Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/aoruniDygnnvT_jN1ngEy8pyinU.roa
File: aoruniDygnnvT_jN1ngEy8pyinU.roa (raw, json)
Hash identifier: hlHmE+Bt4RNX3Rd0zfo6njsmfMh2i/2rswV0BVbf194=
Subject key identifier: 6A:8A:EE:9E:20:F2:82:79:EF:4F:F8:CD:D6:78:04:CB:CA:72:8A:75
Certificate issuer: /CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Certificate serial: 018A03E79B9836351E9E07E64971D7CA020E
Authority key identifier: 8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/aoruniDygnnvT_jN1ngEy8pyinU.roa
Signing time: Thu 17 Aug 2023 14:30:24 +0000
ROA not before: Thu 17 Aug 2023 14:30:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59877
IP address blocks: 185.61.176.0/22 maxlen: 24
185.160.52.0/22 maxlen: 24
193.39.0.0/22 maxlen: 24
31.223.190.0/24 maxlen: 24
2a02:7b20::/32 maxlen: 32
2a03:9260::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:e7:9b:98:36:35:1e:9e:07:e6:49:71:d7:ca:02:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Validity
Not Before: Aug 17 14:30:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a8aee9e20f28279ef4ff8cdd67804cbca728a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:17:56:f8:db:0f:82:ac:c2:e2:91:26:6a:
bc:eb:6c:bf:17:87:39:d0:98:20:a2:1c:24:e2:ad:
77:0c:e5:06:86:c7:01:2e:40:1a:a2:42:45:cc:da:
88:32:9f:de:d2:ea:ee:e9:ea:68:17:14:31:15:be:
be:72:6f:fc:9f:af:4c:5b:82:e5:7c:ce:c6:ea:95:
2f:b4:38:91:28:8c:eb:c1:5e:12:f0:0c:d0:8e:58:
83:24:d3:83:0c:bb:33:1b:8f:36:f1:8c:d7:1d:7f:
3c:00:14:33:02:75:ef:ae:23:d1:99:82:dd:d9:ad:
35:a7:6c:27:3e:3f:ea:7f:dc:92:1f:b3:e9:62:d4:
ae:8a:2c:bd:24:b6:57:45:b6:23:b2:36:35:5e:20:
96:30:c0:5d:92:f5:f2:9a:3b:4e:75:19:58:89:c0:
40:eb:c4:06:da:13:e1:fc:bc:86:d7:b2:25:43:24:
df:99:07:e6:d6:21:08:52:e7:be:d0:f8:ce:08:09:
31:c8:34:cf:26:b8:2f:c8:cd:61:ab:a9:f7:7e:0a:
60:92:c8:6c:35:24:ca:53:8a:25:53:9b:d4:33:bc:
6b:63:0c:d6:9a:6a:8b:ba:63:86:9e:32:b7:a5:aa:
b6:f8:66:ba:04:72:72:f0:1a:3b:40:c6:d8:c5:e2:
c7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8A:EE:9E:20:F2:82:79:EF:4F:F8:CD:D6:78:04:CB:CA:72:8A:75
X509v3 Authority Key Identifier:
keyid:8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/aoruniDygnnvT_jN1ngEy8pyinU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.190.0/24
185.61.176.0/22
185.160.52.0/22
193.39.0.0/22
IPv6:
2a02:7b20::/32
2a03:9260::/32
Signature Algorithm: sha256WithRSAEncryption
