Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/8YNZFzjFgpRiHCj_04fQSZN20Wg.roa
File: 8YNZFzjFgpRiHCj_04fQSZN20Wg.roa (raw, json)
Hash identifier: tnBrSoe5IlVeJdi+XmS2c/mKhQr1HrwOjheJEiAPZCI=
Subject key identifier: F1:83:59:17:38:C5:82:94:62:1C:28:FF:D3:87:D0:49:93:76:D1:68
Certificate issuer: /CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Certificate serial: 018BF16E53EE0771226C89A7F1A0E5BA6FB4
Authority key identifier: 40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/8YNZFzjFgpRiHCj_04fQSZN20Wg.roa
Signing time: Tue 21 Nov 2023 10:30:21 +0000
ROA not before: Tue 21 Nov 2023 10:30:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60407
IP address blocks: 185.31.125.0/24 maxlen: 24
185.31.124.0/22 maxlen: 22
185.31.124.0/23 maxlen: 23
185.31.124.0/24 maxlen: 24
185.31.127.0/24 maxlen: 24
185.31.126.0/24 maxlen: 24
185.31.126.0/23 maxlen: 23
2a00:bc60::/30 maxlen: 30
2a00:bc61::/32 maxlen: 32
2a00:bc60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:6e:53:ee:07:71:22:6c:89:a7:f1:a0:e5:ba:6f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Validity
Not Before: Nov 21 10:30:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f183591738c58294621c28ffd387d0499376d168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:11:ea:d0:e4:18:bc:53:9d:0a:cd:55:61:ff:
a2:db:2a:1e:bd:c3:24:46:4f:f3:f9:bd:02:c6:53:
f8:51:c0:4d:91:47:45:0f:a2:91:65:bc:7d:84:22:
12:fb:4c:89:89:71:89:ba:f7:c6:b2:20:1a:aa:12:
10:6f:96:20:41:e3:a3:ed:44:1c:e5:03:04:94:27:
86:24:a6:b3:49:e4:75:27:3c:56:9c:10:4c:fe:24:
00:0a:90:31:5d:0a:2b:68:aa:ed:8d:1c:21:8e:43:
a3:5e:3f:24:53:c6:18:87:80:ea:89:61:90:42:93:
86:5d:7e:f0:b0:19:27:ae:1f:54:6a:e1:f8:78:26:
57:a0:2b:27:00:46:ec:76:11:9a:27:1b:92:75:73:
43:9b:9a:83:54:d6:ec:a6:c4:4b:76:36:5b:ef:c7:
36:cd:c0:2b:cc:66:56:e8:90:01:11:e4:74:7f:ab:
c0:07:46:f5:36:72:95:fe:84:09:09:de:5a:27:e5:
d7:0d:45:04:34:1a:2a:6a:f2:f8:2f:67:d7:16:b5:
b0:45:9a:35:f6:d2:ff:ff:7d:a5:a0:28:18:af:29:
f0:e0:1c:b6:89:bf:23:92:43:01:80:8c:59:41:75:
f0:a7:70:bf:92:8f:22:4c:48:41:35:70:06:3d:b2:
ec:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:83:59:17:38:C5:82:94:62:1C:28:FF:D3:87:D0:49:93:76:D1:68
X509v3 Authority Key Identifier:
keyid:40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/8YNZFzjFgpRiHCj_04fQSZN20Wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.124.0/22
IPv6:
2a00:bc60::/30
