Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/dyEFoU0ZHzB0yevmpqOr_ulp8wA.roa
File: dyEFoU0ZHzB0yevmpqOr_ulp8wA.roa (raw, json)
Hash identifier: 9D9CHIpkAVfQXhjfqBmIWaOJi20ULouDMffZgCTpqvQ=
Subject key identifier: 77:21:05:A1:4D:19:1F:30:74:C9:EB:E6:A6:A3:AB:FE:E9:69:F3:00
Certificate issuer: /CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Certificate serial: 018A2C299E83B47EC9D92B4643E31221BFFE
Authority key identifier: FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/dyEFoU0ZHzB0yevmpqOr_ulp8wA.roa
Signing time: Fri 25 Aug 2023 10:07:19 +0000
ROA not before: Fri 25 Aug 2023 10:07:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9137
IP address blocks: 213.204.0.0/19 maxlen: 19
204.14.244.0/22 maxlen: 22
185.82.56.0/22 maxlen: 22
2a02:5640::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2c:29:9e:83:b4:7e:c9:d9:2b:46:43:e3:12:21:bf:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef329360c1b6fcafbf5253a657e3e9d7f224f7e
Validity
Not Before: Aug 25 10:07:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=772105a14d191f3074c9ebe6a6a3abfee969f300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b0:3b:34:08:28:4e:6a:aa:01:2c:a8:bf:52:
e4:99:4a:32:2a:ff:96:e6:aa:4a:f5:10:a3:ad:b2:
52:8a:6b:2c:7a:60:3a:80:0e:24:e9:c7:8e:83:fc:
30:c9:20:14:f4:b8:a8:5c:d5:62:35:d4:36:88:91:
f1:53:90:b2:8c:8b:aa:9c:55:7a:91:a2:88:bb:5c:
99:7c:3e:4b:94:ed:da:fc:c3:69:2f:7e:b2:46:da:
0c:c8:51:dd:2a:99:a1:2a:cf:73:44:dd:09:d9:4e:
78:f5:1e:84:d3:a7:45:b2:92:c9:b5:44:c6:42:b4:
4d:ef:05:7c:cf:a7:0a:43:ca:ab:55:fe:9a:f4:a4:
8e:7e:49:1d:6b:89:63:6f:be:31:01:ca:20:6f:5a:
67:be:8f:2b:8a:35:cf:e4:32:4f:f9:27:f6:ee:6f:
62:47:da:0c:8f:c3:2e:4c:d1:ee:23:04:4f:83:28:
e4:76:a5:28:75:57:22:83:fa:77:3b:06:fa:2a:79:
d7:05:98:1f:29:13:e5:c0:df:84:a8:3c:7b:93:9a:
d4:50:fe:37:d5:8f:82:21:0d:00:a0:b7:71:06:f5:
4f:5a:70:b5:4e:be:2f:de:5d:6f:07:5e:54:09:ce:
31:89:aa:d8:f9:8d:d9:b4:5b:a7:39:4c:5f:ad:01:
4a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:21:05:A1:4D:19:1F:30:74:C9:EB:E6:A6:A3:AB:FE:E9:69:F3:00
X509v3 Authority Key Identifier:
keyid:FE:F3:29:36:0C:1B:6F:CA:FB:F5:25:3A:65:7E:3E:9D:7F:22:4F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vMpNgwbb8r79SU6ZX4-nX8iT34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/dyEFoU0ZHzB0yevmpqOr_ulp8wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce96f4-d85c-4fc5-9e98-500b8834289e/1/_vMpNgwbb8r79SU6ZX4-nX8iT34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.56.0/22
204.14.244.0/22
