Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/tPeAi3FQlE0XpY1Ni0HOxYvdZVo.roa
File: tPeAi3FQlE0XpY1Ni0HOxYvdZVo.roa (raw, json)
Hash identifier: Asx9eAGgOBIAiDb0Y2temZRO+nXIwofExz/BGGJMvrA=
Subject key identifier: B4:F7:80:8B:71:50:94:4D:17:A5:8D:4D:8B:41:CE:C5:8B:DD:65:5A
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 01866A7720DA04A0D53FF2E16DC46E20F5F0
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/tPeAi3FQlE0XpY1Ni0HOxYvdZVo.roa
Signing time: Sun 19 Feb 2023 16:17:17 +0000
ROA not before: Sun 19 Feb 2023 16:17:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35815
IP address blocks: 31.25.24.0/21 maxlen: 21
109.198.96.0/19 maxlen: 19
109.198.104.0/24 maxlen: 24
45.9.212.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6a:77:20:da:04:a0:d5:3f:f2:e1:6d:c4:6e:20:f5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Feb 19 16:17:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4f7808b7150944d17a58d4d8b41cec58bdd655a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:4c:cc:6c:4b:ab:b2:a2:63:6a:3b:11:e1:
25:a0:e5:1e:d2:95:9c:b0:93:47:ce:7a:cb:6c:af:
94:a9:b2:2b:12:1f:66:57:80:e5:c7:09:3e:da:ba:
fe:07:6f:9b:81:50:54:32:20:25:75:e3:e5:0d:68:
ff:4f:d8:74:61:62:bc:0a:aa:8a:84:5c:7b:4f:1d:
bc:4e:d4:0a:84:10:98:6e:8f:96:7a:c4:fc:e1:79:
57:ba:1b:ff:d0:a1:7b:9b:92:3b:86:a1:b3:ea:12:
20:ef:f8:dc:0f:98:4d:82:1a:58:fe:8c:f0:9b:eb:
c4:9e:26:06:27:7e:75:bd:1e:58:1b:0e:c4:d0:7c:
08:09:6c:38:65:c4:ea:83:8e:45:10:e6:6a:c3:e4:
58:e3:e1:07:09:17:1e:dd:0a:41:76:b3:3e:34:09:
7d:de:da:ba:3a:36:3f:74:42:dd:6c:32:e2:6b:0a:
57:31:fc:f7:4e:54:76:f8:b4:fe:18:9f:1b:54:89:
c2:ca:a9:af:0e:08:45:17:91:7c:33:a6:be:cf:53:
58:80:6e:80:79:94:88:7b:4e:f7:92:a4:2a:0c:71:
74:d3:e9:32:26:26:0c:a5:28:04:20:79:47:7c:10:
37:fc:35:8f:a1:3d:f5:e4:08:6d:2d:90:a8:ca:8a:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F7:80:8B:71:50:94:4D:17:A5:8D:4D:8B:41:CE:C5:8B:DD:65:5A
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/tPeAi3FQlE0XpY1Ni0HOxYvdZVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.24.0/21
45.9.212.0/22
109.198.96.0/19
Signature Algorithm: sha256WithRSAEncryption
9d:52:b4:95:f7:e7:1d:bf:bd:52:43:bc:be:ea:ad:46:89:a7:
70:9d:e2:09:70:3d:7c:84:c3:9b:ed:15:06:6a:aa:6d:fb:91:
d1:fc:05:41:bb:1f:e2:89:29:00:a7:b2:47:dd:aa:f8:b6:95:
87:82:6f:94:8a:aa:69:7f:72:7d:7b:22:d9:01:d6:f5:55:75:
f7:7b:63:1a:2c:00:d2:29:62:62:9a:3a:8b:04:a3:f3:0c:41:
36:a5:98:22:47:c3:6a:b0:6f:86:39:80:f3:e1:3c:1b:76:9c:
16:74:8f:7a:4e:a2:5c:0a:1b:e7:91:fc:2e:0f:cb:67:8e:c4:
fd:22:08:aa:3e:1d:99:21:4d:b3:2c:0e:73:ca:e3:50:a6:22:
d6:52:f4:07:51:fa:d1:2d:fb:50:12:97:9e:37:90:8a:03:3c:
9b:2d:04:56:34:e7:4f:ef:7a:52:49:0e:fe:71:19:2e:79:3a:
cb:68:df:8e:90:56:44:e1:39:10:8c:83:09:e4:4e:69:55:51:
47:31:0d:3b:ac:05:36:2c:b7:2f:3f:11:94:da:ce:50:30:46:
89:89:92:f9:6c:eb:ba:1f:af:2b:fe:51:b2:f9:51:f7:58:1a:
31:4c:6e:3a:52:a8:d9:ec:ca:a1:64:9b:ff:ab:32:97:ed:cc:
b9:c2:42:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZqdyDaBKDVP/LhbcRuIPXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjMwMjE5MTYxNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY3ODA4YjcxNTA5NDRkMTdhNThkNGQ4YjQxY2VjNThiZGQ2NTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte9MzGxLq7KiY2o7EeEloOUe0pWc
sJNHznrLbK+UqbIrEh9mV4Dlxwk+2rr+B2+bgVBUMiAldePlDWj/T9h0YWK8CqqK
hFx7Tx28TtQKhBCYbo+WesT84XlXuhv/0KF7m5I7hqGz6hIg7/jcD5hNghpY/ozw
m+vEniYGJ351vR5YGw7E0HwICWw4ZcTqg45FEOZqw+RY4+EHCRce3QpBdrM+NAl9
3tq6OjY/dELdbDLiawpXMfz3TlR2+LT+GJ8bVInCyqmvDghFF5F8M6a+z1NYgG6A
eZSIe073kqQqDHF00+kyJiYMpSgEIHlHfBA3/DWPoT315AhtLZCoyoqiewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLT3gItxUJRNF6WNTYtBzsWL3WVaMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvdFBlQWkzRlFsRTBYcFkxTmkwSE94WXZkWlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHxkYAwQC
LQnUAwQFbcZgMA0GCSqGSIb3DQEBCwUAA4IBAQCdUrSV9+cdv71SQ7y+6q1Giadw
neIJcD18hMOb7RUGaqpt+5HR/AVBux/iiSkAp7JH3ar4tpWHgm+Uiqppf3J9eyLZ
Adb1VXX3e2MaLADSKWJimjqLBKPzDEE2pZgiR8NqsG+GOYDz4TwbdpwWdI96TqJc
ChvnkfwuD8tnjsT9IgiqPh2ZIU2zLA5zyuNQpiLWUvQHUfrRLftQEpeeN5CKAzyb
LQRWNOdP73pSSQ7+cRkueTrLaN+OkFZE4TkQjIMJ5E5pVVFHMQ07rAU2LLcvPxGU
2s5QMEaJiZL5bOu6H68r/lGy+VH3WBoxTG46UqjZ7MqhZJv/qzKX7cy5wkLQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:12 2024 by rpki-client on console-ams.rpki-client.org