Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/zKVs7ORDOdIA9Sr-JCmhvtvUlfI.roa
File: zKVs7ORDOdIA9Sr-JCmhvtvUlfI.roa (raw, json)
Hash identifier: rfV2Bxs7A3/B733Wx6CzOMaMW1El9G7hP2+5fwXdons=
Subject key identifier: CC:A5:6C:EC:E4:43:39:D2:00:F5:2A:FE:24:29:A1:BE:DB:D4:95:F2
Certificate issuer: /CN=c6135e4acf96139ce5ff2cfdd95f55a8176d7324
Certificate serial: 018B1DF32413E1355726BD7B860B23F665DE
Authority key identifier: C6:13:5E:4A:CF:96:13:9C:E5:FF:2C:FD:D9:5F:55:A8:17:6D:73:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhNeSs-WE5zl_yz92V9VqBdtcyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/zKVs7ORDOdIA9Sr-JCmhvtvUlfI.roa
Signing time: Wed 11 Oct 2023 08:55:55 +0000
ROA not before: Wed 11 Oct 2023 08:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34555
IP address blocks: 185.4.240.0/22 maxlen: 22
31.24.216.0/24 maxlen: 24
31.24.217.0/24 maxlen: 24
31.24.218.0/24 maxlen: 24
31.24.219.0/24 maxlen: 24
31.24.220.0/24 maxlen: 24
31.24.223.0/24 maxlen: 24
31.24.221.0/24 maxlen: 24
31.24.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:f3:24:13:e1:35:57:26:bd:7b:86:0b:23:f6:65:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6135e4acf96139ce5ff2cfdd95f55a8176d7324
Validity
Not Before: Oct 11 08:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cca56cece44339d200f52afe2429a1bedbd495f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:09:a8:e2:99:0c:12:4f:09:59:bf:cf:a0:
a3:2c:0c:ce:27:68:72:03:eb:97:a8:7d:be:fd:90:
92:d1:05:36:45:5c:e1:d8:1f:32:50:fd:48:8f:ff:
d8:83:b7:d4:25:61:51:7c:c5:62:2a:ae:e6:e2:36:
28:93:8f:72:48:63:71:95:d0:3c:82:8c:71:43:c9:
ae:3a:e3:88:59:d8:9c:b5:5d:d3:db:af:af:e6:f0:
e4:16:4d:00:e0:22:92:ce:cc:d8:7f:68:07:a8:78:
ee:3a:6b:13:16:3b:c6:d2:80:7a:86:fd:be:e0:6c:
44:8e:41:93:ff:83:74:c7:54:38:d9:c2:4e:42:f3:
df:c5:72:76:28:48:44:96:54:99:d5:e2:20:d6:00:
07:2d:ad:ef:6a:ad:4c:4e:2b:1d:48:cd:00:cb:f7:
7e:d7:9d:d5:49:ad:6a:23:9b:8f:f1:e0:7a:7d:00:
61:13:c9:11:fb:c4:e7:1d:f4:c9:a8:a1:9f:b6:ab:
1f:ac:be:34:5e:17:5c:7c:dd:b9:e4:c7:c2:69:c2:
32:20:09:b0:28:36:2e:e4:f0:1c:98:ef:e3:e1:a5:
bf:4a:3b:39:bc:d7:17:12:73:85:a9:13:23:55:80:
9e:6a:9d:64:f3:fc:1e:31:e4:88:77:c0:f8:1b:18:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A5:6C:EC:E4:43:39:D2:00:F5:2A:FE:24:29:A1:BE:DB:D4:95:F2
X509v3 Authority Key Identifier:
keyid:C6:13:5E:4A:CF:96:13:9C:E5:FF:2C:FD:D9:5F:55:A8:17:6D:73:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhNeSs-WE5zl_yz92V9VqBdtcyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/zKVs7ORDOdIA9Sr-JCmhvtvUlfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/6f6f0d-e6df-4f2b-80df-466b0cd8b75a/1/xhNeSs-WE5zl_yz92V9VqBdtcyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.216.0/21
