Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/1-XqjElRm7pek5dsdr_s4s0ZEi8Y.roa
File: 1-XqjElRm7pek5dsdr_s4s0ZEi8Y.roa (raw, json)
Hash identifier: +7bUqxIQsvYOx5IdDI4eXQJWiWq/PNGHyFQZHlzuW9I=
Subject key identifier: F9:7A:A3:12:54:66:EE:97:A4:E5:DB:1D:AF:FB:38:B3:46:44:8B:C6
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 018571953C95B508A2740360EA2AFE0750AD
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/1-XqjElRm7pek5dsdr_s4s0ZEi8Y.roa
Signing time: Mon 02 Jan 2023 08:24:43 +0000
ROA not before: Mon 02 Jan 2023 08:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206273
IP address blocks: 185.198.60.0/23 maxlen: 23
185.198.62.0/23 maxlen: 23
178.212.58.0/23 maxlen: 23
31.130.242.0/23 maxlen: 23
31.130.244.0/22 maxlen: 22
91.218.154.0/23 maxlen: 23
2a0a:15c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:3c:95:b5:08:a2:74:03:60:ea:2a:fe:07:50:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Jan 2 08:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97aa3125466ee97a4e5db1daffb38b346448bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bf:d5:78:54:bf:8d:23:47:db:e3:f7:6a:00:
2c:e2:59:c5:1f:9e:3f:27:a5:b5:0c:22:f4:86:dd:
4f:b5:16:5e:fe:f4:3c:94:71:ce:50:c1:ae:fd:5b:
bf:9d:2a:d3:5b:f1:12:04:10:9b:13:b3:16:3c:05:
ae:b2:c9:75:e3:3d:51:76:ac:40:0d:e4:65:35:e0:
77:94:05:3e:46:69:8a:f0:bd:bf:20:4c:6f:97:94:
97:63:54:31:72:0d:5b:e1:e3:9a:a6:77:4e:a3:ec:
06:68:c0:a1:fc:05:30:f3:0d:61:02:04:5f:56:2a:
84:7b:d6:4a:6f:4a:42:16:a7:4c:7f:99:f7:8e:6d:
59:f6:0a:16:1e:11:bd:38:1f:91:ba:ad:04:38:a6:
33:39:10:18:9a:5c:de:e6:79:7e:4c:91:28:a6:a7:
e8:8c:06:38:b3:e0:69:a4:c5:ff:cd:59:22:7b:b5:
d5:2c:8d:df:94:93:04:19:d6:d4:ea:62:7a:65:2d:
b5:56:df:df:91:58:ad:95:c0:bb:19:6e:33:7c:bb:
16:32:5f:68:5d:f3:7c:38:75:bf:d3:12:d8:a1:b0:
4f:33:b8:6f:68:2a:5a:d3:ea:0d:33:2d:5a:97:d2:
2b:19:1a:01:51:e9:d5:ad:a3:d1:36:9e:d6:f3:4c:
09:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7A:A3:12:54:66:EE:97:A4:E5:DB:1D:AF:FB:38:B3:46:44:8B:C6
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/1-XqjElRm7pek5dsdr_s4s0ZEi8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.242.0-31.130.247.255
91.218.154.0/23
178.212.58.0/23
185.198.60.0/22
IPv6:
2a0a:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:38:3b:6c:4b:da:69:99:29:8c:c2:37:e0:0f:ae:2f:6f:77:
c9:c2:b4:8c:92:cc:92:26:85:ef:36:3c:e8:39:be:56:64:68:
b9:d3:99:03:74:f1:4a:08:4d:c3:e7:e7:7a:ab:e7:3d:5f:5d:
53:33:8c:41:75:b9:37:09:6c:1c:da:35:af:ef:1a:3f:a8:fe:
bb:13:ab:d3:74:14:45:a0:4a:af:f2:ca:0b:7a:1a:91:8a:6e:
98:c4:09:c8:9e:2c:fe:ee:0d:44:14:a8:36:d8:07:e9:5c:c9:
f5:a4:2d:c2:3e:5f:a0:60:06:fe:38:78:eb:7d:9f:cc:f3:57:
1c:50:43:9d:69:aa:20:8c:25:30:6b:0e:aa:e3:84:04:7c:c7:
3e:a8:90:5e:df:75:93:70:0d:95:74:dd:2c:0f:15:c7:bd:76:
04:ee:8f:f4:5d:bc:d8:0d:6d:df:2e:f3:5f:12:45:79:a7:ad:
51:29:ba:6b:b6:6c:dd:f0:53:4c:22:dc:1e:70:5a:5d:1a:88:
c5:fc:28:98:3a:35:90:8a:68:73:61:fb:45:f1:9c:50:73:0a:
ab:a9:e9:5b:a7:0f:ab:81:53:48:cb:d1:2e:4c:f3:51:2d:ae:
35:21:6c:63:0d:6e:25:32:35:08:a9:12:23:5f:36:8f:7d:1b:
1e:e1:aa:1b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxlTyVtQiidANg6ir+B1CtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjMwMTAyMDgyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdhYTMxMjU0NjZlZTk3YTRlNWRiMWRhZmZiMzhiMzQ2NDQ4YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7/VeFS/jSNH2+P3agAs4lnFH54/
J6W1DCL0ht1PtRZe/vQ8lHHOUMGu/Vu/nSrTW/ESBBCbE7MWPAWussl14z1RdqxA
DeRlNeB3lAU+RmmK8L2/IExvl5SXY1Qxcg1b4eOapndOo+wGaMCh/AUw8w1hAgRf
ViqEe9ZKb0pCFqdMf5n3jm1Z9goWHhG9OB+Ruq0EOKYzORAYmlze5nl+TJEopqfo
jAY4s+BppMX/zVkie7XVLI3flJMEGdbU6mJ6ZS21Vt/fkVitlcC7GW4zfLsWMl9o
XfN8OHW/0xLYobBPM7hvaCpa0+oNMy1al9IrGRoBUenVraPRNp7W80wJxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPl6oxJUZu6XpOXbHa/7OLNGRIvGMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvMS1YcWpFbFJtN3BlazVkc2RyX3M0czBaRWk4WS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvYTY3Yjc4LTU4YzgtNDMxMS05ZTY5LTZiYWEzYjU0OGQy
My8xLzNiNXVDdHJvdTBlRGs2cXhkYlk0WkV4MHpMYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBIBggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIDAMAwQBH4Ly
AwQDH4LwAwQBW9qaAwQBstQ6AwQCucY8MA0EAgACMAcDBQMqChXAMA0GCSqGSIb3
DQEBCwUAA4IBAQCEODtsS9ppmSmMwjfgD64vb3fJwrSMksySJoXvNjzoOb5WZGi5
05kDdPFKCE3D5+d6q+c9X11TM4xBdbk3CWwc2jWv7xo/qP67E6vTdBRFoEqv8soL
ehqRim6YxAnIniz+7g1EFKg22AfpXMn1pC3CPl+gYAb+OHjrfZ/M81ccUEOdaaog
jCUwaw6q44QEfMc+qJBe33WTcA2VdN0sDxXHvXYE7o/0XbzYDW3fLvNfEkV5p61R
Kbprtmzd8FNMItwecFpdGojF/CiYOjWQimhzYftF8ZxQcwqrqelbpw+rgVNIy9Eu
TPNRLa41IWxjDW4lMjUIqRIjXzaPfRse4aob
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org