Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/D_bPzD9gHt2YSyTpYy8_g-ANfQg.roa
File: D_bPzD9gHt2YSyTpYy8_g-ANfQg.roa (raw, json)
Hash identifier: wPg4f5M1WYUi83W/gnb+BVOpBLneCZeDnRWrBmza4N4=
Subject key identifier: 0F:F6:CF:CC:3F:60:1E:DD:98:4B:24:E9:63:2F:3F:83:E0:0D:7D:08
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 0186E4AAD9A619601EB74C1536E7C8C1530B
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/D_bPzD9gHt2YSyTpYy8_g-ANfQg.roa
Signing time: Wed 15 Mar 2023 09:47:27 +0000
ROA not before: Wed 15 Mar 2023 09:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50986
IP address blocks: 193.34.202.0/24 maxlen: 24
31.170.24.0/21 maxlen: 21
185.27.96.0/22 maxlen: 22
178.236.64.0/22 maxlen: 22
178.236.64.0/20 maxlen: 20
2a02:1610::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Mar 2023 12:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:aa:d9:a6:19:60:1e:b7:4c:15:36:e7:c8:c1:53:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Mar 15 09:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ff6cfcc3f601edd984b24e9632f3f83e00d7d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:b6:a0:8b:f8:e8:3c:a7:da:4b:4e:bc:79:
68:41:24:0e:20:f6:40:da:37:99:68:7b:f5:54:f9:
02:3c:57:8b:c9:e8:a7:3f:7e:a9:13:f7:ef:2e:b9:
d1:3d:89:df:c6:96:d4:2c:17:b5:d2:fd:52:ac:08:
3e:9a:6c:13:da:78:09:32:aa:a7:55:b1:6b:b8:9f:
4b:87:ef:79:9f:1d:b3:8f:1c:69:57:9d:cb:f8:ad:
2f:93:dc:6c:6a:4d:5a:60:56:68:d6:d1:a9:bb:e9:
f8:45:99:57:f9:17:13:41:d8:17:7c:e3:06:a8:aa:
9b:bc:bc:9f:b6:2f:bb:12:ab:ad:8e:1b:76:cf:7d:
3b:c8:6b:6c:00:92:8a:26:22:a6:69:6b:81:ed:38:
15:03:cb:8f:fa:8f:36:f5:52:1d:21:7d:ef:13:a7:
b7:26:d7:56:7d:e8:b9:fc:6d:d9:88:6a:8a:e4:6b:
bb:65:4f:c3:0d:68:a0:bf:ef:a7:73:ba:5c:02:34:
6f:88:61:53:1b:f6:a4:18:51:b4:f2:63:06:3d:4f:
b6:32:37:a7:b6:83:9e:95:ef:b6:b3:14:4c:2c:ea:
70:ce:ba:df:a5:e2:e8:c1:2a:92:cf:33:9f:06:1e:
45:ef:4b:06:a5:43:94:4f:04:f9:8b:75:e8:e1:74:
89:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F6:CF:CC:3F:60:1E:DD:98:4B:24:E9:63:2F:3F:83:E0:0D:7D:08
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/D_bPzD9gHt2YSyTpYy8_g-ANfQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.24.0/21
178.236.64.0/20
185.27.96.0/22
193.34.202.0/24
IPv6:
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
0e:8b:a8:d7:bd:ea:a0:6b:7e:01:ea:0e:34:64:8c:cd:c3:4e:
af:6e:62:40:fe:09:1c:98:00:82:a8:ce:d7:54:b1:bc:88:f2:
3b:fe:6a:5d:f2:c8:da:05:bc:97:34:e5:84:89:ef:39:eb:03:
c2:9b:05:b2:0e:20:14:d8:b7:f5:c2:fb:37:70:cd:6f:64:44:
a4:f0:19:6a:d1:0c:35:08:99:03:90:e3:cb:94:24:e6:1d:16:
88:34:7c:8f:34:e1:7b:c4:2e:10:74:01:31:d7:e4:7a:09:2f:
9b:8d:7f:00:c0:f8:19:91:24:1e:cd:4e:42:38:19:9a:cf:5c:
31:8f:95:89:09:3e:e7:44:2c:7a:a8:77:88:fc:b5:d2:90:3d:
79:56:19:18:f1:de:56:03:ac:c5:2d:ca:38:aa:82:a8:24:39:
7e:86:17:a0:ae:47:ad:01:de:fd:bb:6a:79:cf:67:ac:21:37:
66:59:76:28:7a:25:45:74:2e:f9:49:72:35:1a:52:b5:f9:92:
b9:8d:5b:c7:a1:df:11:ae:56:94:b0:dd:c2:4a:71:6c:3a:bd:
0b:70:aa:be:5a:b7:be:66:4d:eb:77:8a:da:66:98:99:cb:56:
1f:c7:e7:6b:78:9f:40:83:3a:33:01:6e:db:51:de:dc:55:3d:
a9:48:04:6b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYbkqtmmGWAet0wVNufIwVMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwMzE1MDk0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY2Y2ZjYzNmNjAxZWRkOTg0YjI0ZTk2MzJmM2Y4M2UwMGQ3ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5S2oIv46Dyn2ktOvHloQSQOIPZA
2jeZaHv1VPkCPFeLyeinP36pE/fvLrnRPYnfxpbULBe10v1SrAg+mmwT2ngJMqqn
VbFruJ9Lh+95nx2zjxxpV53L+K0vk9xsak1aYFZo1tGpu+n4RZlX+RcTQdgXfOMG
qKqbvLyfti+7Equtjht2z307yGtsAJKKJiKmaWuB7TgVA8uP+o829VIdIX3vE6e3
JtdWfei5/G3ZiGqK5Gu7ZU/DDWigv++nc7pcAjRviGFTG/akGFG08mMGPU+2Mjen
toOele+2sxRMLOpwzrrfpeLowSqSzzOfBh5F70sGpUOUTwT5i3Xo4XSJ2wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA/2z8w/YB7dmEsk6WMvP4PgDX0IMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvRF9iUHpEOWdIdDJZU3lUcFl5OF9nLUFOZlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH6oYAwQE
suxAAwQCuRtgAwQAwSLKMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQAOi6jXveqga34B6g40ZIzNw06vbmJA/gkcmACCqM7XVLG8iPI7/mpd8sjaBbyX
NOWEie856wPCmwWyDiAU2Lf1wvs3cM1vZESk8Blq0Qw1CJkDkOPLlCTmHRaINHyP
NOF7xC4QdAEx1+R6CS+bjX8AwPgZkSQezU5COBmaz1wxj5WJCT7nRCx6qHeI/LXS
kD15VhkY8d5WA6zFLco4qoKoJDl+hhegrketAd79u2p5z2esITdmWXYoeiVFdC75
SXI1GlK1+ZK5jVvHod8RrlaUsN3CSnFsOr0LcKq+Wre+Zk3rd4raZpiZy1Yfx+dr
eJ9AgzozAW7bUd7cVT2pSARr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org