Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/sFpo1_1bXmXNw6QNMTLH46TjD6o.roa
File: sFpo1_1bXmXNw6QNMTLH46TjD6o.roa (raw, json)
Hash identifier: yHMJW7qMqknL0M/SzhbwLKDME1tIANNXW9pdCjqRPTU=
Subject key identifier: B0:5A:68:D7:FD:5B:5E:65:CD:C3:A4:0D:31:32:C7:E3:A4:E3:0F:AA
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 01856DCACED73FE0E28F28F5F1F8FD419F68
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/sFpo1_1bXmXNw6QNMTLH46TjD6o.roa
Signing time: Sun 01 Jan 2023 14:44:45 +0000
ROA not before: Sun 01 Jan 2023 14:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 31.133.80.0/22 maxlen: 22
31.133.84.0/22 maxlen: 22
176.103.224.0/22 maxlen: 22
31.133.88.0/22 maxlen: 22
176.103.228.0/22 maxlen: 22
176.103.232.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ce:d7:3f:e0:e2:8f:28:f5:f1:f8:fd:41:9f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 14:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b05a68d7fd5b5e65cdc3a40d3132c7e3a4e30faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e1:4c:34:44:67:90:ae:fa:d0:2f:a5:c9:ea:
a3:38:58:f2:70:b5:b3:67:77:c5:ea:39:7a:e3:6a:
90:6b:53:38:7f:39:1b:db:6e:05:df:fa:63:2c:7b:
55:00:ea:75:e2:2c:d8:db:ea:93:e7:d2:f5:13:ca:
74:8d:61:bf:e3:37:6b:d2:d3:d0:c9:b8:70:d4:1d:
bd:5f:99:52:53:d7:58:36:f0:73:0a:38:e5:80:bb:
ce:95:c5:bd:c4:c3:8d:03:36:72:2d:2f:bb:89:46:
b9:55:f8:34:a1:e7:31:91:c3:9e:ab:aa:2f:4a:a0:
72:ea:7d:72:91:93:66:76:90:ee:7a:b7:88:74:03:
53:36:4a:3d:97:98:00:4e:47:31:36:12:6e:d0:d0:
79:82:b4:25:04:36:99:46:5d:30:db:bf:ef:c4:77:
6a:3b:09:7c:b3:ea:dc:97:c8:1d:2d:ec:5b:b5:be:
10:e4:64:11:a4:1b:36:f2:5e:1f:69:26:47:10:67:
fa:cb:1d:10:a8:02:74:ad:8d:1e:bb:0f:bb:2e:37:
4d:4c:08:3a:b7:cc:95:c2:46:a0:ff:ec:04:20:5b:
49:ce:18:cd:b7:e7:12:84:1f:d4:99:9b:63:51:5e:
07:b1:a1:24:18:95:d9:0a:87:e4:9e:61:ed:a9:c1:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:5A:68:D7:FD:5B:5E:65:CD:C3:A4:0D:31:32:C7:E3:A4:E3:0F:AA
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/sFpo1_1bXmXNw6QNMTLH46TjD6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0-31.133.91.255
176.103.224.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:fb:c6:9b:d2:ff:13:e3:53:b7:dd:f5:4a:f0:c4:db:1e:d7:
e0:86:8a:be:d5:61:b4:b0:af:c0:20:99:21:e1:af:3e:76:5e:
fc:d3:84:1e:9c:6e:4e:df:5b:07:ff:d9:67:94:9a:84:3b:e1:
b1:e8:3e:15:e9:13:fa:08:f1:7f:00:f5:5a:9a:0d:8a:fe:4f:
33:e7:de:b9:3f:2c:01:b3:e5:8f:23:95:59:85:7d:c2:8a:72:
89:43:2d:16:02:8b:82:66:e0:5e:05:ab:08:91:59:57:8e:fd:
c7:7e:13:35:5d:7a:10:99:5a:7d:8c:79:73:06:49:77:e7:a9:
f0:d3:64:a6:87:e1:60:46:10:c0:30:40:7c:41:70:ec:a0:01:
11:bc:ee:8f:d9:5f:bc:90:23:e0:d2:9a:5c:db:a3:56:88:09:
b7:07:53:21:cc:2e:00:59:36:50:9a:22:eb:ac:c7:0d:b5:8d:
a3:4d:0b:5d:a2:b5:bf:fa:93:c3:3b:db:8d:83:c4:48:22:8c:
85:5c:e4:cf:ca:d9:d9:63:c5:e6:56:d6:58:ed:33:20:33:cd:
be:54:6b:20:03:17:89:6f:df:74:c5:c4:59:c0:cb:96:5e:bd:
d9:24:1d:be:8a:6b:ae:02:ac:18:7a:26:dd:16:24:88:22:a0:
6e:d0:79:87
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtys7XP+Dijyj18fj9QZ9oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjMwMTAxMTQ0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDVhNjhkN2ZkNWI1ZTY1Y2RjM2E0MGQzMTMyYzdlM2E0ZTMwZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseFMNERnkK760C+lyeqjOFjycLWz
Z3fF6jl642qQa1M4fzkb224F3/pjLHtVAOp14izY2+qT59L1E8p0jWG/4zdr0tPQ
ybhw1B29X5lSU9dYNvBzCjjlgLvOlcW9xMONAzZyLS+7iUa5Vfg0oecxkcOeq6ov
SqBy6n1ykZNmdpDuereIdANTNko9l5gATkcxNhJu0NB5grQlBDaZRl0w27/vxHdq
Owl8s+rcl8gdLexbtb4Q5GQRpBs28l4faSZHEGf6yx0QqAJ0rY0euw+7LjdNTAg6
t8yVwkag/+wEIFtJzhjNt+cShB/UmZtjUV4HsaEkGJXZCofknmHtqcEyMQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLBaaNf9W15lzcOkDTEyx+Ok4w+qMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvc0ZwbzFfMWJYbVhOdzZRTk1UTEg0NlRqRDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAQfhVAD
BAIfhVgDBASwZ+AwDQYJKoZIhvcNAQELBQADggEBAIr7xpvS/xPjU7fd9UrwxNse
1+CGir7VYbSwr8AgmSHhrz52XvzThB6cbk7fWwf/2WeUmoQ74bHoPhXpE/oI8X8A
9VqaDYr+TzPn3rk/LAGz5Y8jlVmFfcKKcolDLRYCi4Jm4F4FqwiRWVeO/cd+EzVd
ehCZWn2MeXMGSXfnqfDTZKaH4WBGEMAwQHxBcOygARG87o/ZX7yQI+DSmlzbo1aI
CbcHUyHMLgBZNlCaIuusxw21jaNNC12itb/6k8M7242DxEgijIVc5M/K2dljxeZW
1ljtMyAzzb5UayADF4lv33TFxFnAy5ZevdkkHb6Ka64CrBh6Jt0WJIgioG7QeYc=
-----END CERTIFICATE-----
Generated at Wed Nov 29 16:08:34 2023 by rpki-client on console-fra.rpki-client.org