Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/CYfxUERfxDg5h_STRe7OFTVCtPI.roa
File: CYfxUERfxDg5h_STRe7OFTVCtPI.roa (raw, json)
Hash identifier: VNuArmv9lSGLeZKNkmOk/TS7+0NeRot+P9qz/fo69B0=
Subject key identifier: 09:87:F1:50:44:5F:C4:38:39:87:F4:93:45:EE:CE:15:35:42:B4:F2
Certificate issuer: /CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Certificate serial: 01856E78FCD611A4806D1A34863C9B926CE5
Authority key identifier: 3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/CYfxUERfxDg5h_STRe7OFTVCtPI.roa
Signing time: Sun 01 Jan 2023 17:55:00 +0000
ROA not before: Sun 01 Jan 2023 17:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12678
IP address blocks: 159.253.176.0/22 maxlen: 22
159.253.180.0/24 maxlen: 24
185.153.128.0/22 maxlen: 23
159.253.181.0/24 maxlen: 24
31.222.64.0/22 maxlen: 23
31.222.70.0/24 maxlen: 24
31.222.70.0/23 maxlen: 23
31.222.71.0/24 maxlen: 24
31.222.66.0/23 maxlen: 24
31.222.68.0/23 maxlen: 23
31.222.72.0/22 maxlen: 24
31.222.78.0/23 maxlen: 24
31.222.76.0/23 maxlen: 23
2a00:aea0:113::/48 maxlen: 48
2a00:aea0:213::/48 maxlen: 48
2a00:aea0:111::/48 maxlen: 48
2a00:aea0:211::/48 maxlen: 48
2a00:aea0:112::/48 maxlen: 48
2a00:aea0:212::/48 maxlen: 48
2a00:aea0:100::/40 maxlen: 40
2a00:aea0:200::/40 maxlen: 40
2a00:aea0:600::/40 maxlen: 40
2a00:aea0:6500::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 18 Apr 2023 11:45:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:fc:d6:11:a4:80:6d:1a:34:86:3c:9b:92:6c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eecd4caa9a3a57715e3d5d66bccd7185afe40da
Validity
Not Before: Jan 1 17:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0987f150445fc4383987f49345eece153542b4f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7b:25:10:5a:66:c4:16:94:28:de:5b:80:1c:
78:cd:d6:c0:23:16:13:13:cb:19:fd:fc:88:f3:69:
a7:2c:53:7d:e8:7d:22:1d:84:83:8e:0f:ab:87:81:
df:c4:cc:dd:f6:8d:dd:51:37:e0:01:94:9f:70:4a:
0d:ad:a9:4d:36:91:4b:27:41:f9:60:7b:2c:11:50:
0f:53:15:6e:31:fb:ff:7d:7b:db:8e:d4:a7:c5:a1:
cb:44:3f:2a:ce:4e:20:00:f7:7e:86:07:81:ca:04:
9f:fa:65:a6:08:fa:04:c5:f8:c7:4b:ef:2f:e2:d3:
11:36:78:85:6c:c8:e6:4e:e5:19:f8:a5:60:cc:9d:
69:5f:cf:f6:7b:ed:18:13:3c:04:31:7b:2d:bc:ed:
ed:68:cb:c6:2c:67:1d:ab:f2:a6:e0:04:68:bd:65:
0d:d1:ce:d1:9e:29:ac:d8:74:d7:a3:44:9c:f8:43:
31:ab:ca:7c:d9:3b:04:5a:fd:7f:2b:ae:02:bc:92:
72:36:38:6e:1b:7b:95:16:c2:97:cf:56:45:08:ef:
3f:ff:cb:98:95:27:85:92:e6:1a:1e:e2:3c:19:83:
30:d0:e8:a7:07:19:4b:9e:4f:8e:a9:45:c1:f9:d6:
3f:1d:5c:4b:67:94:72:fe:45:24:a7:7e:25:df:6a:
54:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:87:F1:50:44:5F:C4:38:39:87:F4:93:45:EE:CE:15:35:42:B4:F2
X509v3 Authority Key Identifier:
keyid:3E:EC:D4:CA:A9:A3:A5:77:15:E3:D5:D6:6B:CC:D7:18:5A:FE:40:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzUyqmjpXcV49XWa8zXGFr-QNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/CYfxUERfxDg5h_STRe7OFTVCtPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/3645b2-af2e-4c0d-9812-69eec5b4b505/1/PuzUyqmjpXcV49XWa8zXGFr-QNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.64.0/20
