Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/VnCkNoDZpQH8w9Z5rfhabFjrQ0c.roa
File: VnCkNoDZpQH8w9Z5rfhabFjrQ0c.roa (raw, json)
Hash identifier: tPhtDbkTnFGIPYdmZZz4AqYUYQubFxFVbGErDaVGAxc=
Subject key identifier: 56:70:A4:36:80:D9:A5:01:FC:C3:D6:79:AD:F8:5A:6C:58:EB:43:47
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 018BDCF31AFB9EA82857F6268AA9E73E5AC0
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/VnCkNoDZpQH8w9Z5rfhabFjrQ0c.roa
Signing time: Fri 17 Nov 2023 11:03:21 +0000
ROA not before: Fri 17 Nov 2023 11:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57665
IP address blocks: 185.226.44.0/22 maxlen: 22
185.241.104.0/22 maxlen: 22
185.241.104.0/23 maxlen: 23
31.222.16.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 17 Nov 2023 11:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:f3:1a:fb:9e:a8:28:57:f6:26:8a:a9:e7:3e:5a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Nov 17 11:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5670a43680d9a501fcc3d679adf85a6c58eb4347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:87:02:ba:e8:20:59:82:c3:56:6a:12:35:cd:
ed:e6:be:61:d9:b1:a7:31:b0:58:e3:90:cf:6d:77:
18:f5:02:24:71:11:1d:8b:f3:25:72:31:36:43:9f:
60:db:dc:2a:7e:26:4b:a3:e3:dd:cb:a0:52:a8:24:
ab:12:09:19:6c:1f:90:74:a2:49:bc:a3:ac:1a:2e:
90:22:86:21:13:7b:5c:4c:fd:b2:e2:b7:88:83:9b:
e0:e0:eb:96:a4:30:f1:b5:f1:4a:b0:c1:e9:c5:a1:
6d:6b:c5:aa:0d:c7:f2:bb:bd:95:25:4f:51:52:97:
2d:8e:3f:43:15:1c:46:83:27:28:07:81:2c:2f:99:
d1:99:1c:70:f4:64:57:4e:cf:d0:dc:45:22:2d:a2:
2e:09:3b:9a:80:f0:f6:b4:48:b2:3d:55:c7:03:f8:
73:58:61:a8:16:43:09:b3:8c:19:e4:db:81:0c:56:
e5:a1:42:4d:cf:49:f1:57:e8:5b:53:48:b5:23:47:
59:75:91:4a:9e:b1:21:49:29:9a:49:51:84:b6:97:
ef:4e:11:ec:46:59:35:aa:2f:13:b5:9e:5e:e8:f5:
d5:3f:e7:0f:e3:92:66:47:21:69:cb:54:74:c6:ab:
98:1f:77:7e:78:73:f9:03:e0:ab:50:8e:4e:5f:6f:
5b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:70:A4:36:80:D9:A5:01:FC:C3:D6:79:AD:F8:5A:6C:58:EB:43:47
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/VnCkNoDZpQH8w9Z5rfhabFjrQ0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.16.0/21
185.226.44.0/22
185.241.104.0/22
Signature Algorithm: sha256WithRSAEncryption
35:85:11:b2:05:27:43:01:5e:7b:83:bd:3c:e4:a0:f5:ee:39:
08:e6:90:f6:3f:9c:6e:6b:ec:96:aa:da:05:d5:64:98:c9:e9:
f8:9b:35:11:7b:24:92:5f:1d:3c:55:e5:77:5e:3a:f3:6d:34:
60:fb:4c:20:f1:24:ea:41:20:55:e5:7a:a7:04:4a:f9:d9:22:
5b:ca:cc:39:38:f5:f8:eb:52:76:3b:db:97:90:15:c0:fb:c3:
89:d1:80:1f:03:a5:8a:34:60:49:33:08:4a:28:bd:15:60:85:
35:a4:4c:f8:7a:8d:94:95:d0:43:0f:f6:82:ef:db:4b:20:2a:
59:bd:a6:35:d1:75:d0:c4:94:bd:29:35:a7:06:39:e6:a2:b4:
3e:a1:17:66:86:88:28:36:dd:49:ec:03:57:1e:a8:51:f6:e2:
2b:b8:0b:c6:07:d9:7c:6d:8a:24:44:b8:2a:73:23:78:8d:81:
3a:c9:4f:38:d3:79:a3:0b:2b:c8:62:8e:c0:5a:d6:4d:59:38:
34:a9:f0:5d:ea:2c:12:30:98:fd:c2:c8:c9:62:e2:93:93:6c:
d5:44:64:2c:10:ee:db:1d:9c:77:ca:e5:a5:46:f3:1e:a8:f6:
0b:2a:20:12:0c:68:74:e3:d1:84:7c:83:06:13:bd:2a:c3:5a:
54:0f:8f:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvc8xr7nqgoV/YmiqnnPlrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMxMTE3MTEwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjcwYTQzNjgwZDlhNTAxZmNjM2Q2NzlhZGY4NWE2YzU4ZWI0MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgocCuuggWYLDVmoSNc3t5r5h2bGn
MbBY45DPbXcY9QIkcREdi/MlcjE2Q59g29wqfiZLo+Pdy6BSqCSrEgkZbB+QdKJJ
vKOsGi6QIoYhE3tcTP2y4reIg5vg4OuWpDDxtfFKsMHpxaFta8WqDcfyu72VJU9R
Upctjj9DFRxGgycoB4EsL5nRmRxw9GRXTs/Q3EUiLaIuCTuagPD2tEiyPVXHA/hz
WGGoFkMJs4wZ5NuBDFbloUJNz0nxV+hbU0i1I0dZdZFKnrEhSSmaSVGEtpfvThHs
Rlk1qi8TtZ5e6PXVP+cP45JmRyFpy1R0xquYH3d+eHP5A+CrUI5OX29b6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFZwpDaA2aUB/MPWea34WmxY60NHMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvVm5Da05vRFpwUUg4dzlaNXJmaGFiRmpyUTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH94QAwQC
ueIsAwQCufFoMA0GCSqGSIb3DQEBCwUAA4IBAQA1hRGyBSdDAV57g7085KD17jkI
5pD2P5xua+yWqtoF1WSYyen4mzUReySSXx08VeV3XjrzbTRg+0wg8STqQSBV5Xqn
BEr52SJbysw5OPX461J2O9uXkBXA+8OJ0YAfA6WKNGBJMwhKKL0VYIU1pEz4eo2U
ldBDD/aC79tLICpZvaY10XXQxJS9KTWnBjnmorQ+oRdmhogoNt1J7ANXHqhR9uIr
uAvGB9l8bYokRLgqcyN4jYE6yU8403mjCyvIYo7AWtZNWTg0qfBd6iwSMJj9wsjJ
YuKTk2zVRGQsEO7bHZx3yuWlRvMeqPYLKiASDGh049GEfIMGE70qw1pUD4/S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:09 2024 by rpki-client on console-ams.rpki-client.org