Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/1-QqztVAaBTzOevh8s4-CGOGlGz8.roa
File: 1-QqztVAaBTzOevh8s4-CGOGlGz8.roa (raw, json)
Hash identifier: SkTXHMgiU9Burc3gxM5qLad6RXURxeJtHgaNvPsQviQ=
Subject key identifier: F9:0A:B3:B5:50:1A:05:3C:CE:7A:F8:7C:B3:8F:82:18:E1:A5:1B:3F
Certificate issuer: /CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Certificate serial: 018F30A7B56A7ACF28EDCA8CDAA57B8CFFCA
Authority key identifier: B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/1-QqztVAaBTzOevh8s4-CGOGlGz8.roa
Signing time: Tue 30 Apr 2024 20:17:28 +0000
ROA not before: Tue 30 Apr 2024 20:17:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199095
IP address blocks: 31.31.128.0/19 maxlen: 24
80.91.144.0/20 maxlen: 24
217.64.240.0/20 maxlen: 24
2a11:bfc0::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Oct 2024 09:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:a7:b5:6a:7a:cf:28:ed:ca:8c:da:a5:7b:8c:ff:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f713cf20552d6c5c23f09e7b37669846f9ca50
Validity
Not Before: Apr 30 20:17:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f90ab3b5501a053cce7af87cb38f8218e1a51b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3b:a1:99:6b:87:b4:30:7d:57:c6:3a:fb:2f:
8f:05:84:97:6b:aa:d2:c3:f0:ab:e1:b1:12:da:ca:
2b:8e:ae:2a:6f:70:5b:f3:e8:b3:36:78:d7:1d:73:
f7:c9:b5:77:4d:51:99:27:e6:61:16:17:de:81:52:
95:51:92:c6:31:9e:3f:12:81:50:1b:fd:08:18:f2:
2e:f2:d5:68:be:30:0f:e9:f1:c5:40:d0:6c:cf:7c:
92:36:7e:70:2b:59:46:a7:ac:db:74:be:71:18:19:
d5:4d:c2:43:55:82:82:a7:fe:a7:ed:6e:f2:d2:28:
c3:86:fd:fa:f7:bf:9b:e7:80:93:28:08:03:8e:4e:
80:12:eb:ad:69:90:89:1b:d6:f2:2f:10:af:34:96:
19:1e:6c:8a:d3:37:f9:0e:55:fd:84:e6:b8:4d:7e:
42:1b:2b:a1:f3:5c:b6:91:97:7a:8d:fe:3c:e6:41:
76:37:f1:d1:52:9b:b5:83:46:a9:35:40:fe:9d:d8:
93:69:9b:ed:4b:b3:b7:a0:a9:cb:7d:ca:f4:50:55:
92:b6:64:62:d9:f3:5a:2b:03:9a:18:67:59:01:09:
14:ff:36:f2:0c:f1:b0:f2:4a:1b:0a:04:d4:75:c8:
16:18:95:ba:03:c2:c1:cf:f0:fe:56:fc:dd:1e:67:
3b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:0A:B3:B5:50:1A:05:3C:CE:7A:F8:7C:B3:8F:82:18:E1:A5:1B:3F
X509v3 Authority Key Identifier:
keyid:B1:F7:13:CF:20:55:2D:6C:5C:23:F0:9E:7B:37:66:98:46:F9:CA:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sfcTzyBVLWxcI_CeezdmmEb5ylA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/1-QqztVAaBTzOevh8s4-CGOGlGz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f1af29-7f09-4f9c-acd6-694d78b32d20/1/sfcTzyBVLWxcI_CeezdmmEb5ylA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.128.0/19
80.91.144.0/20
217.64.240.0/20
IPv6:
