Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/spiQDBneqqlC9xrNb5hy8wza_8w.roa
File: spiQDBneqqlC9xrNb5hy8wza_8w.roa (raw, json)
Hash identifier: GY1wG5Y+myQXKkJKx9vL/0bOc1yXHVh3o54c7pkT+Bk=
Subject key identifier: B2:98:90:0C:19:DE:AA:A9:42:F7:1A:CD:6F:98:72:F3:0C:DA:FF:CC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA8042AB7C2EE29EB5AE5BC7EEF85
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/spiQDBneqqlC9xrNb5hy8wza_8w.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34744
IP address blocks: 109.197.232.0/22 maxlen: 22
109.197.236.0/22 maxlen: 22
77.36.64.0/19 maxlen: 19
77.36.64.0/24 maxlen: 24
31.133.28.0/22 maxlen: 22
77.36.0.0/18 maxlen: 18
77.36.16.0/21 maxlen: 21
91.246.172.0/22 maxlen: 22
77.232.216.0/22 maxlen: 22
176.111.164.0/22 maxlen: 22
176.115.232.0/22 maxlen: 22
93.120.47.0/24 maxlen: 24
2a01:7d8::/48 maxlen: 48
2a01:7d8:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a8:04:2a:b7:c2:ee:29:eb:5a:e5:bc:7e:ef:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b298900c19deaaa942f71acd6f9872f30cdaffcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:35:0b:e0:55:c7:8a:a9:b9:ae:9e:5e:55:4b:
3e:8a:78:65:02:ab:94:9c:25:b7:26:55:6d:c7:95:
69:36:7e:e2:45:9b:7b:11:49:3b:2f:1c:38:0e:34:
d2:bc:42:7f:e2:b7:01:a4:d6:0c:d3:11:84:40:c7:
c2:cf:68:5e:a7:aa:aa:c2:3d:72:fe:5f:18:ec:7d:
3b:ad:68:d9:37:f5:82:8c:61:d9:57:cb:3e:fd:f5:
82:54:0f:1f:aa:6b:4e:10:f3:09:a2:64:1e:f1:7b:
88:64:00:1c:be:56:66:0e:ba:97:6f:54:f7:d1:7d:
0a:df:03:de:36:76:b9:73:6f:0d:0a:7f:0e:db:46:
4f:68:63:ee:25:9a:47:2c:e5:16:d3:e7:91:6d:43:
a1:b7:4c:3c:16:c1:4e:c8:6a:60:4d:6d:3b:44:ae:
71:c9:7d:0b:e2:f4:b4:11:a4:13:33:4b:2b:32:10:
7c:40:72:43:78:e4:6d:ef:d9:24:65:87:79:a6:3b:
ef:ca:f0:ef:7e:b5:11:be:aa:39:12:ed:24:7c:e2:
1d:6a:05:c2:e5:88:03:7a:3c:e1:83:86:2e:cd:72:
f2:4c:f5:e5:24:ac:d9:f7:ac:75:b4:73:6f:3f:69:
2e:3d:0f:f9:5f:10:6d:94:5c:85:19:1a:1e:fb:04:
54:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:98:90:0C:19:DE:AA:A9:42:F7:1A:CD:6F:98:72:F3:0C:DA:FF:CC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/spiQDBneqqlC9xrNb5hy8wza_8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.28.0/22
77.36.0.0-77.36.95.255
77.232.216.0/22
91.246.172.0/22
93.120.47.0/24
109.197.232.0/21
176.111.164.0/22
