Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/Rcq2vFRlsn_nE6It-VKFbccwhWA.roa
File: Rcq2vFRlsn_nE6It-VKFbccwhWA.roa (raw, json)
Hash identifier: o2UkRsB/msv1wFI8j3CiMW6HoYqSfWImmnTq+iDLycQ=
Subject key identifier: 45:CA:B6:BC:54:65:B2:7F:E7:13:A2:2D:F9:52:85:6D:C7:30:85:60
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 0185718C370C5BF6EC264D26EFDA051AB5FD
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/Rcq2vFRlsn_nE6It-VKFbccwhWA.roa
Signing time: Mon 02 Jan 2023 08:14:52 +0000
ROA not before: Mon 02 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209924
IP address blocks: 31.222.53.0/24 maxlen: 24
31.222.54.0/24 maxlen: 24
31.222.52.0/24 maxlen: 24
31.222.52.0/23 maxlen: 23
93.191.194.0/24 maxlen: 24
93.191.195.0/24 maxlen: 24
93.191.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:37:0c:5b:f6:ec:26:4d:26:ef:da:05:1a:b5:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: Jan 2 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45cab6bc5465b27fe713a22df952856dc7308560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dd:72:94:ed:7f:e4:c8:53:94:a6:f8:06:fd:
32:76:60:87:70:b1:aa:b7:c2:91:3f:98:5c:ef:b4:
bd:9f:3f:03:52:8f:0c:57:9b:75:b4:c7:64:f1:f3:
07:39:6b:8a:3e:f1:c5:75:61:80:d4:fe:17:7d:ac:
41:63:98:d4:83:d5:62:1d:f1:3f:c3:52:7e:8a:b2:
73:c6:b4:9b:07:d5:6a:24:db:f9:69:4b:cb:4f:2b:
ee:34:96:d9:2e:cc:6b:c6:b7:9c:a1:f5:6e:ea:b8:
b2:40:10:ed:90:cb:72:b5:f3:30:00:f7:fb:12:e6:
4d:85:1c:ce:5c:b6:38:45:23:a3:f0:d4:45:10:bf:
b8:bc:86:82:40:aa:8c:15:80:98:8e:ab:81:76:d8:
49:5b:93:0b:36:b0:f0:e0:02:b7:86:03:f8:b5:67:
d1:fe:a9:35:d1:1e:b0:32:9a:9f:d5:a3:e0:10:e7:
99:d2:aa:67:81:48:bd:77:4b:cd:5e:52:a8:cc:f3:
79:4c:4e:f0:5a:38:e1:cc:88:83:c2:49:9d:d9:e2:
a1:fd:62:eb:57:85:79:6f:92:38:97:b8:1e:58:7e:
a4:f2:ea:27:e4:87:64:e3:f1:fb:ba:a5:4e:7d:02:
aa:88:7e:ae:ba:3e:6d:10:62:97:0b:6b:bb:71:6e:
d9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CA:B6:BC:54:65:B2:7F:E7:13:A2:2D:F9:52:85:6D:C7:30:85:60
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/Rcq2vFRlsn_nE6It-VKFbccwhWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.52.0-31.222.54.255
93.191.194.0/23
93.191.197.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:6f:c8:d1:fb:e2:6c:c1:cf:54:e0:3b:4b:cf:97:c3:ac:1f:
4f:f4:35:32:96:f0:ed:2c:1f:f6:1a:f0:18:d9:6b:2b:53:6a:
c6:60:24:f9:c2:75:c2:d2:82:00:96:8c:2c:d0:6b:be:40:28:
78:00:f8:ac:46:b4:b7:7c:f4:08:a1:78:7e:b9:76:19:83:43:
2d:c9:10:21:d3:4a:84:e5:0c:37:4c:39:9a:04:62:30:cc:7d:
cd:2a:88:fb:2e:15:c8:56:56:8b:50:0b:bd:e1:6e:8b:88:08:
6d:a1:3f:ce:08:80:2f:f0:15:1c:45:47:e6:0e:ad:74:a6:d1:
3d:11:50:16:ab:33:6a:4d:bc:a8:20:15:4f:1d:8b:e6:f8:f2:
e6:61:01:73:36:6d:ab:3e:e4:f9:93:db:9e:39:4b:b5:8f:a1:
34:be:b6:3d:23:89:21:23:09:05:46:f9:c9:22:0c:a3:90:76:
24:32:0f:84:0d:8b:4c:a4:c7:1b:09:b6:2b:15:d3:93:c0:3c:
c5:cb:67:97:6e:bd:1a:17:36:72:9b:70:08:83:5b:d1:d4:ab:
dc:6f:11:2f:55:75:6c:5e:ee:a1:54:6d:b2:a3:a4:cf:63:f8:
b5:16:08:3b:f9:3a:00:0c:c3:73:e7:62:3c:f4:e7:f7:55:e0:
da:58:72:44
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxjDcMW/bsJk0m79oFGrX9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjMwMTAyMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNhYjZiYzU0NjViMjdmZTcxM2EyMmRmOTUyODU2ZGM3MzA4NTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo91ylO1/5MhTlKb4Bv0ydmCHcLGq
t8KRP5hc77S9nz8DUo8MV5t1tMdk8fMHOWuKPvHFdWGA1P4XfaxBY5jUg9ViHfE/
w1J+irJzxrSbB9VqJNv5aUvLTyvuNJbZLsxrxrecofVu6riyQBDtkMtytfMwAPf7
EuZNhRzOXLY4RSOj8NRFEL+4vIaCQKqMFYCYjquBdthJW5MLNrDw4AK3hgP4tWfR
/qk10R6wMpqf1aPgEOeZ0qpngUi9d0vNXlKozPN5TE7wWjjhzIiDwkmd2eKh/WLr
V4V5b5I4l7geWH6k8uon5Idk4/H7uqVOfQKqiH6uuj5tEGKXC2u7cW7ZiwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEXKtrxUZbJ/5xOiLflShW3HMIVgMB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvUmNxMnZGUmxzbl9uRTZJdC1WS0ZiY2N3aFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAIf3jQD
BAAf3jYDBAFdv8IDBABdv8UwDQYJKoZIhvcNAQELBQADggEBAFpvyNH74mzBz1Tg
O0vPl8OsH0/0NTKW8O0sH/Ya8BjZaytTasZgJPnCdcLSggCWjCzQa75AKHgA+KxG
tLd89AiheH65dhmDQy3JECHTSoTlDDdMOZoEYjDMfc0qiPsuFchWVotQC73hbouI
CG2hP84IgC/wFRxFR+YOrXSm0T0RUBarM2pNvKggFU8di+b48uZhAXM2bas+5PmT
2545S7WPoTS+tj0jiSEjCQVG+ckiDKOQdiQyD4QNi0ykxxsJtisV05PAPMXLZ5du
vRoXNnKbcAiDW9HUq9xvES9VdWxe7qFUbbKjpM9j+LUWCDv5OgAMw3PnYjz05/dV
4NpYckQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:44 2024 by rpki-client on console-fra.rpki-client.org