0:30:61:af:0b:14:67:23:31:8c:17:
af:e0:00:18:e1:2e:c9:45:38:5e:37:b0:f4:53:f7:
20:74:b7:c5:87:1d:7c:86:72:3d:00:3f:ad:bd:6b:
11:46:61:ce:28:39:60:2b:a9:a9:7d:86:68:6f:07:
ae:0c:f3:ae:2d:40:c8:6e:74:64:e2:e2:54:f8:7a:
7c:84:3a:9f:b5:69:a2:4b:5a:0b:b6:a1:1b:d8:eb:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:91:04:1D:0B:A4:D7:CC:0F:37:47:99:9E:EA:B0:21:CB:7B:8D:66
X509v3 Authority Key Identifier:
keyid:27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/IJEEHQuk18wPN0eZnuqwIct7jWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.52.0/22
31.207.60.0/22
94.46.188.0/22
146.185.64.0/19
185.63.64.0/22
185.104.84.0/22
IPv6:
2a04:f340::/29
Signature Algorithm: sha256WithRSAEncryption
74:fb:c5:68:a2:5a:8b:e5:e4:0f:3c:c9:19:b8:89:22:53:08:
19:62:48:93:7a:2d:ae:f6:87:a6:1b:14:19:82:d9:ee:1c:28:
61:2e:89:49:78:cd:09:9f:34:34:57:51:2b:e7:44:8a:94:cf:
74:b6:b1:5d:7b:76:f3:d5:50:75:80:f4:cf:31:0e:95:4d:a8:
1e:de:fb:2c:46:76:d0:9f:59:84:4c:ab:05:46:f1:0e:02:9a:
3f:de:5d:21:c0:9e:35:eb:8c:8f:4c:f3:68:a8:78:65:be:01:
54:0c:0b:fc:eb:fa:d2:52:71:13:f2:e7:37:18:37:43:22:31:
1f:82:84:41:a6:e3:5e:d5:7e:0f:64:ac:10:15:a6:ca:4a:e2:
a5:d7:82:db:39:c8:78:8e:e2:43:0c:30:6d:80:ce:0b:63:23:
56:73:f7:1a:7f:f6:d6:ff:fa:1a:c4:72:18:ac:e4:db:f7:6c:
4b:2f:2e:86:ae:cb:db:b8:d7:97:f0:47:f5:aa:ee:ff:75:f7:
71:e3:03:4b:e6:ad:6b:68:25:15:87:45:8f:d4:24:88:56:e8:
3d:bc:a5:a7:d7:02:68:e5:84:18:dc:bb:d5:fb:f9:7f:70:a2:
48:ab:e6:a7:bc:b2:7c:49:e5:5d:63:74:a4:d4:fb:0f:d7:2f:
04:eb:42:6c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVzTNieuF25Gdxse1IQfhqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTBmN2JiYmU0MDMxYTI0ZWYxYjlkYjE5NmFhYjA2NDJl
ODRhMDYwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDkxMDQxZDBiYTRkN2NjMGYzNzQ3OTk5ZWVhYjAyMWNiN2I4ZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9i4XwhcwYUtNL+kz2APYuyKHt5s
efYBg+OhIRVy6eHSRMPjYq2by2p16zmPdlCUi1/w02/jQCYNO0e/W5KEkgRZ/f5j
j3bliWlPl2uZJLtnxDLr30ATu6S654+CLVW3EdMndANm2YY3Ni13yqCNO9gPi/Eg
7mxO/4bAWNQiRUy2OGVNBa6I9DxiOQow4z3JxS0niG3q5Oy6NZyOStVGGA2TNTRC
C7EzsDBhrwsUZyMxjBev4AAY4S7JRTheN7D0U/cgdLfFhx18hnI9AD+tvWsRRmHO
KDlgK6mpfYZobweuDPOuLUDIbnRk4uJU+Hp8hDqftWmiS1oLtqEb2Os3OwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCCRBB0LpNfMDzdHmZ7qsCHLe41mMB8GA1UdIwQY
MBaAFCfg97u+QDGiTvG52xlqqwZC6EoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYt
MzQ2YTNlYzE4NjhjLzEvSUpFRUhRdWsxOHdQTjBlWm51cXdJY3Q3aldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYtMzQ2YTNlYzE4Njhj
LzEvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCH880AwQC
H888AwQCXi68AwQFkrlAAwQCuT9AAwQCuWhUMA0EAgACMAcDBQMqBPNAMA0GCSqG
SIb3DQEBCwUAA4IBAQB0+8VoolqL5eQPPMkZuIkiUwgZYkiTei2u9oemGxQZgtnu
HChhLolJeM0JnzQ0V1Er50SKlM90trFde3bz1VB1gPTPMQ6VTage3vssRnbQn1mE
TKsFRvEOApo/3l0hwJ4164yPTPNoqHhlvgFUDAv86/rSUnET8uc3GDdDIjEfgoRB
puNe1X4PZKwQFabKSuKl14LbOch4juJDDDBtgM4LYyNWc/caf/bW//oaxHIYrOTb
92xLLy6GrsvbuNeX8Ef1qu7/dfdx4wNL5q1raCUVh0WP1CSIVug9vKWn1wJo5YQY
3LvV+/l/cKJIq+anvLJ8SeVdY3Sk1PsP1y8E60Js
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:05 2024 by rpki-client on console-ams.rpki-client.org