Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/Yx6Xr8wcHdigzeGrgmdDbdrd5U8.roa
File: Yx6Xr8wcHdigzeGrgmdDbdrd5U8.roa (raw, json)
Hash identifier: DIpNDvv+DeDLMKshP0yRn9ddHPe+di8EI+gyxoS7buQ=
Subject key identifier: 63:1E:97:AF:CC:1C:1D:D8:A0:CD:E1:AB:82:67:43:6D:DA:DD:E5:4F
Certificate issuer: /CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Certificate serial: 01856B40C03C39F06DA2318431430E29D071
Authority key identifier: 41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/Yx6Xr8wcHdigzeGrgmdDbdrd5U8.roa
Signing time: Sun 01 Jan 2023 02:54:43 +0000
ROA not before: Sun 01 Jan 2023 02:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60193
IP address blocks: 194.32.70.0/24 maxlen: 24
194.32.68.0/24 maxlen: 24
194.32.83.0/24 maxlen: 24
194.31.255.0/24 maxlen: 24
2a10:7f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:c0:3c:39:f0:6d:a2:31:84:31:43:0e:29:d0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41761e6d16ebf17e571c6bf77ec06bdf7ab68af8
Validity
Not Before: Jan 1 02:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=631e97afcc1c1dd8a0cde1ab8267436ddadde54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:c0:f0:59:bf:5e:6d:7e:27:d7:65:5c:88:
a3:b6:de:82:df:f4:61:bc:f5:47:ab:94:54:df:b1:
27:39:e4:ab:30:c1:54:d9:6c:e3:da:9b:5e:ae:9e:
42:e5:97:55:0f:51:6e:6a:62:7f:d6:f2:3c:d0:6e:
51:06:3b:1c:44:21:22:57:d1:9c:d3:77:07:20:d3:
9d:f6:40:f3:e9:1d:ac:fc:72:11:2f:79:ea:ec:66:
98:28:e2:ab:d3:5a:dc:ce:3d:ab:d4:ee:57:fc:ad:
3f:50:4f:c0:8a:3f:49:ed:15:90:9b:cb:19:7e:2f:
a1:f9:92:8b:22:63:f5:ea:0b:21:43:8a:94:71:3e:
b1:b0:67:a6:c4:ce:72:3b:bc:6b:cf:46:8d:d1:36:
ff:bb:84:36:2f:9d:3e:bf:bd:39:21:a2:4a:ac:ac:
8f:2d:76:93:03:8c:7e:db:c9:11:c8:3b:17:ac:e0:
fd:e4:be:66:e7:9a:36:36:5e:1a:b9:1d:c5:80:54:
c2:aa:b1:02:14:00:53:6a:15:5c:88:3f:a1:b8:57:
73:3b:27:ff:42:83:c8:ab:67:22:39:36:b0:c1:48:
75:31:dc:1d:75:47:5f:11:84:07:6e:4d:f7:33:4b:
be:2f:55:a5:40:8e:8f:65:a5:08:c9:2b:9e:51:aa:
e8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:1E:97:AF:CC:1C:1D:D8:A0:CD:E1:AB:82:67:43:6D:DA:DD:E5:4F
X509v3 Authority Key Identifier:
keyid:41:76:1E:6D:16:EB:F1:7E:57:1C:6B:F7:7E:C0:6B:DF:7A:B6:8A:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXYebRbr8X5XHGv3fsBr33q2ivg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/Yx6Xr8wcHdigzeGrgmdDbdrd5U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5eb289-6270-4db2-acde-a879df46eb99/1/QXYebRbr8X5XHGv3fsBr33q2ivg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.255.0/24
194.32.68.0/24
194.32.70.0/24
