Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/bYWdYKxbHhlETFsnN0favcQTpXU.roa
File: bYWdYKxbHhlETFsnN0favcQTpXU.roa (raw, json)
Hash identifier: yZm8FdwIAca2ns33s4rjjno5jVyxmwjfluNTwjKbsR4=
Subject key identifier: 6D:85:9D:60:AC:5B:1E:19:44:4C:5B:27:37:47:DA:BD:C4:13:A5:75
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 01912D686F731DFE992766ADC422C1E5F1E3
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/bYWdYKxbHhlETFsnN0favcQTpXU.roa
Signing time: Wed 07 Aug 2024 15:15:04 +0000
ROA not before: Wed 07 Aug 2024 15:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 31.133.88.0/22 maxlen: 24
176.103.224.0/24 maxlen: 24
176.103.225.0/24 maxlen: 24
176.103.226.0/24 maxlen: 24
176.103.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Oct 2024 20:44:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:2d:68:6f:73:1d:fe:99:27:66:ad:c4:22:c1:e5:f1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Aug 7 15:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d859d60ac5b1e19444c5b273747dabdc413a575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:74:ff:05:71:55:04:2d:f6:26:7d:f0:b7:db:
e9:48:af:e7:0f:4c:bf:f3:f3:30:e5:d0:14:c9:9d:
6e:41:32:21:61:17:eb:46:da:a2:31:16:0d:b6:9d:
1f:e3:62:c5:3a:d4:b9:21:33:b7:cc:37:f9:b0:32:
76:49:2d:f0:9a:e8:ad:5e:72:bc:d5:02:1a:43:ff:
6d:fe:76:4f:7d:53:9b:f0:65:7a:ee:74:6d:f4:1e:
0f:2c:8f:da:24:a9:e5:a8:de:ef:fb:6a:98:a7:a6:
48:86:a8:19:97:b5:3e:fe:40:fc:28:73:9e:68:38:
87:b0:be:9b:ca:46:28:6a:5e:b2:16:39:86:08:1b:
ff:ed:09:9a:c8:2c:cf:2c:98:8e:7f:d8:b9:06:96:
a8:9f:c7:b7:49:eb:54:c9:d3:0b:84:2e:8f:16:88:
dd:36:15:75:0e:36:4b:32:f9:72:c1:0b:cb:b5:a0:
bf:18:af:c1:50:a3:df:d0:e1:f4:04:c8:f4:c2:00:
fc:37:12:4c:e4:fd:9e:e1:4a:f2:a5:ff:5f:19:61:
bc:81:22:2a:29:08:a1:05:45:d7:53:ee:69:b8:b8:
56:0f:aa:9b:20:68:6a:52:83:6a:e6:56:d3:fb:a8:
63:df:b7:6a:42:fa:68:a8:66:f8:6d:23:f7:02:17:
c4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:85:9D:60:AC:5B:1E:19:44:4C:5B:27:37:47:DA:BD:C4:13:A5:75
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/bYWdYKxbHhlETFsnN0favcQTpXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.88.0/22
176.103.224.0/22
Signature Algorithm: sha256WithRSAEncryption
13:7c:0e:87:5c:c3:16:a5:d7:15:f7:a3:a5:fb:38:90:94:97:
92:b9:b5:ca:02:ab:31:4a:f1:56:99:06:0d:24:3c:d3:bd:40:
d5:27:b1:18:79:7e:bf:81:08:0b:a1:cd:2d:fa:28:d0:84:bf:
32:9c:e9:de:c2:28:e1:ae:08:0e:cc:7f:73:2d:c4:0c:fc:2b:
d0:b3:12:35:2f:01:1e:19:85:ec:be:95:fa:97:da:c6:c1:1e:
b1:44:b5:8b:f4:ff:38:36:50:f6:2f:c6:94:65:dd:6f:d9:ff:
04:4a:49:40:e0:1d:c8:3b:92:dc:51:06:0a:8e:63:ba:1a:8d:
28:b8:33:99:d3:a6:76:00:8e:57:fe:ec:fb:0d:86:28:c1:5e:
ea:ef:c1:36:dd:20:dc:a2:48:49:37:50:2e:7c:ab:20:e2:d1:
4a:00:f7:45:40:b5:eb:4b:93:5e:42:cf:6b:3b:55:71:68:bd:
3c:36:dc:74:22:87:08:71:f8:a4:84:b8:f5:1d:78:2a:ab:62:
71:10:12:5a:11:b4:d2:ba:20:68:b7:0a:54:72:7c:d0:98:1d:
f6:7f:e4:1c:9a:72:15:38:16:85:4b:a0:21:b4:4d:a9:8e:2b:
82:a6:61:58:81:ca:0c:ad:5f:f9:1d:c8:1e:0c:b0:fb:68:9c:
7d:7b:87:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEtaG9zHf6ZJ2atxCLB5fHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwODA3MTUxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg1OWQ2MGFjNWIxZTE5NDQ0YzViMjczNzQ3ZGFiZGM0MTNhNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3T/BXFVBC32Jn3wt9vpSK/nD0y/
8/Mw5dAUyZ1uQTIhYRfrRtqiMRYNtp0f42LFOtS5ITO3zDf5sDJ2SS3wmuitXnK8
1QIaQ/9t/nZPfVOb8GV67nRt9B4PLI/aJKnlqN7v+2qYp6ZIhqgZl7U+/kD8KHOe
aDiHsL6bykYoal6yFjmGCBv/7QmayCzPLJiOf9i5Bpaon8e3SetUydMLhC6PFojd
NhV1DjZLMvlywQvLtaC/GK/BUKPf0OH0BMj0wgD8NxJM5P2e4Urypf9fGWG8gSIq
KQihBUXXU+5puLhWD6qbIGhqUoNq5lbT+6hj37dqQvpoqGb4bSP3AhfECQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2FnWCsWx4ZRExbJzdH2r3EE6V1MB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvYllXZFlLeGJIaGxFVEZzbk4wZmF2Y1FUcFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4VYAwQC
sGfgMA0GCSqGSIb3DQEBCwUAA4IBAQATfA6HXMMWpdcV96Ol+ziQlJeSubXKAqsx
SvFWmQYNJDzTvUDVJ7EYeX6/gQgLoc0t+ijQhL8ynOnewijhrggOzH9zLcQM/CvQ
sxI1LwEeGYXsvpX6l9rGwR6xRLWL9P84NlD2L8aUZd1v2f8ESklA4B3IO5LcUQYK
jmO6Go0ouDOZ06Z2AI5X/uz7DYYowV7q78E23SDcokhJN1AufKsg4tFKAPdFQLXr
S5NeQs9rO1VxaL08Ntx0IocIcfikhLj1HXgqq2JxEBJaEbTSuiBotwpUcnzQmB32
f+QcmnIVOBaFS6AhtE2pjiuCpmFYgcoMrV/5HcgeDLD7aJx9e4dN
-----END CERTIFICATE-----
Generated at Fri Oct 11 22:31:17 2024 by rpki-client on console-fra.rpki-client.org