Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iQ1s-tDPZnA6wkbSfHPj9ZP0c3w.roa
File: iQ1s-tDPZnA6wkbSfHPj9ZP0c3w.roa (raw, json)
Hash identifier: WFdQggbfwcR/1VKOqSVyWUHqPpO35oNia01AZHMgc3k=
Subject key identifier: 89:0D:6C:FA:D0:CF:66:70:3A:C2:46:D2:7C:73:E3:F5:93:F4:73:7C
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 01856F9DC9A688BA81756E4FAD490E413859
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iQ1s-tDPZnA6wkbSfHPj9ZP0c3w.roa
Signing time: Sun 01 Jan 2023 23:14:49 +0000
ROA not before: Sun 01 Jan 2023 23:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197633
IP address blocks: 185.5.176.0/22 maxlen: 22
37.122.229.0/24 maxlen: 24
37.123.0.0/20 maxlen: 20
31.44.192.0/24 maxlen: 24
31.44.193.0/24 maxlen: 24
31.44.204.0/23 maxlen: 23
31.44.202.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:c9:a6:88:ba:81:75:6e:4f:ad:49:0e:41:38:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 23:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=890d6cfad0cf66703ac246d27c73e3f593f4737c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b1:52:5c:63:cf:5b:4a:a0:27:3f:23:b9:19:
b5:e0:41:42:20:38:81:e8:61:92:85:8f:48:92:7f:
ab:7c:31:de:7b:c7:98:82:87:f5:80:cc:98:8c:b4:
6e:af:c7:2e:c6:a9:0e:12:1b:00:10:b5:c4:34:97:
1e:1c:36:76:75:f6:ce:29:58:79:76:2a:3e:d1:93:
23:4e:da:01:73:21:dd:82:14:1d:a1:d3:ca:8d:33:
1f:d7:00:60:ea:4a:44:ef:3c:ae:6a:2f:9a:b8:96:
05:15:8b:4b:8b:0a:24:ec:b4:1e:f0:eb:2e:5e:98:
1a:5c:3b:a2:8e:2c:90:c1:62:7e:92:96:7e:d2:fd:
2a:bc:53:fc:38:b3:24:9f:d6:c8:cc:6d:72:4c:7e:
3a:c5:de:ba:8b:8e:f3:a3:fe:c5:81:b6:a0:43:5c:
d1:ca:02:3d:37:da:dd:78:fa:e0:e0:0a:04:f7:1b:
3d:ca:64:17:5d:a6:fd:42:7b:7b:fc:16:86:24:62:
7b:de:50:1c:40:cf:6e:49:b1:db:86:bc:55:50:bd:
f9:74:e6:36:b9:0b:e5:d0:15:2d:80:5e:a3:8f:e2:
11:ed:66:ad:2a:af:32:7e:76:21:6a:38:d1:00:c2:
41:ae:a1:78:65:7d:61:9e:27:da:67:75:10:7b:6e:
f1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0D:6C:FA:D0:CF:66:70:3A:C2:46:D2:7C:73:E3:F5:93:F4:73:7C
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iQ1s-tDPZnA6wkbSfHPj9ZP0c3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.192.0/23
31.44.202.0-31.44.205.255
37.122.229.0/24
37.123.0.0/20
185.5.176.0/22
Signature Algorithm: sha256WithRSAEncryption
79:4f:80:75:90:38:72:5c:fd:ae:92:d4:dc:f5:cf:ea:3b:ce:
f1:d9:26:07:d4:78:f7:e4:9b:47:bd:5e:69:e1:22:c2:0a:48:
4d:3b:b6:ca:eb:6f:05:a2:4b:f4:3f:5c:c1:d2:30:d9:a9:86:
62:6e:0d:7d:f7:a7:8e:50:ab:a0:fc:f9:99:34:0f:46:48:8f:
ae:e6:41:43:06:79:d4:57:6e:21:39:62:98:42:4c:ed:92:99:
46:f7:1f:c0:40:8c:83:69:91:17:e8:ae:61:cd:7a:93:49:a1:
8a:b3:41:a9:c3:99:28:ed:e0:85:e5:d2:1a:c3:6f:bc:f7:61:
ad:de:14:4e:2a:18:4b:e8:e2:48:64:5a:bb:fc:bf:87:d7:c6:
15:22:4a:c0:4b:8d:af:6a:3b:c7:85:5f:3b:fb:80:cf:90:45:
5b:bc:58:5c:27:04:e4:26:7e:39:28:07:73:3c:34:47:46:d8:
1a:b0:fe:6b:8b:a3:23:66:f2:32:29:67:db:b7:b4:46:f8:38:
7c:05:37:56:60:f1:73:a5:0f:db:de:36:4f:b9:e0:9b:5e:eb:
e9:b2:9e:66:b2:9a:04:f0:33:d6:10:37:26:8a:42:1d:b8:11:
1b:6c:11:65:62:70:42:b6:e7:5a:27:cd:ff:21:0f:e4:82:16:
5d:18:33:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvncmmiLqBdW5PrUkOQThZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjMwMTAxMjMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBkNmNmYWQwY2Y2NjcwM2FjMjQ2ZDI3YzczZTNmNTkzZjQ3MzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrFSXGPPW0qgJz8juRm14EFCIDiB
6GGShY9Ikn+rfDHee8eYgof1gMyYjLRur8cuxqkOEhsAELXENJceHDZ2dfbOKVh5
dio+0ZMjTtoBcyHdghQdodPKjTMf1wBg6kpE7zyuai+auJYFFYtLiwok7LQe8Osu
XpgaXDuijiyQwWJ+kpZ+0v0qvFP8OLMkn9bIzG1yTH46xd66i47zo/7FgbagQ1zR
ygI9N9rdePrg4AoE9xs9ymQXXab9Qnt7/BaGJGJ73lAcQM9uSbHbhrxVUL35dOY2
uQvl0BUtgF6jj+IR7WatKq8yfnYhajjRAMJBrqF4ZX1hnifaZ3UQe27xVwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIkNbPrQz2ZwOsJG0nxz4/WT9HN8MB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvaVExcy10RFBabkE2d2tiU2ZIUGo5WlAwYzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBHyzAMAwD
BAEfLMoDBAEfLMwDBAAleuUDBAQlewADBAK5BbAwDQYJKoZIhvcNAQELBQADggEB
AHlPgHWQOHJc/a6S1Nz1z+o7zvHZJgfUePfkm0e9XmnhIsIKSE07tsrrbwWiS/Q/
XMHSMNmphmJuDX33p45Qq6D8+Zk0D0ZIj67mQUMGedRXbiE5YphCTO2SmUb3H8BA
jINpkRformHNepNJoYqzQanDmSjt4IXl0hrDb7z3Ya3eFE4qGEvo4khkWrv8v4fX
xhUiSsBLja9qO8eFXzv7gM+QRVu8WFwnBOQmfjkoB3M8NEdG2Bqw/muLoyNm8jIp
Z9u3tEb4OHwFN1Zg8XOlD9veNk+54Jte6+mynmaymgTwM9YQNyaKQh24ERtsEWVi
cEK251onzf8hD+SCFl0YM2Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org