194.32.83.0/24
IPv6:
2a10:7f80::/29
Signature Algorithm: sha256WithRSAEncryption
79:c1:99:d6:60:b1:fe:a4:e9:78:37:67:6b:8b:55:45:b7:db:
be:d0:ad:03:6e:21:21:95:af:88:a4:d1:39:f5:43:f8:85:13:
16:d0:31:3d:0e:ee:bd:68:62:ca:a5:c1:06:ec:1c:36:fc:60:
e2:23:5f:11:20:39:13:98:7c:77:70:aa:a9:44:fc:a2:1d:a4:
19:64:ad:7e:e6:25:5f:50:c9:bc:77:a6:f1:1e:4d:aa:74:17:
3f:9c:a8:67:e4:a6:54:cc:90:13:26:e2:cf:0a:71:30:8a:5f:
92:db:fe:29:11:9e:da:fa:c3:67:f0:8e:07:28:52:0e:2a:56:
3e:26:5c:4b:6d:cb:9c:77:b9:52:7f:84:36:a5:d2:2f:19:9b:
08:0f:e6:41:58:05:fc:89:dd:ef:21:8f:36:f0:76:a1:82:4b:
41:fc:7f:8c:1c:36:8b:d5:35:f6:9b:75:e6:21:82:bb:8a:50:
e7:9a:06:2d:15:33:bf:d1:f7:4e:87:23:54:7c:53:a6:a6:47:
6d:04:05:2f:9f:f6:67:07:32:e3:2f:12:1c:32:0a:24:b5:90:
1b:78:2a:ad:aa:a2:96:7c:c0:31:85:40:c8:f0:7b:d7:56:6d:
59:6a:1a:6a:64:7b:53:d3:99:2d:a3:f5:2e:4d:2a:37:59:fe:
44:fd:98:33
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVrQMA8OfBtojGEMUMOKdBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzYxZTZkMTZlYmYxN2U1NzFjNmJmNzdlYzA2YmRmN2Fi
NjhhZjgwHhcNMjMwMTAxMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzFlOTdhZmNjMWMxZGQ4YTBjZGUxYWI4MjY3NDM2ZGRhZGRlNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg33A8Fm/Xm1+J9dlXIijtt6C3/Rh
vPVHq5RU37EnOeSrMMFU2Wzj2pterp5C5ZdVD1FuamJ/1vI80G5RBjscRCEiV9Gc
03cHINOd9kDz6R2s/HIRL3nq7GaYKOKr01rczj2r1O5X/K0/UE/Aij9J7RWQm8sZ
fi+h+ZKLImP16gshQ4qUcT6xsGemxM5yO7xrz0aN0Tb/u4Q2L50+v705IaJKrKyP
LXaTA4x+28kRyDsXrOD95L5m55o2Nl4auR3FgFTCqrECFABTahVciD+huFdzOyf/
QoPIq2ciOTawwUh1MdwddUdfEYQHbk33M0u+L1WlQI6PZaUIySueUaroOwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGMel6/MHB3YoM3hq4JnQ23a3eVPMB8GA1UdIwQY
MBaAFEF2Hm0W6/F+Vxxr937Aa996tor4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUt
YTg3OWRmNDZlYjk5LzEvWXg2WHI4d2NIZGlnemVHcmdtZERiZHJkNVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZWIyODktNjI3MC00ZGIyLWFjZGUtYTg3OWRmNDZlYjk5
LzEvUVhZZWJSYnI4WDVYSEd2M2ZzQnIzM3EyaXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwh//AwQA
wiBEAwQAwiBGAwQAwiBTMA0EAgACMAcDBQMqEH+AMA0GCSqGSIb3DQEBCwUAA4IB
AQB5wZnWYLH+pOl4N2dri1VFt9u+0K0DbiEhla+IpNE59UP4hRMW0DE9Du69aGLK
pcEG7Bw2/GDiI18RIDkTmHx3cKqpRPyiHaQZZK1+5iVfUMm8d6bxHk2qdBc/nKhn
5KZUzJATJuLPCnEwil+S2/4pEZ7a+sNn8I4HKFIOKlY+JlxLbcucd7lSf4Q2pdIv
GZsID+ZBWAX8id3vIY828HahgktB/H+MHDaL1TX2m3XmIYK7ilDnmgYtFTO/0fdO
hyNUfFOmpkdtBAUvn/ZnBzLjLxIcMgoktZAbeCqtqqKWfMAxhUDI8HvXVm1Zahpq
ZHtT05kto/UuTSo3Wf5E/Zgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:39 2024 by rpki-client on console-fra.rpki-client.org