Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/9EjSF1JK017N0WIcZ6hycBtYH0w.roa
File: 9EjSF1JK017N0WIcZ6hycBtYH0w.roa (raw, json)
Hash identifier: UiJrD0/+UCGgebharqdrq5dTvJpGjoiDKOPTKh7ChcQ=
Subject key identifier: F4:48:D2:17:52:4A:D3:5E:CD:D1:62:1C:67:A8:72:70:1B:58:1F:4C
Certificate issuer: /CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Certificate serial: 018B81047A8D85C664F9C351BD21CC2FEB53
Authority key identifier: 9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/9EjSF1JK017N0WIcZ6hycBtYH0w.roa
Signing time: Mon 30 Oct 2023 14:37:16 +0000
ROA not before: Mon 30 Oct 2023 14:37:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62462
IP address blocks: 185.35.40.0/22 maxlen: 24
31.216.176.0/22 maxlen: 24
31.216.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Nov 2023 05:54:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:04:7a:8d:85:c6:64:f9:c3:51:bd:21:cc:2f:eb:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Validity
Not Before: Oct 30 14:37:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f448d217524ad35ecdd1621c67a872701b581f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b3:97:fd:b8:97:60:5e:02:d8:5e:1b:12:ca:
80:a4:c7:02:c6:b8:2b:62:de:c2:0e:8d:0c:b7:3f:
4f:06:6e:f3:a2:b1:dd:48:40:0e:f6:55:02:52:8b:
a2:5c:a6:f3:a0:eb:5f:2a:65:1a:51:0e:86:43:f2:
1f:dc:35:f2:c6:5c:8d:ce:6d:3b:d1:ca:ec:86:7e:
75:d1:b8:37:a0:7e:64:aa:24:13:eb:47:c1:77:ab:
da:23:9a:7e:c5:bf:ac:1b:29:d0:35:57:88:ef:c8:
d5:38:1f:e3:81:6c:b3:f7:75:21:b9:55:59:fd:1d:
96:4b:6c:87:22:4b:ff:13:61:e4:54:c8:06:d4:a2:
f1:6d:0d:10:55:b0:d0:6c:31:68:a1:94:01:e1:cf:
7d:14:f3:f0:1f:b1:6e:67:7e:5d:d0:4c:3f:4f:bc:
1c:22:6a:c7:cb:87:7d:76:72:e1:c9:7f:04:d4:7e:
8f:11:28:0c:37:69:57:59:e4:d6:da:a0:fe:85:03:
3e:b6:98:43:3a:27:e3:e5:6b:45:ac:74:38:80:01:
7c:af:84:58:d8:40:b1:79:f2:2c:bb:bd:91:7b:18:
6d:71:18:3a:f6:37:e6:9e:85:ca:e7:6d:ad:3b:ba:
17:b9:be:e4:a6:30:60:37:fd:76:b2:96:84:e0:b2:
ad:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:48:D2:17:52:4A:D3:5E:CD:D1:62:1C:67:A8:72:70:1B:58:1F:4C
X509v3 Authority Key Identifier:
keyid:9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/9EjSF1JK017N0WIcZ6hycBtYH0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.176.0/21
185.35.40.0/22
Signature Algorithm: sha256WithRSAEncryption
28:db:1f:b1:3c:a5:a0:02:7e:16:83:d9:4f:86:e6:f5:8e:f6:
4d:66:70:cd:f2:54:81:6e:8d:3d:7a:f8:5e:5f:8b:59:89:62:
63:a9:4c:3d:43:63:f2:11:ec:29:72:41:5d:d0:c3:8d:5d:67:
8b:aa:ae:db:a0:9c:f6:c2:6d:a0:a1:25:47:23:df:64:62:72:
72:a8:df:d1:cb:19:4c:c7:37:7e:42:16:4b:7b:76:92:c5:ec:
a6:a2:4f:c2:6d:e7:0a:58:36:57:96:af:c4:aa:09:ec:c3:95:
3e:f6:eb:26:fb:10:21:19:d8:3e:0a:2a:38:e4:f6:6e:e2:30:
21:2e:ac:0e:20:f0:01:69:4a:31:38:5e:94:3a:ff:f6:fb:8e:
07:9f:d1:d1:4d:f5:51:b8:5c:b2:9b:7a:b8:07:24:c4:2e:d4:
f7:34:8a:e8:0e:19:a1:0c:d0:ff:79:7a:e0:72:b4:f0:95:7c:
19:8c:a6:1f:35:bf:36:56:2d:21:e9:46:38:0b:2d:66:a2:90:
de:b7:c5:c6:e2:db:ee:c5:de:c8:ad:b5:df:e1:89:03:87:2b:
29:99:d3:57:8b:a8:99:7c:ad:fe:eb:06:b6:c1:1b:d7:29:dd:
7b:c3:7c:65:e1:09:e6:66:f9:de:36:38:d0:95:d2:68:6a:61:
dc:02:62:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuBBHqNhcZk+cNRvSHML+tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmI3N2JhYjQzOGE5M2QzNGQ5ZDVjMGE4ZTBiOWVmMzJh
ZTVkYTAwHhcNMjMxMDMwMTQzNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDQ4ZDIxNzUyNGFkMzVlY2RkMTYyMWM2N2E4NzI3MDFiNTgxZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbOX/biXYF4C2F4bEsqApMcCxrgr
Yt7CDo0Mtz9PBm7zorHdSEAO9lUCUouiXKbzoOtfKmUaUQ6GQ/If3DXyxlyNzm07
0crshn510bg3oH5kqiQT60fBd6vaI5p+xb+sGynQNVeI78jVOB/jgWyz93UhuVVZ
/R2WS2yHIkv/E2HkVMgG1KLxbQ0QVbDQbDFooZQB4c99FPPwH7FuZ35d0Ew/T7wc
ImrHy4d9dnLhyX8E1H6PESgMN2lXWeTW2qD+hQM+tphDOifj5WtFrHQ4gAF8r4RY
2ECxefIsu72RexhtcRg69jfmnoXK522tO7oXub7kpjBgN/12spaE4LKt2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPRI0hdSStNezdFiHGeocnAbWB9MMB8GA1UdIwQY
MBaAFJy7d7q0OKk9NNnVwKjgue8yrl2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODkt
OTBkNThjNjAzMjU2LzEvOUVqU0YxSkswMTdOMFdJY1o2aHljQnRZSDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODktOTBkNThjNjAzMjU2
LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH9iwAwQC
uSMoMA0GCSqGSIb3DQEBCwUAA4IBAQAo2x+xPKWgAn4Wg9lPhub1jvZNZnDN8lSB
bo09evheX4tZiWJjqUw9Q2PyEewpckFd0MONXWeLqq7boJz2wm2goSVHI99kYnJy
qN/RyxlMxzd+QhZLe3aSxeymok/CbecKWDZXlq/Eqgnsw5U+9usm+xAhGdg+Cio4
5PZu4jAhLqwOIPABaUoxOF6UOv/2+44Hn9HRTfVRuFyym3q4ByTELtT3NIroDhmh
DND/eXrgcrTwlXwZjKYfNb82Vi0h6UY4Cy1mopDet8XG4tvuxd7IrbXf4YkDhysp
mdNXi6iZfK3+6wa2wRvXKd17w3xl4QnmZvneNjjQldJoamHcAmLF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:28 2024 by rpki-client on console-fra.rpki-client.org