Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/ya0Fb5RnWblG10kg7vCIMpm90pY.roa
File: ya0Fb5RnWblG10kg7vCIMpm90pY.roa (raw, json)
Hash identifier: TwTpiHQ+9AjLs5ytdsjJkFG3c8YO5jb3yObdnJqlJ8o=
Subject key identifier: C9:AD:05:6F:94:67:59:B9:46:D7:49:20:EE:F0:88:32:99:BD:D2:96
Certificate issuer: /CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Certificate serial: 018CE4F0FEBF4C875E43D6D2C24C1C1DB6E6
Authority key identifier: 13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/ya0Fb5RnWblG10kg7vCIMpm90pY.roa
Signing time: Sun 07 Jan 2024 17:20:48 +0000
ROA not before: Sun 07 Jan 2024 17:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 85.31.41.0/24 maxlen: 24
85.31.40.0/22 maxlen: 22
85.31.42.0/24 maxlen: 24
85.31.43.0/24 maxlen: 24
85.31.40.0/24 maxlen: 24
2a0d:da40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 14 Apr 2024 14:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e4:f0:fe:bf:4c:87:5e:43:d6:d2:c2:4c:1c:1d:b6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b4f6b90167b71bd663fa0391e038a0155bb939
Validity
Not Before: Jan 7 17:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9ad056f946759b946d74920eef0883299bdd296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:41:c6:10:1e:eb:eb:3c:5e:e9:62:06:03:4f:
24:4c:ee:be:2e:55:1f:b1:48:ad:b7:4a:f9:aa:78:
d3:f4:5f:82:24:ee:83:f7:86:4e:3c:10:aa:60:2c:
04:47:14:3f:b7:9d:7b:93:a6:44:20:84:dd:29:34:
c7:ee:e4:e2:0d:45:4e:e1:87:92:0e:44:b5:c0:2f:
62:59:66:b4:37:fe:1c:8a:fb:f6:ac:35:06:7f:f2:
e1:32:95:cd:f0:ae:c0:a4:94:f7:41:4f:4c:e9:00:
bd:e8:63:cf:da:9c:9d:32:31:d9:48:e5:2e:8b:0e:
51:d4:08:c2:b3:be:4c:0c:d4:80:db:0f:55:01:83:
51:af:17:87:3a:61:4e:6c:f5:b3:d6:ba:98:88:ae:
f2:13:78:5c:e6:12:18:10:14:92:80:a6:22:13:ab:
6b:e6:39:3f:65:79:16:3b:d1:83:85:d4:44:ed:4a:
22:84:15:d9:f0:79:7b:94:2c:21:8b:35:b6:eb:3a:
db:e2:fa:86:be:30:62:03:c1:16:a1:0b:4f:d1:21:
e3:af:12:4c:9a:c6:f3:c2:a6:9d:0c:e6:0e:4f:41:
b3:c1:2f:be:62:e4:aa:f1:cc:e7:fd:e1:de:e8:05:
81:0f:22:3d:8e:ba:e0:f1:5b:04:a1:80:b2:76:9f:
09:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:AD:05:6F:94:67:59:B9:46:D7:49:20:EE:F0:88:32:99:BD:D2:96
X509v3 Authority Key Identifier:
keyid:13:B4:F6:B9:01:67:B7:1B:D6:63:FA:03:91:E0:38:A0:15:5B:B9:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7T2uQFntxvWY_oDkeA4oBVbuTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/ya0Fb5RnWblG10kg7vCIMpm90pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/9e884e-17e4-4271-ac89-cb3fa407e0f4/1/E7T2uQFntxvWY_oDkeA4oBVbuTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.40.0/22
