Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/cAbaANkq-5UICi_bc9psdE39-Hk.roa
File: cAbaANkq-5UICi_bc9psdE39-Hk.roa (raw, json)
Hash identifier: eg/N1k6qkYY1BMzWm1ULNCz1yoUf6FQFI/H3589nRGk=
Subject key identifier: 70:06:DA:00:D9:2A:FB:95:08:0A:2F:DB:73:DA:6C:74:4D:FD:F8:79
Certificate issuer: /CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Certificate serial: 01856FF9527847103EE51BACA0AB533AB63F
Authority key identifier: 40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/cAbaANkq-5UICi_bc9psdE39-Hk.roa
Signing time: Mon 02 Jan 2023 00:54:48 +0000
ROA not before: Mon 02 Jan 2023 00:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60407
IP address blocks: 185.31.125.0/24 maxlen: 24
185.31.124.0/22 maxlen: 22
185.31.124.0/24 maxlen: 24
185.31.124.0/23 maxlen: 23
185.31.127.0/24 maxlen: 24
185.31.126.0/24 maxlen: 24
185.31.126.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:52:78:47:10:3e:e5:1b:ac:a0:ab:53:3a:b6:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Validity
Not Before: Jan 2 00:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7006da00d92afb95080a2fdb73da6c744dfdf879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ca:7c:f8:19:b4:0b:94:14:87:1c:ee:2e:ac:
be:ef:a4:47:f6:bc:aa:a8:5b:d1:a9:d3:90:d6:1a:
a5:c8:8e:9d:1f:eb:ab:41:ca:b6:7a:25:95:86:33:
cd:2f:58:4d:ac:b1:db:58:b5:5f:fc:9a:18:4b:97:
6f:3e:e7:e8:cf:f5:0b:09:4f:a1:95:1a:68:e3:f1:
50:9b:9b:20:1c:61:f5:7e:ab:ca:65:09:94:64:67:
c1:3d:d1:18:c3:b5:b6:7c:b4:51:8b:b5:c4:7d:23:
1c:3d:d9:4d:e8:a4:dd:25:cd:7d:ad:27:34:88:5c:
0e:18:19:62:85:48:b0:b9:29:27:da:e1:ca:76:57:
71:bb:a6:f4:8b:db:5c:47:7a:27:70:73:46:48:eb:
e6:ae:05:fb:a0:ce:b9:55:90:9e:60:4d:a9:a3:72:
d4:36:01:c3:b5:5e:ed:45:a2:71:f0:d3:88:19:0b:
0c:33:9d:05:e2:a8:e1:fe:2a:34:99:7c:db:3a:5e:
67:66:c8:73:6e:f4:c1:5c:5e:ce:c6:a0:c7:0f:0f:
80:76:ad:4c:7e:28:83:41:5e:b1:74:72:30:e8:56:
ed:54:0a:2a:ce:66:7b:80:76:66:97:94:e7:a0:18:
b6:aa:50:b6:75:af:9d:cc:d3:9c:16:51:1d:b5:14:
4c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:06:DA:00:D9:2A:FB:95:08:0A:2F:DB:73:DA:6C:74:4D:FD:F8:79
X509v3 Authority Key Identifier:
keyid:40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/cAbaANkq-5UICi_bc9psdE39-Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.124.0/22
Signature Algorithm: sha256WithRSAEncryption
59:81:68:8b:ae:1a:ac:61:c8:6d:c9:75:c6:0c:c0:b0:49:94:
73:e9:48:e2:c2:2b:eb:43:ac:d3:b9:2a:97:ac:c0:0d:e9:1b:
67:7a:cc:0d:ac:70:9b:fe:26:3c:a8:7e:68:e4:7f:09:f4:06:
db:44:11:34:08:20:1f:01:a8:b6:26:5e:e9:f2:52:a8:57:4f:
66:fc:4e:35:e1:16:58:72:f8:f4:24:a4:72:3c:0c:ba:28:57:
c9:c8:09:20:54:e2:88:4b:28:89:7a:f3:8c:2b:af:79:a4:30:
b4:e7:22:18:d0:ca:0a:0c:f0:11:86:3e:e2:2b:87:b2:da:00:
b8:d0:ee:cc:9f:77:a8:3f:0c:36:68:47:fd:fd:82:45:2a:0c:
3e:b3:79:8a:d2:99:8b:81:9f:90:34:c1:69:fc:49:b9:c3:48:
a2:2c:af:d9:99:1b:82:08:db:52:a4:4d:f3:fb:cf:f0:c5:a8:
79:c1:4b:3c:e1:61:0c:50:54:a3:92:96:cc:f1:8e:fa:48:1b:
68:e3:29:40:7a:69:6e:7e:ce:f5:dc:33:29:0f:e7:85:97:13:
27:94:5d:94:88:2f:93:45:68:64:38:b1:13:f0:92:ee:fa:89:
71:91:b1:15:be:11:4b:45:7a:95:3e:27:e5:fb:fa:77:44:03:
0a:b4:ac:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv+VJ4RxA+5RusoKtTOrY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDc5ZWE1NjJkZDNhN2QwY2YyYTZlOTc4YjZiYmYzNzhm
NzNjZTQwHhcNMjMwMTAyMDA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA2ZGEwMGQ5MmFmYjk1MDgwYTJmZGI3M2RhNmM3NDRkZmRmODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cp8+Bm0C5QUhxzuLqy+76RH9ryq
qFvRqdOQ1hqlyI6dH+urQcq2eiWVhjPNL1hNrLHbWLVf/JoYS5dvPufoz/ULCU+h
lRpo4/FQm5sgHGH1fqvKZQmUZGfBPdEYw7W2fLRRi7XEfSMcPdlN6KTdJc19rSc0
iFwOGBlihUiwuSkn2uHKdldxu6b0i9tcR3oncHNGSOvmrgX7oM65VZCeYE2po3LU
NgHDtV7tRaJx8NOIGQsMM50F4qjh/io0mXzbOl5nZshzbvTBXF7OxqDHDw+Adq1M
fiiDQV6xdHIw6FbtVAoqzmZ7gHZml5TnoBi2qlC2da+dzNOcFlEdtRRMaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAG2gDZKvuVCAov23PabHRN/fh5MB8GA1UdIwQY
MBaAFEBHnqVi3Tp9DPKm6Xi2u/N49zzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYt
ODkzNmYwOTFmNGY0LzEvY0FiYUFOa3EtNVVJQ2lfYmM5cHNkRTM5LUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYtODkzNmYwOTFmNGY0
LzEvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuR98MA0G
CSqGSIb3DQEBCwUAA4IBAQBZgWiLrhqsYchtyXXGDMCwSZRz6UjiwivrQ6zTuSqX
rMAN6RtneswNrHCb/iY8qH5o5H8J9AbbRBE0CCAfAai2Jl7p8lKoV09m/E414RZY
cvj0JKRyPAy6KFfJyAkgVOKISyiJevOMK695pDC05yIY0MoKDPARhj7iK4ey2gC4
0O7Mn3eoPww2aEf9/YJFKgw+s3mK0pmLgZ+QNMFp/Em5w0iiLK/ZmRuCCNtSpE3z
+8/wxah5wUs84WEMUFSjkpbM8Y76SBto4ylAemlufs713DMpD+eFlxMnlF2UiC+T
RWhkOLET8JLu+olxkbEVvhFLRXqVPifl+/p3RAMKtKx7
-----END CERTIFICATE-----
Generated at Tue Nov 21 11:06:46 2023 by rpki-client on console-fra.rpki-client.org