Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/0qVpsKica45t2YcLaojn2vfgjZo.roa
File: 0qVpsKica45t2YcLaojn2vfgjZo.roa (raw, json)
Hash identifier: ySfhm21mPOMUxFfJ0Qxh5bgZ2+04EdXF9bjRkU1Eitc=
Subject key identifier: D2:A5:69:B0:A8:9C:6B:8E:6D:D9:87:0B:6A:88:E7:DA:F7:E0:8D:9A
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018897836A56D51B2D41567D5E111E8F2ABB
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/0qVpsKica45t2YcLaojn2vfgjZo.roa
Signing time: Wed 07 Jun 2023 20:19:11 +0000
ROA not before: Wed 07 Jun 2023 20:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 31.135.4.0/23 maxlen: 23
91.193.28.0/23 maxlen: 23
176.96.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Jun 2023 15:35:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:97:83:6a:56:d5:1b:2d:41:56:7d:5e:11:1e:8f:2a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 7 20:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a569b0a89c6b8e6dd9870b6a88e7daf7e08d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:86:78:bf:2d:ff:9f:e6:55:d5:bc:27:4b:4d:
f1:88:f9:41:4c:ed:b2:af:60:da:7d:8b:4d:1e:ad:
4e:ff:8f:b9:43:d3:37:30:f1:0b:a1:9f:ec:da:ce:
ff:dd:7a:d5:ec:1f:10:9c:94:ec:ca:7e:7e:ec:ed:
eb:db:ea:5f:e5:5a:ec:7f:0b:33:5b:cd:40:76:44:
ea:1d:da:7e:02:b5:8a:a1:a3:c3:ec:74:d2:28:cd:
ba:23:44:b5:7e:42:e7:95:57:f9:cc:5e:84:45:9b:
17:70:4c:65:f5:9e:e1:d0:c1:f0:98:e6:d4:6c:a7:
1b:60:ac:e6:56:b4:3e:21:62:c7:07:c5:78:6d:d2:
a2:e6:64:c5:33:53:8d:4d:da:ce:a4:72:fb:14:2b:
0f:ca:78:22:7b:2b:9f:51:d0:13:d7:28:47:6d:6a:
de:65:d4:e7:72:6d:0f:33:ad:3d:d2:8b:2d:1c:f6:
be:b7:66:24:68:59:91:59:18:88:df:9e:48:df:84:
b2:d9:82:81:cc:a3:25:e7:aa:11:54:4e:28:35:fc:
b9:8c:92:a8:13:d2:4c:08:48:70:64:70:e3:d7:49:
bb:7c:0b:76:6a:82:0f:40:c0:78:ca:22:1d:01:0e:
f7:94:ca:b9:cd:a2:ce:6d:17:85:ee:27:46:a5:fb:
ca:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A5:69:B0:A8:9C:6B:8E:6D:D9:87:0B:6A:88:E7:DA:F7:E0:8D:9A
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/0qVpsKica45t2YcLaojn2vfgjZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.4.0/23
91.193.28.0/23
176.96.95.0/24
Signature Algorithm: sha256WithRSAEncryption
63:c3:af:b0:d9:ad:93:d2:52:58:cc:42:20:a3:23:62:bd:98:
4f:d7:30:2b:37:b9:53:20:7a:61:24:79:59:7d:8c:05:ab:27:
52:06:27:8f:2b:0a:9a:10:29:5e:d9:7e:7d:99:0f:13:8d:69:
6e:f7:ea:c7:5b:67:de:92:c3:9e:20:35:73:3e:70:77:ad:fe:
e6:a8:d4:22:1c:29:14:e7:e1:3d:50:1c:4a:18:32:49:62:b9:
20:87:dd:31:22:ff:31:00:ea:0c:5a:dc:33:66:54:39:6e:32:
48:e8:18:84:93:4a:b3:5b:38:ff:33:d0:96:5b:72:bf:e9:ff:
2d:a9:6a:42:c0:44:83:ca:9d:da:59:56:29:1a:a5:80:c1:5d:
9f:3d:e3:9f:55:97:67:e3:01:de:68:a9:7a:93:ab:c1:c9:ea:
7b:ec:6a:2f:d0:e3:77:de:82:5f:60:76:a9:37:c7:98:32:af:
f8:fc:81:4a:e2:5c:12:f7:c6:04:fe:91:02:98:f5:8c:53:8c:
cb:6e:4b:2f:1c:a9:65:aa:30:6e:86:bd:ca:2f:e1:71:6b:39:
3c:e0:21:b2:e2:97:fa:69:e5:ab:60:66:e3:06:25:19:66:d3:
ef:de:05:78:5e:d4:38:61:58:8a:09:c0:d6:06:40:77:69:d8:
82:90:d2:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiXg2pW1RstQVZ9XhEejyq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjA3MjAxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE1NjliMGE4OWM2YjhlNmRkOTg3MGI2YTg4ZTdkYWY3ZTA4ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoZ4vy3/n+ZV1bwnS03xiPlBTO2y
r2DafYtNHq1O/4+5Q9M3MPELoZ/s2s7/3XrV7B8QnJTsyn5+7O3r2+pf5Vrsfwsz
W81AdkTqHdp+ArWKoaPD7HTSKM26I0S1fkLnlVf5zF6ERZsXcExl9Z7h0MHwmObU
bKcbYKzmVrQ+IWLHB8V4bdKi5mTFM1ONTdrOpHL7FCsPyngieyufUdAT1yhHbWre
ZdTncm0PM6090ostHPa+t2YkaFmRWRiI355I34Sy2YKBzKMl56oRVE4oNfy5jJKo
E9JMCEhwZHDj10m7fAt2aoIPQMB4yiIdAQ73lMq5zaLObReF7idGpfvKzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNKlabConGuObdmHC2qI59r34I2aMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMHFWcHNLaWNhNDV0MlljTGFvam4ydmZnalpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBH4cEAwQB
W8EcAwQAsGBfMA0GCSqGSIb3DQEBCwUAA4IBAQBjw6+w2a2T0lJYzEIgoyNivZhP
1zArN7lTIHphJHlZfYwFqydSBiePKwqaECle2X59mQ8TjWlu9+rHW2feksOeIDVz
PnB3rf7mqNQiHCkU5+E9UBxKGDJJYrkgh90xIv8xAOoMWtwzZlQ5bjJI6BiEk0qz
Wzj/M9CWW3K/6f8tqWpCwESDyp3aWVYpGqWAwV2fPeOfVZdn4wHeaKl6k6vByep7
7Gov0ON33oJfYHapN8eYMq/4/IFK4lwS98YE/pECmPWMU4zLbksvHKllqjBuhr3K
L+Fxazk84CGy4pf6aeWrYGbjBiUZZtPv3gV4XtQ4YViKCcDWBkB3adiCkNJW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org