Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SfhhTKx7nFDQtnaTQ37FcVTKYc0.roa
File: SfhhTKx7nFDQtnaTQ37FcVTKYc0.roa (raw, json)
Hash identifier: ED7eJAvOwMiDWX2TU0JTm97uijibwxgmL0j3Sh5aMa0=
Subject key identifier: 49:F8:61:4C:AC:7B:9C:50:D0:B6:76:93:43:7E:C5:71:54:CA:61:CD
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0187E1CCB93C238BDE17E09AC3415E791141
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SfhhTKx7nFDQtnaTQ37FcVTKYc0.roa
Signing time: Wed 03 May 2023 13:28:23 +0000
ROA not before: Wed 03 May 2023 13:28:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 31.133.84.0/22 maxlen: 22
176.103.228.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 29 Nov 2023 15:20:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:cc:b9:3c:23:8b:de:17:e0:9a:c3:41:5e:79:11:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: May 3 13:28:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49f8614cac7b9c50d0b67693437ec57154ca61cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ee:b2:c9:df:7b:d2:03:9a:dc:6c:c0:ba:bb:
a5:af:27:a6:6f:89:4e:9d:43:dd:10:cf:f5:9c:0d:
17:bf:78:00:e0:d9:04:b4:e3:7b:fc:f8:e3:ad:27:
72:b0:27:e7:21:97:12:dd:ac:33:c5:55:ad:f8:a0:
30:22:50:f8:9b:10:a4:ec:5f:bd:f8:d4:a6:30:f9:
ca:b2:07:9d:cd:aa:c9:a7:81:88:c1:94:29:76:4e:
49:52:75:ef:9b:5a:39:ba:5e:e7:e6:17:8c:73:70:
37:2e:2b:c8:d1:13:a6:0f:13:1d:fc:37:d9:46:f2:
18:31:54:1f:57:04:5e:a7:df:d2:c0:03:36:a7:1f:
c4:77:0f:a0:3b:3a:bd:fd:f7:f8:05:7e:95:e1:76:
d2:32:0c:58:f6:cd:80:b8:25:aa:2e:e4:88:b8:ca:
12:73:da:c9:29:70:00:25:ca:42:6d:54:c9:d3:7a:
b3:12:9f:02:1a:f3:72:61:89:e0:b3:88:7e:d0:d9:
f8:16:e1:40:85:99:ea:80:31:6f:98:eb:66:3a:ed:
0b:5e:05:59:8c:f3:a8:a9:91:65:35:c7:80:2a:ea:
69:bc:2a:f8:e2:4c:a3:2c:d2:d7:be:3b:26:99:cf:
3c:a4:b0:e3:1f:a5:ec:f7:5b:57:5a:83:28:94:5e:
04:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F8:61:4C:AC:7B:9C:50:D0:B6:76:93:43:7E:C5:71:54:CA:61:CD
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/SfhhTKx7nFDQtnaTQ37FcVTKYc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.84.0/22
176.103.228.0/22
176.103.236.0/22
Signature Algorithm: sha256WithRSAEncryption
34:42:49:0a:5a:a7:a4:42:6a:5a:f7:7a:ea:15:8e:33:38:b5:
a3:29:3f:28:65:bf:11:47:88:dd:af:50:d9:95:91:0c:a6:a9:
8d:f4:42:6a:3a:8c:ce:f7:c4:8c:dd:ee:67:7f:8f:16:64:8e:
38:19:73:58:c4:1e:88:d1:7f:8e:c2:38:84:ca:22:ce:b5:3c:
65:a9:2c:cf:db:31:77:f4:56:26:3b:8b:fc:b5:40:fe:63:67:
2b:a1:e9:05:ae:ed:97:1e:e9:f8:f9:4e:ab:6c:11:68:a9:94:
58:34:96:ea:64:41:54:1d:91:fb:10:4e:3d:54:50:5e:6d:5b:
f6:93:9d:c7:4b:7f:62:e2:c2:ff:61:7e:0b:be:02:b8:38:ef:
f3:af:a0:f4:c5:c0:42:3a:36:24:c6:36:2b:34:62:0c:ea:2e:
54:f3:3e:a2:f6:fb:c4:a9:ba:f7:a0:04:35:8f:c3:29:30:10:
c8:b1:c5:33:d1:a5:65:e4:34:2e:63:7b:10:c1:bc:63:a9:09:
f9:fe:60:55:89:62:3f:70:61:f7:08:98:24:c7:aa:6a:dc:87:
3b:07:bf:b8:37:0f:a3:fa:35:e6:65:78:18:8d:c0:b0:b7:23:
2a:0a:fa:6c:27:ec:e3:3c:13:c5:9d:69:06:88:a5:d2:57:3a:
c7:d3:95:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfhzLk8I4veF+Caw0FeeRFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjMwNTAzMTMyODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY4NjE0Y2FjN2I5YzUwZDBiNjc2OTM0MzdlYzU3MTU0Y2E2MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje6yyd970gOa3GzAurulryemb4lO
nUPdEM/1nA0Xv3gA4NkEtON7/PjjrSdysCfnIZcS3awzxVWt+KAwIlD4mxCk7F+9
+NSmMPnKsgedzarJp4GIwZQpdk5JUnXvm1o5ul7n5heMc3A3LivI0ROmDxMd/DfZ
RvIYMVQfVwRep9/SwAM2px/Edw+gOzq9/ff4BX6V4XbSMgxY9s2AuCWqLuSIuMoS
c9rJKXAAJcpCbVTJ03qzEp8CGvNyYYngs4h+0Nn4FuFAhZnqgDFvmOtmOu0LXgVZ
jPOoqZFlNceAKuppvCr44kyjLNLXvjsmmc88pLDjH6Xs91tXWoMolF4EgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEn4YUyse5xQ0LZ2k0N+xXFUymHNMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvU2ZoaFRLeDduRkRRdG5hVFEzN0ZjVlRLWWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH4VUAwQC
sGfkAwQCsGfsMA0GCSqGSIb3DQEBCwUAA4IBAQA0QkkKWqekQmpa93rqFY4zOLWj
KT8oZb8RR4jdr1DZlZEMpqmN9EJqOozO98SM3e5nf48WZI44GXNYxB6I0X+OwjiE
yiLOtTxlqSzP2zF39FYmO4v8tUD+Y2croekFru2XHun4+U6rbBFoqZRYNJbqZEFU
HZH7EE49VFBebVv2k53HS39i4sL/YX4LvgK4OO/zr6D0xcBCOjYkxjYrNGIM6i5U
8z6i9vvEqbr3oAQ1j8MpMBDIscUz0aVl5DQuY3sQwbxjqQn5/mBViWI/cGH3CJgk
x6pq3Ic7B7+4Nw+j+jXmZXgYjcCwtyMqCvpsJ+zjPBPFnWkGiKXSVzrH05Wh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:37 2024 by rpki-client on console-fra.rpki-client.org