Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d60xO66RiGSHCjiSjILmi1F8IYA.roa
File: d60xO66RiGSHCjiSjILmi1F8IYA.roa (raw, json)
Hash identifier: buUO0bXbvujEi2RfpmdT3lfU5waqhvruubPn9UMiAsc=
Subject key identifier: 77:AD:31:3B:AE:91:88:64:87:0A:38:92:8C:82:E6:8B:51:7C:21:80
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 018C1BAAB604EFB9B6B4CCFEB499E7B227A2
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d60xO66RiGSHCjiSjILmi1F8IYA.roa
Signing time: Wed 29 Nov 2023 15:20:21 +0000
ROA not before: Wed 29 Nov 2023 15:20:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 31.133.80.0/22 maxlen: 22
31.133.84.0/22 maxlen: 22
176.103.224.0/22 maxlen: 22
31.133.88.0/22 maxlen: 22
176.103.232.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:aa:b6:04:ef:b9:b6:b4:cc:fe:b4:99:e7:b2:27:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Nov 29 15:20:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77ad313bae918864870a38928c82e68b517c2180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8e:2d:67:84:c3:3e:ec:3e:a4:d3:4b:4b:45:
f6:24:bf:50:ff:df:95:5e:83:b6:3b:90:96:b2:bf:
0e:16:1f:dd:e3:82:66:84:b8:0d:b9:b7:90:76:86:
c3:11:bd:98:7e:d1:58:1a:71:01:a1:50:c6:96:09:
a3:68:fa:0a:3c:aa:0b:54:77:0a:a8:7b:e9:a2:da:
77:cb:a3:f2:bd:5e:5c:75:15:76:eb:ad:b9:8c:3e:
e8:0c:0d:75:00:3e:ba:07:e5:f1:2d:54:b5:0c:f4:
1d:c3:57:26:6e:62:f6:d9:f2:41:7e:e4:b7:96:63:
5b:9c:c8:67:4c:25:33:9a:2b:64:40:b2:c1:be:b3:
2c:d5:d1:8a:b9:94:ff:fe:c4:39:04:71:f8:27:51:
6f:b5:02:ef:d0:92:42:b2:a5:45:20:44:c0:7a:c6:
6b:7f:57:f1:99:68:40:d4:43:40:fa:68:7b:26:a3:
19:06:ae:68:31:9c:1b:d4:c3:f3:86:7b:2d:1a:b6:
e0:83:7a:34:0f:93:23:ae:4d:ad:47:43:f5:c8:8e:
6f:bf:f1:fd:4c:1b:20:a6:97:8c:36:7f:bb:1b:4d:
c7:8e:97:0a:07:bb:a1:ea:ec:4c:8f:61:a5:ff:05:
bd:9d:96:f4:5f:e1:0c:02:2b:37:95:d6:cb:73:e8:
e4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:31:3B:AE:91:88:64:87:0A:38:92:8C:82:E6:8B:51:7C:21:80
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d60xO66RiGSHCjiSjILmi1F8IYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0-31.133.91.255
176.103.224.0/22
176.103.232.0/21
Signature Algorithm: sha256WithRSAEncryption
97:80:57:41:d5:d7:77:31:8b:dc:4a:f0:69:10:37:e6:12:36:
9d:84:36:ba:57:14:a1:43:95:d4:45:94:0e:42:ff:42:ee:5f:
12:85:1e:08:55:76:d8:83:34:6c:94:4f:8f:70:43:21:4c:10:
84:4a:06:19:7e:69:06:ee:a1:57:5f:3d:0e:1b:65:df:b6:8a:
80:d5:97:28:f0:f5:df:5c:5d:c4:56:a5:e9:fc:24:43:a9:2f:
b9:4e:bb:81:6b:3e:61:8c:d0:69:11:3b:11:17:02:1a:bc:32:
45:4f:35:5b:b7:7b:b9:3d:60:71:2f:70:64:c7:fe:c4:92:f4:
68:3d:7d:d2:c2:dc:aa:77:4c:5e:6f:23:cc:56:3d:be:56:78:
8d:18:aa:c0:a1:18:b1:ac:1b:79:cf:39:bb:4f:b2:95:1e:a5:
92:52:aa:13:5a:f7:bf:46:1d:69:8c:c7:b0:83:9f:aa:14:bd:
e3:09:40:f9:0a:45:ad:bf:91:d5:da:d0:35:60:09:93:03:e8:
3c:46:23:d9:dc:ca:40:27:7c:14:a0:65:cf:46:af:ac:14:e4:
84:0f:b2:bf:e3:b6:48:5a:b1:62:2b:67:fa:1b:0e:17:09:01:
b0:7b:c1:36:cc:0c:50:1b:a2:7a:0e:1a:c3:b7:81:b8:9f:9d:
ec:b1:fe:39
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwbqrYE77m2tMz+tJnnsieiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjMxMTI5MTUyMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FkMzEzYmFlOTE4ODY0ODcwYTM4OTI4YzgyZTY4YjUxN2MyMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY4tZ4TDPuw+pNNLS0X2JL9Q/9+V
XoO2O5CWsr8OFh/d44JmhLgNubeQdobDEb2YftFYGnEBoVDGlgmjaPoKPKoLVHcK
qHvpotp3y6PyvV5cdRV26625jD7oDA11AD66B+XxLVS1DPQdw1cmbmL22fJBfuS3
lmNbnMhnTCUzmitkQLLBvrMs1dGKuZT//sQ5BHH4J1FvtQLv0JJCsqVFIETAesZr
f1fxmWhA1ENA+mh7JqMZBq5oMZwb1MPzhnstGrbgg3o0D5Mjrk2tR0P1yI5vv/H9
TBsgppeMNn+7G03HjpcKB7uh6uxMj2Gl/wW9nZb0X+EMAis3ldbLc+jkMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHetMTuukYhkhwo4koyC5otRfCGAMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvZDYweE82NlJpR1NIQ2ppU2pJTG1pMUY4SVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQfhVAD
BAIfhVgDBAKwZ+ADBAOwZ+gwDQYJKoZIhvcNAQELBQADggEBAJeAV0HV13cxi9xK
8GkQN+YSNp2ENrpXFKFDldRFlA5C/0LuXxKFHghVdtiDNGyUT49wQyFMEIRKBhl+
aQbuoVdfPQ4bZd+2ioDVlyjw9d9cXcRWpen8JEOpL7lOu4FrPmGM0GkROxEXAhq8
MkVPNVu3e7k9YHEvcGTH/sSS9Gg9fdLC3Kp3TF5vI8xWPb5WeI0YqsChGLGsG3nP
ObtPspUepZJSqhNa979GHWmMx7CDn6oUveMJQPkKRa2/kdXa0DVgCZMD6DxGI9nc
ykAnfBSgZc9Gr6wU5IQPsr/jtkhasWIrZ/obDhcJAbB7wTbMDFAbonoOGsO3gbif
neyx/jk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:37 2024 by rpki-client on console-fra.rpki-client.org