Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/2CJv6JsVz0Sz-YDpMqqbwGU0e2I.roa
File: 2CJv6JsVz0Sz-YDpMqqbwGU0e2I.roa (raw, json)
Hash identifier: j4WzSd4eWYM/SsYBQ81HYV+Guq+C7mA/EeHDRmvWzVQ=
Subject key identifier: D8:22:6F:E8:9B:15:CF:44:B3:F9:80:E9:32:AA:9B:C0:65:34:7B:62
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018570E751DDAA20D0FC20D7A7E89AA4D61C
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/2CJv6JsVz0Sz-YDpMqqbwGU0e2I.roa
Signing time: Mon 02 Jan 2023 05:14:45 +0000
ROA not before: Mon 02 Jan 2023 05:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47205
IP address blocks: 31.193.192.0/21 maxlen: 24
92.61.32.0/20 maxlen: 32
195.12.186.0/24 maxlen: 24
185.3.228.0/22 maxlen: 24
2a02:118::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:51:dd:aa:20:d0:fc:20:d7:a7:e8:9a:a4:d6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 05:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8226fe89b15cf44b3f980e932aa9bc065347b62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:32:d3:e9:56:bd:37:5f:22:87:01:ae:26:d3:
91:ae:ff:16:56:e9:19:64:65:3e:f1:9a:5e:5c:c8:
c2:88:e4:d0:98:e3:51:08:46:a3:62:dc:b5:57:33:
fc:6a:9c:78:3f:b4:f6:83:a0:7e:6b:4a:c9:0a:f7:
e1:f4:37:6b:d8:1d:5f:8f:89:35:85:26:67:73:aa:
b7:ae:97:55:9a:1b:1f:44:2f:2a:62:10:e1:9d:7d:
c4:07:8f:5c:f8:2b:cd:48:96:9e:b5:6e:0a:41:22:
3a:fd:11:51:97:9c:38:d1:19:cf:72:9b:2e:a0:da:
b2:b3:b0:0f:44:af:48:f9:ce:70:6f:d1:52:14:5c:
c8:0d:d9:55:b6:f3:e4:ed:7e:e0:12:4f:95:ba:18:
e7:72:27:2a:19:72:00:24:d8:dc:8b:0f:39:a9:eb:
96:da:05:6b:bd:c7:32:b7:9d:75:92:60:3b:a4:08:
44:53:9b:3d:8e:8f:9d:a5:77:87:82:66:68:88:82:
f5:30:bb:6d:41:ef:20:04:68:b4:97:26:99:2d:79:
c4:8c:aa:b5:aa:f0:19:d6:b4:68:d2:f7:8d:30:66:
e7:21:0a:bd:06:10:45:f2:78:5a:7d:80:eb:bb:b3:
52:ee:da:1e:8f:47:c7:5a:de:ac:1d:1a:94:d8:8d:
a2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:22:6F:E8:9B:15:CF:44:B3:F9:80:E9:32:AA:9B:C0:65:34:7B:62
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/2CJv6JsVz0Sz-YDpMqqbwGU0e2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.192.0/21
92.61.32.0/20
185.3.228.0/22
195.12.186.0/24
IPv6:
2a02:118::/32
Signature Algorithm: sha256WithRSAEncryption
0f:2d:6a:c3:c8:5b:eb:b4:9c:d1:ed:8c:40:b7:9c:9a:00:96:
53:63:bb:95:04:a8:6f:d6:92:3b:0e:97:99:ee:b7:35:89:0a:
f0:8a:30:60:02:61:d8:44:70:f7:7a:b2:a5:02:2e:4f:18:d7:
80:be:a8:c8:c3:31:61:54:3f:79:51:21:ee:5f:8f:f7:49:dc:
4a:66:7f:d4:6c:86:88:af:22:95:e7:78:57:8d:91:14:53:8b:
e8:e8:38:83:a6:a2:0f:de:46:d6:dc:2a:57:7e:dc:02:0a:78:
ff:22:c3:b1:d1:e0:d1:a3:dc:64:e0:ab:4f:7d:d9:1e:c1:8c:
aa:05:98:4f:e7:82:95:18:3a:94:47:46:96:80:02:a5:53:a6:
1a:bc:a7:e6:20:1d:6f:6a:3b:10:23:36:50:cc:a2:ec:e0:f4:
8c:4e:c0:2e:da:ad:ef:2f:2e:ef:eb:fc:ca:4d:74:05:e4:d8:
bb:1e:0f:5c:32:07:21:1e:be:a7:11:5c:c1:5d:44:7d:53:75:
e2:89:f3:b0:16:de:4c:15:c8:b9:3f:6e:26:f5:c2:e1:51:81:
85:93:40:61:3b:3d:aa:7c:06:31:7d:0a:fa:04:36:4e:dc:fd:
02:a2:56:75:16:ec:4a:e1:0b:97:4e:55:2d:fc:67:92:ba:f4:
42:0e:8a:d6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVw51HdqiDQ/CDXp+iapNYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwMTAyMDUxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIyNmZlODliMTVjZjQ0YjNmOTgwZTkzMmFhOWJjMDY1MzQ3YjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDLT6Va9N18ihwGuJtORrv8WVukZ
ZGU+8ZpeXMjCiOTQmONRCEajYty1VzP8apx4P7T2g6B+a0rJCvfh9Ddr2B1fj4k1
hSZnc6q3rpdVmhsfRC8qYhDhnX3EB49c+CvNSJaetW4KQSI6/RFRl5w40RnPcpsu
oNqys7APRK9I+c5wb9FSFFzIDdlVtvPk7X7gEk+VuhjncicqGXIAJNjciw85qeuW
2gVrvccyt511kmA7pAhEU5s9jo+dpXeHgmZoiIL1MLttQe8gBGi0lyaZLXnEjKq1
qvAZ1rRo0veNMGbnIQq9BhBF8nhafYDru7NS7toej0fHWt6sHRqU2I2igQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNgib+ibFc9Es/mA6TKqm8BlNHtiMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xLzJDSnY2SnNWejBTei1ZRHBNcXFid0dVMGUySS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAMfwcAD
BARcPSADBAK5A+QDBADDDLowDQQCAAIwBwMFACoCARgwDQYJKoZIhvcNAQELBQAD
ggEBAA8tasPIW+u0nNHtjEC3nJoAllNju5UEqG/WkjsOl5nutzWJCvCKMGACYdhE
cPd6sqUCLk8Y14C+qMjDMWFUP3lRIe5fj/dJ3Epmf9RshoivIpXneFeNkRRTi+jo
OIOmog/eRtbcKld+3AIKeP8iw7HR4NGj3GTgq0992R7BjKoFmE/ngpUYOpRHRpaA
AqVTphq8p+YgHW9qOxAjNlDMouzg9IxOwC7are8vLu/r/MpNdAXk2LseD1wyByEe
vqcRXMFdRH1TdeKJ87AW3kwVyLk/bib1wuFRgYWTQGE7Pap8BjF9CvoENk7c/QKi
VnUW7ErhC5dOVS38Z5K69EIOitY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org