176.115.232.0/22
IPv6:
2a01:7d8::/47
Signature Algorithm: sha256WithRSAEncryption
2f:54:d0:98:c5:ed:06:71:9d:5f:5a:1b:30:ce:f9:28:bc:2a:
c6:c4:d6:0d:61:52:90:9f:0c:fa:a6:1f:17:d4:62:f7:01:d1:
bb:ca:10:c0:bb:d4:d4:ee:db:2a:3e:3a:76:b3:92:7a:21:70:
b9:41:c5:e4:eb:3d:de:ea:34:f3:d1:56:f0:20:ee:12:1a:46:
6e:3d:9a:e8:71:1d:86:60:e8:4d:37:de:6a:5f:08:eb:3f:72:
e4:e2:b1:aa:ce:6b:06:62:1d:3b:bc:c0:37:49:da:97:d8:72:
49:92:6b:14:44:f7:95:46:aa:95:a8:64:71:d5:81:03:0e:42:
af:fd:d4:74:df:6c:30:3e:1e:bf:28:d1:d9:aa:36:3f:c2:d7:
8a:0f:8f:39:60:ae:6b:20:a3:d8:c3:b9:f0:a8:fc:04:05:21:
d8:4a:12:ce:dc:76:34:7c:ad:ae:79:33:f3:4f:50:79:f1:28:
6f:82:11:4b:2b:0a:ed:61:3e:61:03:0b:94:db:9e:44:1a:55:
c2:8a:75:6b:de:e7:41:be:4d:76:f7:65:8d:09:c5:73:83:c2:
5d:a9:38:1f:23:2f:c4:ce:05:88:c8:e4:27:a0:3f:d1:1c:1e:
3e:58:2e:5f:66:f9:a3:8e:2a:71:bd:a3:c7:84:43:a9:55:97:
9f:87:c8:62
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVr3KgEKrfC7inrWuW8fu+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjk4OTAwYzE5ZGVhYWE5NDJmNzFhY2Q2Zjk4NzJmMzBjZGFmZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzUL4FXHiqm5rp5eVUs+inhlAquU
nCW3JlVtx5VpNn7iRZt7EUk7Lxw4DjTSvEJ/4rcBpNYM0xGEQMfCz2hep6qqwj1y
/l8Y7H07rWjZN/WCjGHZV8s+/fWCVA8fqmtOEPMJomQe8XuIZAAcvlZmDrqXb1T3
0X0K3wPeNna5c28NCn8O20ZPaGPuJZpHLOUW0+eRbUOht0w8FsFOyGpgTW07RK5x
yX0L4vS0EaQTM0srMhB8QHJDeORt79kkZYd5pjvvyvDvfrURvqo5Eu0kfOIdagXC
5YgDejzhg4YuzXLyTPXlJKzZ96x1tHNvP2kuPQ/5XxBtlFyFGRoe+wRUAQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLKYkAwZ3qqpQvcazW+YcvMM2v/MMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvc3BpUURCbmVxcWxDOXhyTmI1aHk4d3phXzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA9BAIAATA3AwQCH4UcMAsD
AwJNJAMEBU0kQAMEAk3o2AMEAlv2rAMEAF14LwMEA23F6AMEArBvpAMEArBz6DAP
BAIAAjAJAwcBKgEH2AAAMA0GCSqGSIb3DQEBCwUAA4IBAQAvVNCYxe0GcZ1fWhsw
zvkovCrGxNYNYVKQnwz6ph8X1GL3AdG7yhDAu9TU7tsqPjp2s5J6IXC5QcXk6z3e
6jTz0VbwIO4SGkZuPZrocR2GYOhNN95qXwjrP3Lk4rGqzmsGYh07vMA3SdqX2HJJ
kmsURPeVRqqVqGRx1YEDDkKv/dR032wwPh6/KNHZqjY/wteKD485YK5rIKPYw7nw
qPwEBSHYShLO3HY0fK2ueTPzT1B58ShvghFLKwrtYT5hAwuU255EGlXCinVr3udB
vk1292WNCcVzg8JdqTgfIy/EzgWIyOQnoD/RHB4+WC5fZvmjjipxvaPHhEOpVZef
h8hi
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:50:10 2024 by rpki-client on console-fra.rpki-client.org