Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/nIDdIxNSGKfZzfWTy9pqOTiY1nU.roa
File: nIDdIxNSGKfZzfWTy9pqOTiY1nU.roa (raw, json)
Hash identifier: lsxyYWyRZK2GcYK8TjX3Ks0Xntj5Xyg/7TCFoqBz56s=
Subject key identifier: 9C:80:DD:23:13:52:18:A7:D9:CD:F5:93:CB:DA:6A:39:38:98:D6:75
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018BD3504E508AE8C9A7116F0D425198C19D
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/nIDdIxNSGKfZzfWTy9pqOTiY1nU.roa
Signing time: Wed 15 Nov 2023 14:08:57 +0000
ROA not before: Wed 15 Nov 2023 14:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205993
IP address blocks: 31.131.164.0/22 maxlen: 22
85.255.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 29 Dec 2023 14:18:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:50:4e:50:8a:e8:c9:a7:11:6f:0d:42:51:98:c1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Nov 15 14:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c80dd23135218a7d9cdf593cbda6a393898d675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ac:48:15:e2:11:6d:38:d6:0b:bc:86:85:4c:
df:6b:f2:53:29:82:db:10:72:ec:e4:7f:de:2c:31:
f7:8d:bc:74:20:6c:66:66:49:f6:86:3c:95:8c:cb:
c0:90:96:8d:d5:6d:e1:24:05:82:17:16:14:80:85:
dc:58:72:9f:7c:de:14:0a:5a:b7:95:06:f3:5f:b3:
fd:1b:e0:19:86:a2:29:07:96:e3:35:04:68:4d:22:
e2:07:5f:a5:3f:cd:33:d7:cc:10:c7:ae:f9:40:c5:
e1:51:ff:71:0e:86:de:f3:ca:55:d1:23:f7:35:1e:
85:69:ad:f0:0a:c1:7b:a2:e5:5f:c5:e6:55:21:de:
58:4c:5a:36:8a:87:f7:1b:63:92:ed:f2:a4:b2:de:
20:2a:f8:66:3d:01:fb:e3:fd:24:a4:e8:3a:5f:2d:
9c:49:b7:fd:9d:81:37:9d:96:d0:a7:fe:e4:7a:8b:
0a:d9:1d:0d:13:55:59:71:a8:e7:8b:c2:c9:7d:49:
ea:7a:ae:4e:62:82:5d:62:83:4e:8d:fb:01:40:60:
e9:81:36:e5:c3:af:b9:f1:02:25:73:74:02:ac:be:
17:bc:70:a4:db:b6:cc:55:68:e3:ed:86:15:fe:32:
2b:03:1e:12:dd:14:9e:4e:a7:f7:35:67:d7:7b:a0:
a8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:80:DD:23:13:52:18:A7:D9:CD:F5:93:CB:DA:6A:39:38:98:D6:75
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/nIDdIxNSGKfZzfWTy9pqOTiY1nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.164.0/22
85.255.120.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:ef:ab:f7:ca:a7:e3:33:4e:52:bd:40:11:86:b8:82:c4:e0:
10:1d:e5:16:3b:31:b7:a0:2b:0d:66:46:7d:bb:22:95:f6:e8:
c9:b3:a0:c1:d8:ed:07:6c:94:4d:b3:e4:8f:e1:29:7f:05:c8:
3c:01:e9:4d:c9:a8:ec:65:7b:77:f9:19:6b:64:1e:fc:7f:db:
d2:0c:16:33:f5:1d:51:75:bd:48:41:2b:b6:81:d9:a7:bd:7d:
73:b1:47:e1:00:5a:66:0c:31:dd:de:af:82:a2:cc:cb:3f:53:
98:d1:9a:60:69:67:17:37:15:37:b5:18:9e:22:a4:cb:9a:27:
c7:dd:89:22:64:af:30:4a:3f:bc:a9:11:7c:79:d3:7f:41:8f:
bf:28:14:2a:6f:46:30:f6:5e:52:a0:2b:f6:cc:ba:b0:aa:d1:
d4:7f:0b:61:e4:2e:32:30:0b:80:a3:11:eb:be:59:0c:d2:f3:
9f:21:02:db:a9:c2:b4:23:a1:37:a3:1c:04:0a:3b:fa:e4:95:
d1:0e:c6:44:b3:3f:d9:58:bc:eb:00:6a:22:46:06:f1:0a:32:
23:c9:7a:d2:df:2d:03:62:57:75:e0:e7:4a:a0:43:cf:9d:9f:
b3:c3:f3:04:66:42:29:f8:3a:6f:f6:08:22:b9:3b:18:27:00:
69:20:90:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvTUE5QiujJpxFvDUJRmMGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMxMTE1MTQwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzgwZGQyMzEzNTIxOGE3ZDljZGY1OTNjYmRhNmEzOTM4OThkNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqxIFeIRbTjWC7yGhUzfa/JTKYLb
EHLs5H/eLDH3jbx0IGxmZkn2hjyVjMvAkJaN1W3hJAWCFxYUgIXcWHKffN4UClq3
lQbzX7P9G+AZhqIpB5bjNQRoTSLiB1+lP80z18wQx675QMXhUf9xDobe88pV0SP3
NR6Faa3wCsF7ouVfxeZVId5YTFo2iof3G2OS7fKkst4gKvhmPQH74/0kpOg6Xy2c
Sbf9nYE3nZbQp/7keosK2R0NE1VZcajni8LJfUnqeq5OYoJdYoNOjfsBQGDpgTbl
w6+58QIlc3QCrL4XvHCk27bMVWjj7YYV/jIrAx4S3RSeTqf3NWfXe6CoNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJyA3SMTUhin2c31k8vaajk4mNZ1MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvbklEZEl4TlNHS2ZaemZXVHk5cHFPVGlZMW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4OkAwQD
Vf94MA0GCSqGSIb3DQEBCwUAA4IBAQAq76v3yqfjM05SvUARhriCxOAQHeUWOzG3
oCsNZkZ9uyKV9ujJs6DB2O0HbJRNs+SP4Sl/Bcg8AelNyajsZXt3+RlrZB78f9vS
DBYz9R1Rdb1IQSu2gdmnvX1zsUfhAFpmDDHd3q+CoszLP1OY0ZpgaWcXNxU3tRie
IqTLmifH3YkiZK8wSj+8qRF8edN/QY+/KBQqb0Yw9l5SoCv2zLqwqtHUfwth5C4y
MAuAoxHrvlkM0vOfIQLbqcK0I6E3oxwECjv65JXRDsZEsz/ZWLzrAGoiRgbxCjIj
yXrS3y0DYld14OdKoEPPnZ+zw/MEZkIp+Dpv9ggiuTsYJwBpIJCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:07 2024 by rpki-client on console-fra.rpki-client.org