Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/CuWXQuvZZ3DYCb1ap6C8IcAjEuM.roa
File: CuWXQuvZZ3DYCb1ap6C8IcAjEuM.roa (raw, json)
Hash identifier: KYKWGgydLinKhHK2ZBE0GPRaU2T1bM9kvfHFyrXib1w=
Subject key identifier: 0A:E5:97:42:EB:D9:67:70:D8:09:BD:5A:A7:A0:BC:21:C0:23:12:E3
Certificate issuer: /CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Certificate serial: 01856F26CE8F8A72250E5E58EBE38DC33993
Authority key identifier: 3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/CuWXQuvZZ3DYCb1ap6C8IcAjEuM.roa
Signing time: Sun 01 Jan 2023 21:04:52 +0000
ROA not before: Sun 01 Jan 2023 21:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6663
IP address blocks: 31.210.8.0/21 maxlen: 21
86.106.122.0/23 maxlen: 23
185.74.20.0/22 maxlen: 22
89.43.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:ce:8f:8a:72:25:0e:5e:58:eb:e3:8d:c3:39:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Validity
Not Before: Jan 1 21:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ae59742ebd96770d809bd5aa7a0bc21c02312e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:31:1b:f7:f9:da:d0:99:96:a5:96:31:0f:41:
be:0d:6d:25:2e:37:86:7c:de:51:93:d2:24:8d:e0:
4c:1d:10:8f:1f:c6:11:b2:7b:c2:12:dc:d5:e3:27:
34:ca:0b:56:89:06:18:a1:2e:27:11:9a:d9:8b:fb:
cf:bd:82:95:f6:9b:a7:64:f6:ff:92:a6:6d:9e:88:
5a:ca:4d:87:55:6f:c8:f2:e2:26:ad:dc:61:e4:f8:
75:a4:0c:ba:cd:5c:90:51:03:4a:e7:8c:66:9a:f1:
57:26:47:dd:55:39:80:d5:13:9b:4d:34:92:1b:86:
bf:02:cf:a4:1f:0a:c4:c0:50:75:73:bc:ca:8e:f3:
fc:bc:fc:fc:dd:dc:01:32:94:fb:68:1c:13:bc:53:
e5:0e:f7:aa:a2:b5:ac:96:a7:11:42:83:36:d6:47:
f4:b7:25:f6:5b:74:bc:d0:e9:8a:0a:30:2f:d1:be:
fd:ad:97:6c:b2:fb:ca:f9:a4:57:e6:f5:e0:7c:7f:
6d:ab:60:0b:4b:22:23:19:ba:32:56:cc:05:da:19:
a9:18:cb:17:a8:20:78:d6:5a:9a:b8:23:5d:a3:95:
fd:08:d3:18:01:79:b1:a5:51:13:cc:8f:b6:89:1d:
fa:dd:1a:47:a7:d9:b1:bd:22:64:a1:e2:70:17:f1:
59:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E5:97:42:EB:D9:67:70:D8:09:BD:5A:A7:A0:BC:21:C0:23:12:E3
X509v3 Authority Key Identifier:
keyid:3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/CuWXQuvZZ3DYCb1ap6C8IcAjEuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.8.0/21
86.106.122.0/23
89.43.132.0/22
185.74.20.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:fe:a6:5b:0f:8b:d9:2f:58:07:24:f3:c4:0f:12:bb:c3:17:
33:47:79:58:1d:44:9f:17:c0:84:60:d3:a0:8c:fc:8e:b4:64:
89:f8:13:40:85:61:3e:c1:58:70:3e:e1:45:5f:ed:4e:b5:18:
7a:6a:27:36:45:20:a5:fd:5f:35:b5:a7:70:08:83:c1:c8:05:
9b:1c:8a:3c:11:bf:8b:10:01:c4:e1:1d:d2:9b:50:58:72:e0:
6e:77:1e:0f:de:45:55:a5:18:fb:68:49:fe:d6:81:85:51:21:
3b:b1:a1:c9:73:79:a2:31:47:b2:cc:f6:1d:43:83:fb:19:15:
f0:30:a3:1d:9e:c6:b5:bf:aa:9a:62:66:75:7b:2f:c9:d2:e3:
ed:3e:3b:03:5f:f7:7a:88:86:82:41:79:47:83:85:35:ea:71:
6a:ac:8d:e2:39:42:31:93:88:50:40:76:aa:92:5a:37:69:40:
86:1d:fb:3d:2b:d0:98:8a:b1:0c:5e:90:6c:d4:89:89:7f:0e:
f9:af:46:b3:99:7e:b3:5d:2d:96:25:2c:cf:15:05:2f:0c:a9:
c1:2a:8a:f9:e8:01:c5:15:8e:a5:3d:fa:0e:d8:0b:87:c7:2e:
84:20:47:9f:fd:27:0d:ea:7b:b7:d8:58:e4:1e:26:60:be:a9:
d0:10:15:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvJs6PinIlDl5Y6+ONwzmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzVkNDlkZWQyMDU2NmNhNzQ1YzI4ZjgwY2ZkOWE5MmY0
YjdkNDcwHhcNMjMwMTAxMjEwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1OTc0MmViZDk2NzcwZDgwOWJkNWFhN2EwYmMyMWMwMjMxMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTEb9/na0JmWpZYxD0G+DW0lLjeG
fN5Rk9IkjeBMHRCPH8YRsnvCEtzV4yc0ygtWiQYYoS4nEZrZi/vPvYKV9punZPb/
kqZtnohayk2HVW/I8uImrdxh5Ph1pAy6zVyQUQNK54xmmvFXJkfdVTmA1RObTTSS
G4a/As+kHwrEwFB1c7zKjvP8vPz83dwBMpT7aBwTvFPlDveqorWslqcRQoM21kf0
tyX2W3S80OmKCjAv0b79rZdssvvK+aRX5vXgfH9tq2ALSyIjGboyVswF2hmpGMsX
qCB41lqauCNdo5X9CNMYAXmxpVETzI+2iR363RpHp9mxvSJkoeJwF/FZYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFArll0Lr2Wdw2Am9WqegvCHAIxLjMB8GA1UdIwQY
MBaAFD511J3tIFZsp0XCj4DP2akvS31HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2Qt
ODM2Mzg0NzVkOGFiLzEvQ3VXWFF1dlpaM0RZQ2IxYXA2QzhJY0FqRXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2QtODM2Mzg0NzVkOGFi
LzEvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDH9IIAwQB
Vmp6AwQCWSuEAwQCuUoUMA0GCSqGSIb3DQEBCwUAA4IBAQBr/qZbD4vZL1gHJPPE
DxK7wxczR3lYHUSfF8CEYNOgjPyOtGSJ+BNAhWE+wVhwPuFFX+1OtRh6aic2RSCl
/V81tadwCIPByAWbHIo8Eb+LEAHE4R3Sm1BYcuBudx4P3kVVpRj7aEn+1oGFUSE7
saHJc3miMUeyzPYdQ4P7GRXwMKMdnsa1v6qaYmZ1ey/J0uPtPjsDX/d6iIaCQXlH
g4U16nFqrI3iOUIxk4hQQHaqklo3aUCGHfs9K9CYirEMXpBs1ImJfw75r0azmX6z
XS2WJSzPFQUvDKnBKor56AHFFY6lPfoO2AuHxy6EIEef/ScN6nu32FjkHiZgvqnQ
EBUR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:33 2024 by rpki-client on console-ams.rpki-client.org