Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/31F6IymWkfpPHc1lUAbhhGEg6b0.roa
File: 31F6IymWkfpPHc1lUAbhhGEg6b0.roa (raw, json)
Hash identifier: a+mbRSeo/bQqVAfri82yLbg2fhFhHQw1YFRe0yWw0H0=
Subject key identifier: DF:51:7A:23:29:96:91:FA:4F:1D:CD:65:50:06:E1:84:61:20:E9:BD
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 0185715563C9F29E8DA5693907A8B7721F0D
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/31F6IymWkfpPHc1lUAbhhGEg6b0.roa
Signing time: Mon 02 Jan 2023 07:14:59 +0000
ROA not before: Mon 02 Jan 2023 07:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200020
IP address blocks: 213.249.72.0/24 maxlen: 24
2a01:448:72::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:63:c9:f2:9e:8d:a5:69:39:07:a8:b7:72:1f:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Jan 2 07:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df517a23299691fa4f1dcd655006e1846120e9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:93:f2:5f:bb:6f:e3:b7:67:82:5b:f6:e8:0f:
80:d4:11:12:ff:96:f6:c9:8c:ac:a8:b9:81:ed:02:
6f:44:bb:13:cf:7a:d3:40:4d:bc:f5:e8:99:74:bc:
31:cf:af:d6:93:84:5c:73:57:e1:a9:6e:5a:4c:25:
ad:94:64:fc:00:ba:f5:9b:79:b4:67:f1:7d:fc:01:
67:66:56:9a:cd:9e:ee:5f:eb:5d:58:0c:e7:a8:3b:
8b:13:a0:5e:ef:4b:c4:5c:15:aa:f3:39:4a:d2:9d:
40:9b:47:32:60:f2:13:24:cc:f6:bb:b9:a7:cc:1f:
17:a2:5f:c4:17:4b:bf:f3:d5:e3:f7:af:2d:1d:75:
a2:e7:dd:29:0e:83:d5:d7:d5:d3:72:34:4a:d7:96:
cf:c6:ef:7f:10:b3:39:8d:6e:d2:2e:2e:da:ba:91:
ae:34:b5:d7:72:cd:8a:d3:89:2f:8b:32:19:4e:67:
0b:34:bf:46:0b:ea:56:d9:92:9b:73:af:12:65:ab:
3b:64:c8:ed:32:17:e1:15:fa:d6:0f:17:77:e3:9b:
32:e6:2e:4a:de:a7:69:22:c2:38:a3:4f:e4:5b:b0:
e4:1b:f7:b7:0b:29:ff:88:5b:60:53:55:20:64:7e:
e6:fc:5e:1d:81:29:93:eb:de:7e:bf:43:67:a6:cd:
a2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:51:7A:23:29:96:91:FA:4F:1D:CD:65:50:06:E1:84:61:20:E9:BD
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/31F6IymWkfpPHc1lUAbhhGEg6b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.249.72.0/24
IPv6:
2a01:448:72::/48
Signature Algorithm: sha256WithRSAEncryption
a2:20:23:79:c0:af:e0:a7:9b:e5:bb:5e:78:ad:bf:69:2a:f1:
03:43:cd:69:20:94:72:e6:0d:d4:1a:f1:b8:71:f5:cd:c9:4f:
12:91:68:50:82:69:14:25:e2:25:d0:80:f8:03:6c:1e:18:85:
d9:4f:b6:6a:31:3f:57:95:fd:a7:35:ce:2f:4c:e0:06:5c:91:
fb:d9:aa:1e:64:16:d5:19:ee:ac:76:e6:82:06:f2:8c:1c:5a:
f7:5b:10:9a:8b:31:34:ca:66:73:56:c2:1a:10:ce:bf:d4:97:
03:cd:18:f1:4e:df:1a:91:31:f8:3e:c8:24:6f:d8:94:49:1c:
63:23:0f:0b:2c:d0:3e:95:9c:c6:ca:2e:64:22:c7:04:e0:22:
57:4f:6d:97:05:9c:b2:ff:cf:38:a8:a3:1b:af:07:21:1e:92:
8c:7b:a6:c8:fa:f5:d6:b8:da:e5:f3:48:c6:c6:8f:3d:d1:04:
df:47:8d:8d:dc:90:49:7f:59:2e:54:4b:3e:f5:78:d4:de:b2:
11:87:8a:64:e8:61:b9:64:90:a7:40:d8:35:30:81:33:a3:18:
30:37:29:5a:e2:5d:8d:78:19:1c:b6:f9:ec:b9:64:a5:fd:fc:
f0:74:ef:7f:c2:10:e5:dc:82:9f:29:8f:01:10:78:e9:68:65:
eb:82:dd:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxVWPJ8p6NpWk5B6i3ch8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjMwMTAyMDcxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjUxN2EyMzI5OTY5MWZhNGYxZGNkNjU1MDA2ZTE4NDYxMjBlOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJPyX7tv47dnglv26A+A1BES/5b2
yYysqLmB7QJvRLsTz3rTQE289eiZdLwxz6/Wk4Rcc1fhqW5aTCWtlGT8ALr1m3m0
Z/F9/AFnZlaazZ7uX+tdWAznqDuLE6Be70vEXBWq8zlK0p1Am0cyYPITJMz2u7mn
zB8Xol/EF0u/89Xj968tHXWi590pDoPV19XTcjRK15bPxu9/ELM5jW7SLi7aupGu
NLXXcs2K04kvizIZTmcLNL9GC+pW2ZKbc68SZas7ZMjtMhfhFfrWDxd345sy5i5K
3qdpIsI4o0/kW7DkG/e3Cyn/iFtgU1UgZH7m/F4dgSmT695+v0Nnps2i3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN9ReiMplpH6Tx3NZVAG4YRhIOm9MB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvMzFGNkl5bVdrZnBQSGMxbFVBYmhoR0VnNmIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1flIMA8E
AgACMAkDBwAqAQRIAHIwDQYJKoZIhvcNAQELBQADggEBAKIgI3nAr+Cnm+W7Xnit
v2kq8QNDzWkglHLmDdQa8bhx9c3JTxKRaFCCaRQl4iXQgPgDbB4YhdlPtmoxP1eV
/ac1zi9M4AZckfvZqh5kFtUZ7qx25oIG8owcWvdbEJqLMTTKZnNWwhoQzr/UlwPN
GPFO3xqRMfg+yCRv2JRJHGMjDwss0D6VnMbKLmQixwTgIldPbZcFnLL/zziooxuv
ByEekox7psj69da42uXzSMbGjz3RBN9HjY3ckEl/WS5USz71eNTeshGHimToYblk
kKdA2DUwgTOjGDA3KVriXY14GRy2+ey5ZKX9/PB073/CEOXcgp8pjwEQeOloZeuC
3eQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:58 2024 by rpki-client on console-ams.rpki-client.org