44:c8:be:53:72:cc:94:d4:4b:39:66:0d:3b:0c:6b:d0:ed:29:
da:c7:6b:12:cf:cf:4d:a1:9f:b8:1b:83:49:d3:c8:7e:e5:95:
f2:a4:52:4c:46:dd:19:35:c9:06:4a:3a:1e:b6:26:06:4a:b9:
64:62:29:8b:e8:b4:de:46:92:bd:35:11:07:2b:00:21:8a:52:
fd:88:f4:15:8a:e9:3b:81:66:6b:d7:89:f9:7f:b5:5b:da:b3:
89:f3:a7:78:c8:28:4f:ce:38:9f:db:16:74:0b:9a:59:d3:e6:
46:47:40:8e:84:5e:52:4c:cd:72:50:14:15:4d:8a:4c:70:54:
b6:71:d3:fa:77:bf:26:89:6a:9b:3e:5a:bf:33:53:95:85:03:
f7:f3:e3:92:81:90:3b:27:8f:ae:58:a0:7f:53:e2:3f:d8:3f:
9e:f2:75:2e:3b:46:b3:84:37:65:e1:bc:65:a0:50:4c:2d:b4:
5e:46:58:8e:b0:85:48:40:f7:50:9d:b7:3c:ca:38:3f:9d:fd:
6d:c1:a6:98:41:f6:56:b5:28:12:36:c6:47:57:ab:ab:b6:a6:
7d:2a:cc:62:7b:4d:8f:9f:ff:25:5a:35:35:40:5b:86:e9:d9:
11:6e:68:13:40:dc:0a:e8:6c:52:37:4f:29:5f:39:02:a6:1c:
50:5a:a8:7d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYoD55uYNjUengfmSXHXygIOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzJhNmU1N2VjODFjYzVjYjQzYmI1MDM3NDliMzYwZjJi
MDVjM2IwHhcNMjMwODE3MTQzMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThhZWU5ZTIwZjI4Mjc5ZWY0ZmY4Y2RkNjc4MDRjYmNhNzI4YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoYXVvjbD4KswuKRJmq862y/F4c5
0Jggohwk4q13DOUGhscBLkAaokJFzNqIMp/e0uru6epoFxQxFb6+cm/8n69MW4Ll
fM7G6pUvtDiRKIzrwV4S8AzQjliDJNODDLszG4828YzXHX88ABQzAnXvriPRmYLd
2a01p2wnPj/qf9ySH7PpYtSuiiy9JLZXRbYjsjY1XiCWMMBdkvXymjtOdRlYicBA
68QG2hPh/LyG17IlQyTfmQfm1iEIUue+0PjOCAkxyDTPJrgvyM1hq6n3fgpgkshs
NSTKU4olU5vUM7xrYwzWmmqLumOGnjK3paq2+Ga6BHJy8Bo7QMbYxeLHbQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGqK7p4g8oJ570/4zdZ4BMvKcop1MB8GA1UdIwQY
MBaAFIwypuV+yBzFy0O7UDdJs2DysFw7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2Et
Yzc0M2Q3YzBiYjIyLzEvYW9ydW5pRHlnbm52VF9qTjFuZ0V5OHB5aW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2EtYzc0M2Q3YzBiYjIy
LzEvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAH9++AwQC
uT2wAwQCuaA0AwQCwScAMBQEAgACMA4DBQAqAnsgAwUAKgOSYDANBgkqhkiG9w0B
AQsFAAOCAQEARMi+U3LMlNRLOWYNOwxr0O0p2sdrEs/PTaGfuBuDSdPIfuWV8qRS
TEbdGTXJBko6HrYmBkq5ZGIpi+i03kaSvTURBysAIYpS/Yj0FYrpO4Fma9eJ+X+1
W9qzifOneMgoT844n9sWdAuaWdPmRkdAjoReUkzNclAUFU2KTHBUtnHT+ne/Jolq
mz5avzNTlYUD9/PjkoGQOyePrligf1PiP9g/nvJ1LjtGs4Q3ZeG8ZaBQTC20XkZY
jrCFSED3UJ23PMo4P539bcGmmEH2VrUoEjbGR1erq7amfSrMYntNj5//JVo1NUBb
hunZEW5oE0DcCuhsUjdPKV85AqYcUFqofQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:04 2024 by rpki-client on console-fra.rpki-client.org