Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/kv1Eyv-P9OVgrOjKV3g_GFFh1cw.roa
File: kv1Eyv-P9OVgrOjKV3g_GFFh1cw.roa (raw, json)
Hash identifier: WMid+RDAnNTi9NA08/91qEkBwyDrMcm+6cliqHhAhdA=
Subject key identifier: 92:FD:44:CA:FF:8F:F4:E5:60:AC:E8:CA:57:78:3F:18:51:61:D5:CC
Certificate issuer: /CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Certificate serial: 018D63E6FB5A1268F0991FFB2BC8609E4538
Authority key identifier: C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/kv1Eyv-P9OVgrOjKV3g_GFFh1cw.roa
Signing time: Thu 01 Feb 2024 09:01:38 +0000
ROA not before: Thu 01 Feb 2024 09:01:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51683
IP address blocks: 31.40.241.0/24 maxlen: 24
31.40.243.0/24 maxlen: 24
185.115.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 11:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:63:e6:fb:5a:12:68:f0:99:1f:fb:2b:c8:60:9e:45:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c39bc30a748960b227a1bf26216067edd05c1a7d
Validity
Not Before: Feb 1 09:01:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92fd44caff8ff4e560ace8ca57783f185161d5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:44:f4:35:4b:74:d5:2e:50:bb:09:a8:44:0e:
40:86:f2:26:3b:13:42:df:74:8a:b1:f1:e0:8b:c9:
23:67:3b:d0:60:06:3b:29:49:7b:c4:7b:ab:06:67:
99:29:14:6c:83:dc:fa:f2:a1:78:ea:8f:43:6e:d8:
62:ca:ba:b9:d9:79:8e:42:2e:0b:20:7c:c9:1f:e7:
92:98:5f:df:04:ba:92:a6:8f:69:19:6e:6b:dc:d8:
57:47:ce:c3:db:4d:9a:e4:59:66:2a:f5:c4:b5:b8:
44:cf:27:0a:94:c8:c9:ea:f7:fb:64:84:36:56:fb:
47:b1:66:d0:c4:1f:44:f5:21:aa:2d:99:d2:d5:f4:
b9:a3:0b:71:f3:5d:7b:d8:32:ed:98:52:69:d7:a4:
ae:93:79:48:ce:5c:29:6a:ab:9e:49:3e:02:5c:b4:
06:02:ce:e4:1d:77:fd:3a:8d:77:4f:d0:27:c6:8b:
ba:59:f7:3d:27:66:41:1d:89:06:37:67:e6:a0:32:
1e:13:1b:68:ac:22:3d:d4:91:67:e4:11:63:58:b1:
e3:14:8a:1f:0a:fc:64:27:81:04:45:88:f7:72:94:
f6:09:1e:35:39:02:9d:0f:85:ee:d1:c9:0b:f4:47:
34:80:fe:47:55:2a:b0:6a:f8:95:83:a0:e6:92:25:
f9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FD:44:CA:FF:8F:F4:E5:60:AC:E8:CA:57:78:3F:18:51:61:D5:CC
X509v3 Authority Key Identifier:
keyid:C3:9B:C3:0A:74:89:60:B2:27:A1:BF:26:21:60:67:ED:D0:5C:1A:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5vDCnSJYLInob8mIWBn7dBcGn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/kv1Eyv-P9OVgrOjKV3g_GFFh1cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/499c41-945e-4da3-a498-9209f7b7ef81/1/w5vDCnSJYLInob8mIWBn7dBcGn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.241.0/24