IPv6:
2a0d:da40::/29
Signature Algorithm: sha256WithRSAEncryption
65:d9:77:86:d6:aa:59:cc:b8:2d:5f:1a:95:76:26:fa:28:08:
97:35:97:c8:8e:eb:15:95:1a:4f:05:fc:47:eb:b8:ab:39:c6:
12:fb:f4:f7:80:2f:e3:3a:65:9d:af:58:dd:21:b7:8f:1b:5b:
be:5c:c8:12:1b:0f:02:f7:5a:c8:33:3c:b5:ac:52:6e:d6:2d:
b8:39:b8:47:2c:04:9b:56:5a:9c:c7:b9:fc:d3:54:d6:f8:76:
26:39:a3:81:16:99:e7:ff:23:2c:38:ae:11:8f:6f:11:e6:e7:
e9:af:1d:0d:0b:db:95:57:15:95:fa:e0:ee:b7:c2:0f:26:cb:
78:fc:4a:ba:cb:6a:43:a4:69:67:fe:e2:73:86:3c:b4:b3:45:
c0:74:a6:fb:17:72:c3:48:a6:86:f3:01:01:33:53:c7:4d:b1:
47:9e:22:72:c9:0d:0c:54:e6:3a:09:fc:d9:f0:18:61:04:cd:
1a:5e:82:3a:bb:d6:c8:4e:d0:da:d7:ab:e7:14:13:a9:3b:34:
1d:ba:13:0f:25:d2:69:1a:03:66:c6:be:76:2d:c7:26:04:d5:
a4:07:22:81:72:90:fd:8f:ad:5d:a2:3b:23:8a:b9:63:c7:10:
96:d1:b9:60:ed:88:50:a5:48:5d:94:68:12:8e:98:32:2a:b2:
34:41:6a:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzk8P6/TIdeQ9bSwkwcHbbmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjRmNmI5MDE2N2I3MWJkNjYzZmEwMzkxZTAzOGEwMTU1
YmI5MzkwHhcNMjQwMTA3MTcyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWFkMDU2Zjk0Njc1OWI5NDZkNzQ5MjBlZWYwODgzMjk5YmRkMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUHGEB7r6zxe6WIGA08kTO6+LlUf
sUitt0r5qnjT9F+CJO6D94ZOPBCqYCwERxQ/t517k6ZEIITdKTTH7uTiDUVO4YeS
DkS1wC9iWWa0N/4civv2rDUGf/LhMpXN8K7ApJT3QU9M6QC96GPP2pydMjHZSOUu
iw5R1AjCs75MDNSA2w9VAYNRrxeHOmFObPWz1rqYiK7yE3hc5hIYEBSSgKYiE6tr
5jk/ZXkWO9GDhdRE7UoihBXZ8Hl7lCwhizW26zrb4vqGvjBiA8EWoQtP0SHjrxJM
msbzwqadDOYOT0GzwS++YuSq8czn/eHe6AWBDyI9jrrg8VsEoYCydp8JnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMmtBW+UZ1m5RtdJIO7wiDKZvdKWMB8GA1UdIwQY
MBaAFBO09rkBZ7cb1mP6A5HgOKAVW7k5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODkt
Y2IzZmE0MDdlMGY0LzEveWEwRmI1Um5XYmxHMTBrZzd2Q0lNcG05MHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85ZTg4NGUtMTdlNC00MjcxLWFjODktY2IzZmE0MDdlMGY0
LzEvRTdUMnVRRm50eHZXWV9vRGtlQTRvQlZidVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVR8oMA0E
AgACMAcDBQMqDdpAMA0GCSqGSIb3DQEBCwUAA4IBAQBl2XeG1qpZzLgtXxqVdib6
KAiXNZfIjusVlRpPBfxH67irOcYS+/T3gC/jOmWdr1jdIbePG1u+XMgSGw8C91rI
Mzy1rFJu1i24ObhHLASbVlqcx7n801TW+HYmOaOBFpnn/yMsOK4Rj28R5ufprx0N
C9uVVxWV+uDut8IPJst4/Eq6y2pDpGln/uJzhjy0s0XAdKb7F3LDSKaG8wEBM1PH
TbFHniJyyQ0MVOY6CfzZ8BhhBM0aXoI6u9bITtDa16vnFBOpOzQduhMPJdJpGgNm
xr52LccmBNWkByKBcpD9j61dojsjirljxxCW0blg7YhQpUhdlGgSjpgyKrI0QWrT
-----END CERTIFICATE-----
Generated at Sun Apr 14 15:41:22 2024 by rpki-client on console-ams.rpki-client.org