Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa
File: Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa (raw, json)
Hash identifier: 7r7C1FVCH+ztu3fSkHW6bgTafJcG0eI5mtYmCid6H4A=
Subject key identifier: 0A:BE:67:2C:FD:00:EA:D0:BF:2F:8A:D7:15:C2:9F:AE:2D:88:F4:65
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 01857030722D6F8EB66BB03011D1E9954292
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa
Signing time: Mon 02 Jan 2023 01:55:01 +0000
ROA not before: Mon 02 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205285
IP address blocks: 31.46.29.0/24 maxlen: 24
78.92.232.0/23 maxlen: 23
84.2.63.0/24 maxlen: 24
84.1.114.0/24 maxlen: 24
84.1.116.0/24 maxlen: 24
84.1.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:72:2d:6f:8e:b6:6b:b0:30:11:d1:e9:95:42:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0abe672cfd00ead0bf2f8ad715c29fae2d88f465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:8e:43:de:b8:0a:3c:df:02:89:f2:26:c9:
a6:e8:4d:5d:37:42:19:44:0f:9e:51:a6:85:60:0b:
28:67:1a:a4:75:cb:3b:1a:14:91:02:e5:2b:42:23:
25:2a:0d:b9:49:1a:f8:09:7f:ff:3d:e9:ca:7f:9d:
68:0f:e4:91:c6:46:60:6a:b7:ee:65:67:15:9d:7a:
bb:15:0b:50:88:d5:a6:2c:81:ca:99:c7:b1:d0:ed:
f8:0d:8c:12:a9:79:42:4b:88:85:4f:b1:b4:59:84:
48:ec:63:b7:da:ef:43:fe:51:1d:33:fa:15:33:0e:
b4:1c:66:a9:6a:5c:77:78:f3:f8:37:30:4a:43:ef:
d9:60:5f:0d:41:5a:9c:ce:bb:29:c3:89:56:92:ff:
a7:ea:c4:e7:45:ac:45:03:2a:4a:02:52:88:45:44:
c2:3c:aa:dc:3c:13:47:3f:1d:c8:d4:54:9c:fa:66:
60:03:75:c4:74:aa:4d:77:69:5b:a8:92:f0:2c:a1:
d9:42:80:75:20:de:69:d7:2b:95:ad:d1:8b:cb:5d:
40:ae:15:1c:9d:2b:c2:ca:74:a7:56:96:5c:ff:3f:
da:85:73:36:d7:aa:49:8c:e6:ab:3d:10:d5:5b:f5:
8e:7c:fa:f5:f5:a3:42:49:d3:96:16:64:f8:a9:b6:
47:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:BE:67:2C:FD:00:EA:D0:BF:2F:8A:D7:15:C2:9F:AE:2D:88:F4:65
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/Cr5nLP0A6tC_L4rXFcKfri2I9GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.46.29.0/24
78.92.232.0/23
84.1.114.0-84.1.116.255
84.2.63.0/24
Signature Algorithm: sha256WithRSAEncryption
51:57:17:e4:88:7e:a9:b5:1c:df:a5:67:33:cc:b5:f6:c0:4d:
ed:ea:dc:d2:c7:0b:72:c8:40:4b:2a:ca:dc:a3:c8:f5:27:62:
4b:21:2c:97:cb:a7:54:0e:81:e1:a2:40:a0:74:b3:02:ce:93:
f2:a7:90:7d:be:4c:97:49:6d:3f:b7:7f:9c:1e:df:27:58:bc:
d8:5e:95:5b:de:4a:e3:7d:05:14:31:93:71:85:3e:99:b0:e1:
84:bd:af:1f:13:02:c3:8b:ff:75:61:b7:80:f2:ec:d3:d1:da:
d2:0d:a9:10:e2:dc:35:40:ce:74:a1:04:b2:4b:72:80:5b:1d:
56:a2:5d:cd:30:5f:47:ef:1b:76:89:fb:07:21:9c:31:71:4e:
57:4c:04:6b:ca:8a:26:1c:f2:7b:1b:08:88:40:68:10:72:59:
40:e6:8a:68:3a:f0:d7:7b:d0:b8:13:ef:2d:70:9f:23:c5:92:
af:b5:28:a1:dd:34:ed:10:ac:56:de:fb:5e:15:3c:6f:d1:24:
df:24:ff:04:52:d5:a5:10:9f:11:23:e8:57:06:8d:85:b1:d2:
53:24:1b:18:c2:8b:54:87:79:6d:b9:d7:0f:5b:24:ae:cc:f2:
de:7e:d7:17:74:e2:92:d9:17:a7:60:51:96:de:f8:b2:fd:dc:
fc:09:0e:2e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVwMHItb462a7AwEdHplUKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWJlNjcyY2ZkMDBlYWQwYmYyZjhhZDcxNWMyOWZhZTJkODhmNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPaOQ964CjzfAonyJsmm6E1dN0IZ
RA+eUaaFYAsoZxqkdcs7GhSRAuUrQiMlKg25SRr4CX//PenKf51oD+SRxkZgarfu
ZWcVnXq7FQtQiNWmLIHKmcex0O34DYwSqXlCS4iFT7G0WYRI7GO32u9D/lEdM/oV
Mw60HGapalx3ePP4NzBKQ+/ZYF8NQVqczrspw4lWkv+n6sTnRaxFAypKAlKIRUTC
PKrcPBNHPx3I1FSc+mZgA3XEdKpNd2lbqJLwLKHZQoB1IN5p1yuVrdGLy11ArhUc
nSvCynSnVpZc/z/ahXM216pJjOarPRDVW/WOfPr19aNCSdOWFmT4qbZHewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAq+Zyz9AOrQvy+K1xXCn64tiPRlMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvQ3I1bkxQMEE2dENfTDRyWEZjS2ZyaTJJOUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHy4dAwQB
TlzoMAwDBAFUAXIDBABUAXQDBABUAj8wDQYJKoZIhvcNAQELBQADggEBAFFXF+SI
fqm1HN+lZzPMtfbATe3q3NLHC3LIQEsqytyjyPUnYkshLJfLp1QOgeGiQKB0swLO
k/KnkH2+TJdJbT+3f5we3ydYvNhelVveSuN9BRQxk3GFPpmw4YS9rx8TAsOL/3Vh
t4Dy7NPR2tINqRDi3DVAznShBLJLcoBbHVaiXc0wX0fvG3aJ+wchnDFxTldMBGvK
iiYc8nsbCIhAaBByWUDmimg68Nd70LgT7y1wnyPFkq+1KKHdNO0QrFbe+14VPG/R
JN8k/wRS1aUQnxEj6FcGjYWx0lMkGxjCi1SHeW251w9bJK7M8t5+1xd04pLZF6dg
UZbe+LL93PwJDi4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:51 2024 by rpki-client on console-ams.rpki-client.org