31.40.243.0/24
185.115.209.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5c:2e:17:3b:c6:50:9f:70:74:e8:d8:2f:1a:0f:89:76:6e:
07:e8:0c:99:e0:e4:07:90:93:60:9a:ad:54:67:de:e1:36:37:
66:e1:3f:b5:8d:42:3b:19:3c:9b:38:c2:05:fa:b7:1a:0e:bc:
98:38:d5:57:d7:9e:86:66:4f:43:d4:90:f6:8d:28:9b:6e:77:
c8:80:03:6d:1f:f4:8f:35:d3:fa:4b:d1:fb:e5:da:b5:b1:e2:
03:77:02:5a:05:7d:e6:d3:3f:5e:ff:e2:b5:fe:9b:97:4a:d3:
88:ff:a0:24:52:6d:29:18:c9:40:6e:a6:1a:35:01:89:49:64:
0f:8d:c1:9d:de:45:be:d2:c6:9d:f8:f7:80:31:03:46:14:2e:
37:c1:ef:6e:7b:a4:82:b1:2a:74:97:4e:49:cc:27:81:7a:fc:
c8:b0:31:f9:b9:40:fc:be:44:71:12:34:b7:42:52:0b:84:fe:
fe:a4:c0:98:d6:ab:76:bf:ef:4a:83:68:05:9c:f3:db:43:03:
08:55:7a:af:df:09:ca:b1:70:02:85:b7:39:ec:8e:5f:90:7a:
4c:de:fa:ec:87:c7:df:e5:b7:79:f4:eb:0a:39:d9:48:91:f6:
68:9c:6b:eb:76:f9:ce:8b:98:18:dc:a9:2f:70:d4:3c:0b:d9:
3a:19:71:74
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1j5vtaEmjwmR/7K8hgnkU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOWJjMzBhNzQ4OTYwYjIyN2ExYmYyNjIxNjA2N2VkZDA1
YzFhN2QwHhcNMjQwMjAxMDkwMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZkNDRjYWZmOGZmNGU1NjBhY2U4Y2E1Nzc4M2YxODUxNjFkNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqET0NUt01S5QuwmoRA5AhvImOxNC
33SKsfHgi8kjZzvQYAY7KUl7xHurBmeZKRRsg9z68qF46o9Dbthiyrq52XmOQi4L
IHzJH+eSmF/fBLqSpo9pGW5r3NhXR87D202a5FlmKvXEtbhEzycKlMjJ6vf7ZIQ2
VvtHsWbQxB9E9SGqLZnS1fS5owtx81172DLtmFJp16Suk3lIzlwpaqueST4CXLQG
As7kHXf9Oo13T9Anxou6Wfc9J2ZBHYkGN2fmoDIeExtorCI91JFn5BFjWLHjFIof
CvxkJ4EERYj3cpT2CR41OQKdD4Xu0ckL9Ec0gP5HVSqwaviVg6DmkiX5cwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJL9RMr/j/TlYKzoyld4PxhRYdXMMB8GA1UdIwQY
MBaAFMObwwp0iWCyJ6G/JiFgZ+3QXBp9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgt
OTIwOWY3YjdlZjgxLzEva3YxRXl2LVA5T1Znck9qS1YzZ19HRkZoMWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80OTljNDEtOTQ1ZS00ZGEzLWE0OTgtOTIwOWY3YjdlZjgx
LzEvdzV2RENuU0pZTElub2I4bUlXQm43ZEJjR24wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHyjxAwQA
HyjzAwQAuXPRMA0GCSqGSIb3DQEBCwUAA4IBAQAHXC4XO8ZQn3B06NgvGg+Jdm4H
6AyZ4OQHkJNgmq1UZ97hNjdm4T+1jUI7GTybOMIF+rcaDryYONVX156GZk9D1JD2
jSibbnfIgANtH/SPNdP6S9H75dq1seIDdwJaBX3m0z9e/+K1/puXStOI/6AkUm0p
GMlAbqYaNQGJSWQPjcGd3kW+0sad+PeAMQNGFC43we9ue6SCsSp0l05JzCeBevzI
sDH5uUD8vkRxEjS3QlILhP7+pMCY1qt2v+9Kg2gFnPPbQwMIVXqv3wnKsXAChbc5
7I5fkHpM3vrsh8ff5bd59OsKOdlIkfZonGvrdvnOi5gY3KkvcNQ8C9k6GXF0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org