185.4.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:7b:d0:8b:b5:f8:ff:b9:4e:ee:4e:af:28:83:34:f6:cc:af:
2b:18:38:8e:80:d0:32:bf:a8:8d:e7:e3:3e:4b:aa:54:dc:d8:
60:d5:51:09:d3:12:ce:d6:be:fd:cd:38:cf:a5:b6:ad:fd:f0:
03:01:8a:48:8c:f2:84:bb:46:a5:8d:0c:9c:22:2d:bf:b6:30:
b5:48:0a:5f:0e:25:88:4a:69:b4:15:8b:c3:a7:d8:8a:fc:f3:
70:c8:0f:39:f6:b1:c5:e6:61:88:c5:4d:a9:0d:fb:8f:d5:e3:
62:97:a2:51:2f:8b:b9:65:83:15:c4:16:d8:f8:6b:b2:f8:3a:
d3:de:01:26:14:e0:f3:e8:14:c7:59:47:b9:ed:4e:0d:e0:ae:
6c:bd:68:dc:90:11:75:73:64:d9:b6:b2:e0:f0:9b:94:3d:b0:
9c:12:65:2a:30:8b:bc:09:96:53:e9:a5:b3:52:45:83:bc:d1:
10:04:1b:66:99:5b:27:3d:c7:a8:32:a4:f0:f9:41:f3:cb:52:
cf:35:1e:bf:1c:e0:6f:35:93:a2:5b:55:01:02:ab:79:9a:ca:
8d:29:39:49:96:62:73:64:13:67:47:39:12:0a:df:b0:e2:99:
f3:e7:19:6a:f6:fa:74:d8:be:5d:69:52:83:d1:53:0d:f3:1e:
34:56:c9:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsd8yQT4TVXJr17hgsj9mXeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTM1ZTRhY2Y5NjEzOWNlNWZmMmNmZGQ5NWY1NWE4MTc2
ZDczMjQwHhcNMjMxMDExMDg1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2E1NmNlY2U0NDMzOWQyMDBmNTJhZmUyNDI5YTFiZWRiZDQ5NWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsawJqOKZDBJPCVm/z6CjLAzOJ2hy
A+uXqH2+/ZCS0QU2RVzh2B8yUP1Ij//Yg7fUJWFRfMViKq7m4jYok49ySGNxldA8
goxxQ8muOuOIWdictV3T26+v5vDkFk0A4CKSzszYf2gHqHjuOmsTFjvG0oB6hv2+
4GxEjkGT/4N0x1Q42cJOQvPfxXJ2KEhEllSZ1eIg1gAHLa3vaq1MTisdSM0Ay/d+
153VSa1qI5uP8eB6fQBhE8kR+8TnHfTJqKGftqsfrL40XhdcfN255MfCacIyIAmw
KDYu5PAcmO/j4aW/Sjs5vNcXEnOFqRMjVYCeap1k8/weMeSId8D4Gxj9wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMylbOzkQznSAPUq/iQpob7b1JXyMB8GA1UdIwQY
MBaAFMYTXkrPlhOc5f8s/dlfVagXbXMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhOZVNzLVdFNXpsX3l6OTJWOVZxQmR0Y3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS82ZjZmMGQtZTZkZi00ZjJiLTgwZGYt
NDY2YjBjZDhiNzVhLzEvektWczdPUkRPZElBOVNyLUpDbWh2dHZVbGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS82ZjZmMGQtZTZkZi00ZjJiLTgwZGYtNDY2YjBjZDhiNzVh
LzEveGhOZVNzLVdFNXpsX3l6OTJWOVZxQmR0Y3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDHxjYAwQC
uQTwMA0GCSqGSIb3DQEBCwUAA4IBAQAfe9CLtfj/uU7uTq8ogzT2zK8rGDiOgNAy
v6iN5+M+S6pU3Nhg1VEJ0xLO1r79zTjPpbat/fADAYpIjPKEu0aljQycIi2/tjC1
SApfDiWISmm0FYvDp9iK/PNwyA859rHF5mGIxU2pDfuP1eNil6JRL4u5ZYMVxBbY
+Guy+DrT3gEmFODz6BTHWUe57U4N4K5svWjckBF1c2TZtrLg8JuUPbCcEmUqMIu8
CZZT6aWzUkWDvNEQBBtmmVsnPceoMqTw+UHzy1LPNR6/HOBvNZOiW1UBAqt5msqN
KTlJlmJzZBNnRzkSCt+w4pnz5xlq9vp02L5daVKD0VMN8x40Vslc
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:14 2024 by rpki-client on console-fra.rpki-client.org