2a11:bfc0::/29
Signature Algorithm: sha256WithRSAEncryption
14:23:a4:c7:e7:80:c5:98:8d:0a:8f:c7:27:cc:e9:b4:6a:17:
71:90:73:4e:06:25:6d:58:3a:9d:26:a9:01:b8:5f:5d:d1:4f:
df:54:ba:ff:b2:cc:d9:2a:97:02:8b:1f:88:73:16:35:2f:af:
b6:c5:43:3d:5d:d1:21:e9:49:ba:74:97:a9:72:35:78:c1:9b:
59:ff:5d:12:4f:9f:17:99:b1:26:6d:0d:a1:ff:90:ce:a3:8e:
73:53:b3:9c:b2:47:ce:cd:66:05:f6:cf:c9:25:31:07:39:ab:
67:77:a6:f5:e6:ea:f1:2a:cd:c2:dc:f1:e3:5e:f1:a8:3b:63:
ea:78:2a:22:26:c6:27:bf:5d:0e:bf:fe:ed:77:24:57:06:bb:
80:cc:ab:50:b8:76:d4:57:e7:4f:e6:0c:f4:1f:ea:53:88:bd:
da:9c:ed:9c:7f:98:1b:95:40:4d:14:9a:fd:14:d7:60:0d:e3:
99:36:14:41:68:21:cf:70:6d:2d:e8:f8:5a:3a:78:26:18:60:
ce:81:80:8c:70:ea:f4:a3:79:d3:34:0d:8a:9f:94:37:cd:e6:
a9:78:37:7a:8d:82:3b:1a:87:f3:61:63:54:d2:86:ec:9d:10:
1a:26:4f:aa:d3:22:e8:e4:e7:63:68:a6:91:29:23:b8:ec:53:
8a:21:4c:a7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8wp7Vqes8o7cqM2qV7jP/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjcxM2NmMjA1NTJkNmM1YzIzZjA5ZTdiMzc2Njk4NDZm
OWNhNTAwHhcNMjQwNDMwMjAxNzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTBhYjNiNTUwMWEwNTNjY2U3YWY4N2NiMzhmODIxOGUxYTUxYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8juhmWuHtDB9V8Y6+y+PBYSXa6rS
w/Cr4bES2sorjq4qb3Bb8+izNnjXHXP3ybV3TVGZJ+ZhFhfegVKVUZLGMZ4/EoFQ
G/0IGPIu8tVovjAP6fHFQNBsz3ySNn5wK1lGp6zbdL5xGBnVTcJDVYKCp/6n7W7y
0ijDhv3697+b54CTKAgDjk6AEuutaZCJG9byLxCvNJYZHmyK0zf5DlX9hOa4TX5C
Gyuh81y2kZd6jf485kF2N/HRUpu1g0apNUD+ndiTaZvtS7O3oKnLfcr0UFWStmRi
2fNaKwOaGGdZAQkU/zbyDPGw8kobCgTUdcgWGJW6A8LBz/D+VvzdHmc7yQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPkKs7VQGgU8znr4fLOPghjhpRs/MB8GA1UdIwQY
MBaAFLH3E88gVS1sXCPwnns3ZphG+cpQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZjVHp5QlZMV3hjSV9DZWV6ZG1tRWI1eWxBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mMWFmMjktN2YwOS00ZjljLWFjZDYt
Njk0ZDc4YjMyZDIwLzEvMS1RcXp0VkFhQlR6T2V2aDhzNC1DR09HbEd6OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2MvZjFhZjI5LTdmMDktNGY5Yy1hY2Q2LTY5NGQ3OGIzMmQy
MC8xL3NmY1R6eUJWTFd4Y0lfQ2VlemRtbUViNXlsQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBR8fgAME
BFBbkAMEBNlA8DANBAIAAjAHAwUDKhG/wDANBgkqhkiG9w0BAQsFAAOCAQEAFCOk
x+eAxZiNCo/HJ8zptGoXcZBzTgYlbVg6nSapAbhfXdFP31S6/7LM2SqXAosfiHMW
NS+vtsVDPV3RIelJunSXqXI1eMGbWf9dEk+fF5mxJm0Nof+QzqOOc1OznLJHzs1m
BfbPySUxBzmrZ3em9ebq8SrNwtzx417xqDtj6ngqIibGJ79dDr/+7XckVwa7gMyr
ULh21FfnT+YM9B/qU4i92pztnH+YG5VATRSa/RTXYA3jmTYUQWghz3BtLej4Wjp4
JhhgzoGAjHDq9KN50zQNip+UN83mqXg3eo2COxqH82FjVNKG7J0QGiZPqtMi6OTn
Y2imkSkjuOxTiiFMpw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:25 2025 by rpki-client