213.204.0.0/19
IPv6:
2a02:5640::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b1:f9:e9:6e:01:dd:6e:7d:6c:ad:0d:47:da:1e:c1:5b:1b:
ad:a8:1e:af:91:7c:32:10:57:93:be:c2:05:7c:1c:fd:50:3a:
13:6a:a6:62:12:5e:0e:a2:68:2f:69:6d:d4:74:c0:79:09:46:
9e:ef:ea:d2:07:28:f1:6e:25:b7:75:5e:73:d7:53:9a:ce:65:
59:7a:cf:87:e7:5e:39:9b:e2:5b:be:7a:5b:48:b6:a5:49:f5:
d0:9c:e5:87:70:81:39:0c:26:85:72:e2:07:ea:39:0e:0c:0a:
ef:ed:32:ea:65:28:ba:c4:f7:df:a0:bc:06:18:9f:6b:ba:c1:
3a:cb:fa:58:79:e7:01:b4:e6:5f:b2:94:f3:f2:8c:b9:12:41:
c3:fd:85:43:12:8d:18:fe:0b:22:a7:41:34:90:00:d8:ad:7f:
d1:66:af:e4:68:bc:1b:e2:b2:40:40:01:01:51:8e:16:42:dc:
ff:8a:41:e0:23:f9:43:98:6e:ce:22:c2:34:46:11:e5:86:92:
d5:c1:bf:eb:38:c0:b0:87:a6:eb:c4:fd:e0:3d:d8:81:42:8c:
72:ab:06:0f:65:62:9f:1e:b8:6e:2c:b3:de:3c:fd:94:98:bb:
ed:63:b2:98:7f:b6:09:8e:f3:7c:aa:c8:35:82:9c:d7:dc:3d:
20:c9:bc:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYosKZ6DtH7J2StGQ+MSIb/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjMyOTM2MGMxYjZmY2FmYmY1MjUzYTY1N2UzZTlkN2Yy
MjRmN2UwHhcNMjMwODI1MTAwNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIxMDVhMTRkMTkxZjMwNzRjOWViZTZhNmEzYWJmZWU5NjlmMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrA7NAgoTmqqASyov1LkmUoyKv+W
5qpK9RCjrbJSimssemA6gA4k6ceOg/wwySAU9LioXNViNdQ2iJHxU5CyjIuqnFV6
kaKIu1yZfD5LlO3a/MNpL36yRtoMyFHdKpmhKs9zRN0J2U549R6E06dFspLJtUTG
QrRN7wV8z6cKQ8qrVf6a9KSOfkkda4ljb74xAcogb1pnvo8rijXP5DJP+Sf27m9i
R9oMj8MuTNHuIwRPgyjkdqUodVcig/p3Owb6KnnXBZgfKRPlwN+EqDx7k5rUUP43
1Y+CIQ0AoLdxBvVPWnC1Tr4v3l1vB15UCc4xiarY+Y3ZtFunOUxfrQFKbwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHchBaFNGR8wdMnr5qajq/7pafMAMB8GA1UdIwQY
MBaAFP7zKTYMG2/K+/UlOmV+Pp1/Ik9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgt
NTAwYjg4MzQyODllLzEvZHlFRm9VMFpIekIweWV2bXBxT3JfdWxwOHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTk2ZjQtZDg1Yy00ZmM1LTllOTgtNTAwYjg4MzQyODll
LzEvX3ZNcE5nd2JiOHI3OVNVNlpYNC1uWDhpVDM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVI4AwQC
zA70AwQF1cwAMA0EAgACMAcDBQMqAlZAMA0GCSqGSIb3DQEBCwUAA4IBAQBbsfnp
bgHdbn1srQ1H2h7BWxutqB6vkXwyEFeTvsIFfBz9UDoTaqZiEl4OomgvaW3UdMB5
CUae7+rSByjxbiW3dV5z11OazmVZes+H5145m+JbvnpbSLalSfXQnOWHcIE5DCaF
cuIH6jkODArv7TLqZSi6xPffoLwGGJ9rusE6y/pYeecBtOZfspTz8oy5EkHD/YVD
Eo0Y/gsip0E0kADYrX/RZq/kaLwb4rJAQAEBUY4WQtz/ikHgI/lDmG7OIsI0RhHl
hpLVwb/rOMCwh6brxP3gPdiBQoxyqwYPZWKfHrhuLLPePP2UmLvtY7KYf7YJjvN8
qsg1gpzX3D0gybzy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:41 2024 by rpki-client on console-fra.rpki-client.org