Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/RyDNEH8wtDHf0KkYVwmoDjFc7Rc.roa
File: RyDNEH8wtDHf0KkYVwmoDjFc7Rc.roa (raw, json)
Hash identifier: B4RvqrVbBABUvYwEmNx6my931/9w8rc5RHF1Ql/7vvg=
Subject key identifier: 47:20:CD:10:7F:30:B4:31:DF:D0:A9:18:57:09:A8:0E:31:5C:ED:17
Certificate issuer: /CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Certificate serial: 01856C6F1C03029B8B5D369438B68AF52F85
Authority key identifier: 71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/RyDNEH8wtDHf0KkYVwmoDjFc7Rc.roa
Signing time: Sun 01 Jan 2023 08:24:58 +0000
ROA not before: Sun 01 Jan 2023 08:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25234
IP address blocks: 81.95.96.0/20 maxlen: 20
31.15.8.0/21 maxlen: 21
185.12.196.0/22 maxlen: 22
2a02:4a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 25 Sep 2023 06:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:1c:03:02:9b:8b:5d:36:94:38:b6:8a:f5:2f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=713b9404a0c43223addc8ea1b10ab74b777a2a01
Validity
Not Before: Jan 1 08:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4720cd107f30b431dfd0a9185709a80e315ced17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3d:a6:6b:2a:85:38:12:2d:43:10:4c:78:f7:
4b:f4:f9:6d:d2:cf:8b:8a:9a:20:57:8d:0e:da:34:
dd:6f:72:00:b4:19:31:d3:2a:15:db:fd:db:4d:a4:
eb:be:67:98:f5:cd:0b:6b:d5:e8:9b:7d:6c:c0:bb:
32:14:13:2e:90:dc:e9:f4:b0:80:93:61:3b:4d:3b:
83:3c:32:ef:5e:12:12:2e:d5:55:55:85:06:a4:7e:
09:69:03:15:3f:99:18:ed:43:e9:bb:d0:d1:dc:46:
a5:75:57:e9:45:58:c0:06:dc:a7:5f:0b:98:10:15:
78:59:a1:d9:8f:61:69:02:d6:47:63:0e:36:69:c0:
7f:3d:86:f8:01:ce:8a:06:ba:8c:0c:97:8f:0c:5d:
42:08:44:6e:99:3a:34:c0:9c:8e:ef:2e:5c:fa:8f:
39:ce:f9:7f:fe:2e:c7:af:3c:d2:14:40:0d:b2:de:
cc:e3:ff:74:df:24:15:a9:c9:03:30:b8:34:9f:cb:
49:92:a4:12:95:9e:e1:3e:34:42:53:b4:dd:8d:4b:
3c:b2:ff:f5:4a:bc:a3:b8:f5:79:5a:ac:73:1d:f7:
5f:21:69:be:56:7a:ac:cd:f2:5b:64:c2:9e:a7:11:
70:d9:02:8e:6a:a1:51:4e:14:e8:ac:fe:60:9c:7d:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:20:CD:10:7F:30:B4:31:DF:D0:A9:18:57:09:A8:0E:31:5C:ED:17
X509v3 Authority Key Identifier:
keyid:71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/RyDNEH8wtDHf0KkYVwmoDjFc7Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.8.0/21
81.95.96.0/20
185.12.196.0/22
IPv6:
2a02:4a8::/32
Signature Algorithm: sha256WithRSAEncryption
31:8a:16:f8:ed:6a:0c:50:91:f5:49:16:f6:70:0e:4e:b3:6c:
7b:99:ba:df:a0:a7:da:a9:a8:2d:b3:aa:8f:ce:96:78:f7:b3:
11:b9:81:da:01:00:3a:ff:6b:ac:ab:56:30:42:4d:e3:b6:64:
a0:e3:14:ac:bd:62:54:d9:3d:b3:1b:71:d1:47:5a:a1:f2:37:
5b:48:bc:10:a2:c9:7f:73:7f:1a:87:a4:99:0a:2b:95:44:e8:
c5:9e:93:6c:69:e5:fc:22:c7:5d:c9:71:a4:96:b6:37:58:35:
c7:74:e5:e4:e2:ac:45:42:2c:58:b2:c0:8b:bd:32:1b:8a:c1:
87:58:80:77:13:17:8d:7c:8f:33:96:1c:e4:36:2b:cb:ac:fb:
cf:4c:63:e0:e3:8f:d7:2f:72:20:e5:d5:5e:8c:d7:ba:27:66:
a9:3a:6c:2b:59:16:78:f8:ae:02:cd:c8:9f:84:a1:0b:03:b7:
2c:91:dd:b7:70:a4:84:fe:3f:9f:03:00:8d:de:86:00:b5:5c:
29:01:82:01:af:b4:a1:41:3a:11:8e:b5:07:95:db:e9:43:f8:
66:11:11:63:cc:89:55:6d:03:02:2a:35:b6:6c:f6:fb:ee:91:
94:3b:33:97:21:b4:a8:69:7e:6a:59:6b:c7:cd:10:04:96:b7:
0f:60:19:ee
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsbxwDApuLXTaUOLaK9S+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxM2I5NDA0YTBjNDMyMjNhZGRjOGVhMWIxMGFiNzRiNzc3
YTJhMDEwHhcNMjMwMTAxMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzIwY2QxMDdmMzBiNDMxZGZkMGE5MTg1NzA5YTgwZTMxNWNlZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj2mayqFOBItQxBMePdL9Plt0s+L
ipogV40O2jTdb3IAtBkx0yoV2/3bTaTrvmeY9c0La9Xom31swLsyFBMukNzp9LCA
k2E7TTuDPDLvXhISLtVVVYUGpH4JaQMVP5kY7UPpu9DR3EaldVfpRVjABtynXwuY
EBV4WaHZj2FpAtZHYw42acB/PYb4Ac6KBrqMDJePDF1CCERumTo0wJyO7y5c+o85
zvl//i7HrzzSFEANst7M4/903yQVqckDMLg0n8tJkqQSlZ7hPjRCU7TdjUs8sv/1
SryjuPV5WqxzHfdfIWm+VnqszfJbZMKepxFw2QKOaqFRThTorP5gnH0lIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEcgzRB/MLQx39CpGFcJqA4xXO0XMB8GA1UdIwQY
MBaAFHE7lASgxDIjrdyOobEKt0t3eioBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUt
N2E1MzFkNDgzNzQ3LzEvUnlETkVIOHd0REhmMEtrWVZ3bW9EakZjN1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUtN2E1MzFkNDgzNzQ3
LzEvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHw8IAwQE
UV9gAwQCuQzEMA0EAgACMAcDBQAqAgSoMA0GCSqGSIb3DQEBCwUAA4IBAQAxihb4
7WoMUJH1SRb2cA5Os2x7mbrfoKfaqagts6qPzpZ497MRuYHaAQA6/2usq1YwQk3j
tmSg4xSsvWJU2T2zG3HRR1qh8jdbSLwQosl/c38ah6SZCiuVROjFnpNsaeX8Isdd
yXGklrY3WDXHdOXk4qxFQixYssCLvTIbisGHWIB3ExeNfI8zlhzkNivLrPvPTGPg
44/XL3Ig5dVejNe6J2apOmwrWRZ4+K4CzcifhKELA7cskd23cKSE/j+fAwCN3oYA
tVwpAYIBr7ShQToRjrUHldvpQ/hmERFjzIlVbQMCKjW2bPb77pGUOzOXIbSoaX5q
WWvHzRAElrcPYBnu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org