159.253.176.0-159.253.181.255
185.153.128.0/22
IPv6:
2a00:aea0:100::-2a00:aea0:2ff:ffff:ffff:ffff:ffff:ffff
2a00:aea0:600::/40
2a00:aea0:6500::/40
Signature Algorithm: sha256WithRSAEncryption
07:e3:ae:af:7d:9d:7c:3f:5e:a8:1e:50:c3:c0:4b:ca:bd:42:
96:2c:bc:18:5a:75:65:a6:e9:5a:55:d0:02:2e:e8:bd:12:3c:
5e:87:7f:d7:a9:c7:20:e6:bd:a8:f1:82:88:93:d7:ae:e5:fd:
0b:c4:21:26:e8:23:d9:a5:9e:f6:ce:d1:72:50:7b:43:9c:9a:
62:0a:92:27:42:d6:0a:3d:11:18:a9:5a:a7:63:ad:4d:29:6f:
e0:6b:b6:48:b1:b4:ec:e5:0c:cb:22:21:58:8f:95:a2:5f:e3:
a4:92:69:e4:a1:93:89:ba:f7:1b:21:52:70:5b:dd:7d:1b:fb:
0f:21:de:1c:3f:24:b3:27:c7:ad:e9:cc:85:f6:d4:50:e9:3d:
6b:de:48:f9:a9:55:dc:a1:78:30:0b:f0:8f:83:c0:13:58:d6:
94:b1:4e:92:22:38:d8:06:2b:28:7c:24:24:82:71:72:6e:e1:
d7:a4:17:37:bb:f1:6d:82:8b:e8:1f:77:28:e2:7b:b7:36:a3:
b9:17:15:8b:7a:92:b6:f0:65:4b:ce:aa:59:74:c9:ae:0f:93:
c5:26:ff:55:f6:32:7d:5c:11:96:b1:1d:e5:ed:90:15:85:0a:
e5:06:8d:7d:36:fd:04:7a:83:3b:00:7b:b2:a0:a9:2a:cd:03:
66:54:f6:9f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVuePzWEaSAbRo0hjybkmzlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNkNGNhYTlhM2E1NzcxNWUzZDVkNjZiY2NkNzE4NWFm
ZTQwZGEwHhcNMjMwMTAxMTc1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg3ZjE1MDQ0NWZjNDM4Mzk4N2Y0OTM0NWVlY2UxNTM1NDJiNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXslEFpmxBaUKN5bgBx4zdbAIxYT
E8sZ/fyI82mnLFN96H0iHYSDjg+rh4HfxMzd9o3dUTfgAZSfcEoNralNNpFLJ0H5
YHssEVAPUxVuMfv/fXvbjtSnxaHLRD8qzk4gAPd+hgeBygSf+mWmCPoExfjHS+8v
4tMRNniFbMjmTuUZ+KVgzJ1pX8/2e+0YEzwEMXstvO3taMvGLGcdq/Km4ARovWUN
0c7Rnims2HTXo0Sc+EMxq8p82TsEWv1/K64CvJJyNjhuG3uVFsKXz1ZFCO8//8uY
lSeFkuYaHuI8GYMw0OinBxlLnk+OqUXB+dY/HVxLZ5Ry/kUkp34l32pUWQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAmH8VBEX8Q4OYf0k0XuzhU1QrTyMB8GA1UdIwQY
MBaAFD7s1Mqpo6V3FePV1mvM1xha/kDaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTIt
NjllZWM1YjRiNTA1LzEvQ1lmeFVFUmZ4RGc1aF9TVFJlN09GVFZDdFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8zNjQ1YjItYWYyZS00YzBkLTk4MTItNjllZWM1YjRiNTA1
LzEvUHV6VXlxbWpwWGNWNDlYV2E4elhHRnItUU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAgBAIAATAaAwQEH95AMAwD
BASf/bADBAGf/bQDBAK5mYAwKAQCAAIwIjAQAwYAKgCuoAEDBgAqAK6gAgMGACoA
rqAGAwYAKgCuoGUwDQYJKoZIhvcNAQELBQADggEBAAfjrq99nXw/XqgeUMPAS8q9
QpYsvBhadWWm6VpV0AIu6L0SPF6Hf9epxyDmvajxgoiT167l/QvEISboI9mlnvbO
0XJQe0OcmmIKkidC1go9ERipWqdjrU0pb+BrtkixtOzlDMsiIViPlaJf46SSaeSh
k4m69xshUnBb3X0b+w8h3hw/JLMnx63pzIX21FDpPWveSPmpVdyheDAL8I+DwBNY
1pSxTpIiONgGKyh8JCSCcXJu4dekFze78W2Ci+gfdyjie7c2o7kXFYt6krbwZUvO
qll0ya4Pk8Um/1X2Mn1cEZaxHeXtkBWFCuUGjX02/QR6gzsAe7KgqSrNA2ZU9p8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:57 2024 by rpki-client on console-fra.rpki-client.org