Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/dnryIUYYtsOWV_7Eughng9H6a-E.roa
File: dnryIUYYtsOWV_7Eughng9H6a-E.roa (raw, json)
Hash identifier: LBk7Vat7ZqA3FLOwDr9plY7AuvQR9eL5UHNtjNlzwo8=
Subject key identifier: 76:7A:F2:21:46:18:B6:C3:96:57:FE:C4:BA:08:67:83:D1:FA:6B:E1
Certificate issuer: /CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Certificate serial: 018C7771A6DD23F1EEB8008333D5ECC4D124
Authority key identifier: 13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/dnryIUYYtsOWV_7Eughng9H6a-E.roa
Signing time: Sun 17 Dec 2023 11:03:06 +0000
ROA not before: Sun 17 Dec 2023 11:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 85.31.41.0/24 maxlen: 24
85.31.42.0/24 maxlen: 24
85.31.43.0/24 maxlen: 24
85.31.40.0/24 maxlen: 24
2a0d:da40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:71:a6:dd:23:f1:ee:b8:00:83:33:d5:ec:c4:d1:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Validity
Not Before: Dec 17 11:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=767af2214618b6c39657fec4ba086783d1fa6be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:44:68:37:17:d5:e8:8a:c0:55:12:d8:27:
64:98:78:69:2d:bc:92:cb:ff:92:aa:0d:03:cc:1c:
ea:87:7e:f1:6b:6e:3a:05:76:77:54:cc:15:6b:69:
43:16:dd:04:e0:35:b7:40:a2:84:30:bf:31:cb:97:
4a:19:02:c9:5e:82:5a:2b:98:69:f5:c0:cb:0b:dc:
88:1f:f4:72:b2:55:81:f9:36:8e:55:3c:2a:71:51:
15:22:6a:c3:6b:45:43:3b:df:94:a8:c5:59:e0:10:
5c:26:12:37:5f:f9:64:c8:0b:df:e6:a2:9d:36:a6:
72:07:11:83:0d:4f:e2:20:98:ea:bb:a1:fd:39:cc:
bd:fd:02:38:f8:47:05:09:49:6e:ee:b4:47:ba:bc:
87:52:67:da:8d:43:42:53:1c:b5:70:19:8f:dc:57:
03:2c:3f:f2:29:83:21:d9:22:a0:0c:e1:b0:05:a2:
c4:37:64:49:17:91:61:f2:65:21:d2:a0:8b:81:4b:
53:0d:d5:5c:cf:bf:07:e8:50:25:62:7b:ae:ce:73:
dd:2a:59:ca:96:1f:c3:d3:4e:36:48:42:80:15:f5:
40:86:e7:52:55:b7:b7:18:15:12:20:42:fa:66:3a:
f0:16:e2:eb:8a:7e:a0:05:39:8e:77:fa:7e:ba:f5:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7A:F2:21:46:18:B6:C3:96:57:FE:C4:BA:08:67:83:D1:FA:6B:E1
X509v3 Authority Key Identifier:
keyid:13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/dnryIUYYtsOWV_7Eughng9H6a-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.40.0/22
IPv6:
2a0d:da40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:07:93:e3:b8:1d:17:7c:c0:72:cf:81:3b:2d:61:0c:fc:ca:
f7:ce:a2:c6:a4:cf:fb:88:25:ef:f8:ee:22:35:aa:25:bd:ca:
9b:28:cc:19:f3:af:0d:16:fa:98:32:cd:aa:5c:8d:6c:f6:9f:
6a:b4:93:ef:53:0a:e6:fe:d1:0e:dd:99:05:03:f5:92:02:ec:
20:a7:cc:9e:89:ae:56:28:96:2a:66:df:00:ef:ed:cd:1a:a7:
d4:d1:f4:78:ff:97:78:f9:ba:c4:65:cd:f5:ba:aa:31:51:6c:
9f:6f:4d:6f:18:1e:be:f8:6a:e9:5c:8d:a4:73:b9:c0:e3:bf:
ef:ec:7d:b0:85:19:99:c7:a4:b0:03:f7:02:b7:66:27:d7:86:
03:1a:12:ea:f8:63:24:8c:19:fa:19:e2:91:fc:04:5a:4c:dd:
c6:da:f6:be:54:fe:41:17:56:aa:cb:95:0d:d1:15:94:b0:ac:
d2:29:18:6e:4c:56:1a:9b:02:b4:42:02:76:6f:29:16:14:7a:
66:aa:3c:34:29:c5:d7:1a:1a:f6:2f:ed:9a:1c:f2:bb:b6:32:
48:3d:3c:e6:10:73:9a:67:4a:f3:09:ae:3e:d8:7a:d2:22:88:
da:37:30:54:9a:43:17:04:1f:14:a5:e6:9a:0f:c3:e7:5c:9d:
b7:03:99:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYx3cabdI/HuuACDM9XsxNEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjRmNmI5MDE2N2I3MWJkNjYzZmEwMzkxZTAzOGEwMTU1
YmI5MzkwHhcNMjMxMjE3MTEwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjdhZjIyMTQ2MThiNmMzOTY1N2ZlYzRiYTA4Njc4M2QxZmE2YmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl01EaDcX1eiKwFUS2CdkmHhpLbyS
y/+Sqg0DzBzqh37xa246BXZ3VMwVa2lDFt0E4DW3QKKEML8xy5dKGQLJXoJaK5hp
9cDLC9yIH/RyslWB+TaOVTwqcVEVImrDa0VDO9+UqMVZ4BBcJhI3X/lkyAvf5qKd
NqZyBxGDDU/iIJjqu6H9Ocy9/QI4+EcFCUlu7rRHuryHUmfajUNCUxy1cBmP3FcD
LD/yKYMh2SKgDOGwBaLEN2RJF5Fh8mUh0qCLgUtTDdVcz78H6FAlYnuuznPdKlnK
lh/D0042SEKAFfVAhudSVbe3GBUSIEL6ZjrwFuLrin6gBTmOd/p+uvU42wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHZ68iFGGLbDllf+xLoIZ4PR+mvhMB8GA1UdIwQY
MBaAFBO09rkBZ7cb1mP6A5HgOKAVW7k5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODkt
Y2IzZmE0MDdlMGY0LzEvZG5yeUlVWVl0c09XVl83RXVnaG5nOUg2YS1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODktY2IzZmE0MDdlMGY0
LzEvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVR8oMA0E
AgACMAcDBQMqDdpAMA0GCSqGSIb3DQEBCwUAA4IBAQB6B5PjuB0XfMByz4E7LWEM
/Mr3zqLGpM/7iCXv+O4iNaolvcqbKMwZ868NFvqYMs2qXI1s9p9qtJPvUwrm/tEO
3ZkFA/WSAuwgp8yeia5WKJYqZt8A7+3NGqfU0fR4/5d4+brEZc31uqoxUWyfb01v
GB6++GrpXI2kc7nA47/v7H2whRmZx6SwA/cCt2Yn14YDGhLq+GMkjBn6GeKR/ARa
TN3G2va+VP5BF1aqy5UN0RWUsKzSKRhuTFYamwK0QgJ2bykWFHpmqjw0KcXXGhr2
L+2aHPK7tjJIPTzmEHOaZ0rzCa4+2HrSIojaNzBUmkMXBB8UpeaaD8PnXJ23A5m0
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:17 2024 by rpki-client on console-fra.rpki-client.org