Signature Algorithm: sha256WithRSAEncryption
cf:51:01:c1:92:5f:f6:67:37:de:bb:b9:b2:e8:06:42:ff:dc:
f2:7d:ac:45:02:2c:88:9f:6a:57:6b:fc:d1:ba:20:a6:57:57:
8e:b7:84:93:a4:95:90:c7:da:2c:e5:b8:a7:58:e4:d7:de:11:
2f:81:3d:3f:ff:2d:df:43:30:1a:93:89:36:dc:c6:dd:30:a6:
6d:88:eb:4f:24:fc:2a:0b:26:31:39:72:9a:bb:c6:d7:7d:7c:
1a:07:a7:73:28:b9:38:43:3a:e9:e2:33:d3:88:ff:c1:05:95:
e4:11:6d:b8:a9:d6:50:33:19:15:7f:77:e2:90:42:a7:07:4f:
3a:5b:85:a2:c2:f6:e1:85:4a:ea:dc:fd:60:da:f4:e6:e6:3f:
73:f4:88:71:03:96:0f:02:e3:b5:32:59:0f:de:31:08:dd:b0:
4f:b9:dc:a3:39:59:74:c7:7a:46:ff:1e:34:ce:f2:8f:39:0f:
3f:8a:75:96:92:4a:98:d6:22:c1:52:1f:f7:be:11:ac:9e:39:
86:2c:4c:35:a3:a7:8e:a3:1e:fc:ad:86:9c:89:cc:cb:71:0c:
81:13:cd:fe:06:f2:3b:e8:95:d3:1c:a6:9f:67:56:30:f5:04:
31:c8:67:cd:ed:13:d1:56:88:5f:3f:1f:ff:84:5f:6f:5d:2d:
cd:d4:fc:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvxblPuB3EibImn8aDlum+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDc5ZWE1NjJkZDNhN2QwY2YyYTZlOTc4YjZiYmYzNzhm
NzNjZTQwHhcNMjMxMTIxMTAzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgzNTkxNzM4YzU4Mjk0NjIxYzI4ZmZkMzg3ZDA0OTkzNzZkMTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBHq0OQYvFOdCs1VYf+i2yoevcMk
Rk/z+b0CxlP4UcBNkUdFD6KRZbx9hCIS+0yJiXGJuvfGsiAaqhIQb5YgQeOj7UQc
5QMElCeGJKazSeR1JzxWnBBM/iQACpAxXQoraKrtjRwhjkOjXj8kU8YYh4DqiWGQ
QpOGXX7wsBknrh9UauH4eCZXoCsnAEbsdhGaJxuSdXNDm5qDVNbspsRLdjZb78c2
zcArzGZW6JABEeR0f6vAB0b1NnKV/oQJCd5aJ+XXDUUENBoqavL4L2fXFrWwRZo1
9tL//32loCgYrynw4By2ib8jkkMBgIxZQXXwp3C/ko8iTEhBNXAGPbLsWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPGDWRc4xYKUYhwo/9OH0EmTdtFoMB8GA1UdIwQY
MBaAFEBHnqVi3Tp9DPKm6Xi2u/N49zzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYt
ODkzNmYwOTFmNGY0LzEvOFlOWkZ6akZncFJpSENqXzA0ZlFTWk4yMFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYtODkzNmYwOTFmNGY0
LzEvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR98MA0E
AgACMAcDBQIqALxgMA0GCSqGSIb3DQEBCwUAA4IBAQDPUQHBkl/2Zzfeu7my6AZC
/9zyfaxFAiyIn2pXa/zRuiCmV1eOt4STpJWQx9os5binWOTX3hEvgT0//y3fQzAa
k4k23MbdMKZtiOtPJPwqCyYxOXKau8bXfXwaB6dzKLk4Qzrp4jPTiP/BBZXkEW24
qdZQMxkVf3fikEKnB086W4WiwvbhhUrq3P1g2vTm5j9z9IhxA5YPAuO1MlkP3jEI
3bBPudyjOVl0x3pG/x40zvKPOQ8/inWWkkqY1iLBUh/3vhGsnjmGLEw1o6eOox78
rYaciczLcQyBE83+BvI76JXTHKafZ1Yw9QQxyGfN7RPRVohfPx//hF9vXS3N1Pzk
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:36 2024 by rpki-client on console-ams.rpki-client.org