Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/36jdMrpP2D0V-iZNPJOPTBP1gFs.roa
File: 36jdMrpP2D0V-iZNPJOPTBP1gFs.roa (raw, json)
Hash identifier: DJETuqTM1EtNy08A1r5lFUiYOzYoWLBn3u09/i/mOfs=
Subject key identifier: DF:A8:DD:32:BA:4F:D8:3D:15:FA:26:4D:3C:93:8F:4C:13:F5:80:5B
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0185ED5C63C73186AA9F8F4911BC20212875
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/36jdMrpP2D0V-iZNPJOPTBP1gFs.roa
Signing time: Thu 26 Jan 2023 09:15:33 +0000
ROA not before: Thu 26 Jan 2023 09:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5398
IP address blocks: 31.44.32.0/20 maxlen: 20
193.221.216.0/23 maxlen: 23
31.44.46.0/23 maxlen: 23
46.21.16.0/23 maxlen: 23
46.21.18.0/23 maxlen: 23
46.21.29.0/24 maxlen: 24
46.21.31.0/24 maxlen: 24
193.222.104.0/23 maxlen: 23
185.155.176.0/22 maxlen: 22
185.155.184.0/23 maxlen: 23
77.220.64.0/19 maxlen: 19
2a00:bd00::/32 maxlen: 32
2a0f:e880::/29 maxlen: 29
2a02:210::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:5c:63:c7:31:86:aa:9f:8f:49:11:bc:20:21:28:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Jan 26 09:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfa8dd32ba4fd83d15fa264d3c938f4c13f5805b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:30:3c:4c:a3:fe:c4:34:82:3d:78:61:48:5a:
22:30:10:35:41:11:76:20:42:ec:49:17:e5:55:96:
a7:e0:f0:4d:39:bf:43:d1:98:21:bc:30:6b:0b:6a:
74:19:34:b5:a6:16:6b:18:e9:60:8e:2a:6d:cf:4f:
fa:0d:f3:74:a0:e3:d5:53:3e:99:5e:7f:e5:b5:34:
5e:0e:19:9a:24:e0:a2:dc:58:1e:8f:4f:47:83:7a:
66:40:c6:bb:23:05:d9:4f:a6:c3:04:60:33:3b:1d:
7f:56:ed:46:92:6d:3f:55:40:6d:d6:89:8c:e2:99:
83:ae:01:3f:7c:f0:fb:e9:7a:a6:3e:83:38:13:4a:
0c:fa:25:fa:cf:0e:9d:f7:f6:71:41:bc:f9:c1:2f:
b9:a2:a4:47:58:c5:9b:f9:19:d4:be:83:d9:db:10:
86:96:22:ca:a0:2a:55:5f:7e:7f:7c:4a:71:b0:1d:
58:11:95:03:25:4d:de:93:43:28:5a:9f:2a:21:89:
95:e2:03:a1:3c:22:a1:ec:d1:2c:69:64:b7:f0:43:
8b:13:13:da:2e:f4:8f:90:49:9b:ee:50:48:ce:55:
86:a3:ca:ec:ff:11:55:24:50:56:6b:f4:0a:0a:6d:
a6:f5:5e:de:2e:cc:8a:b7:60:aa:b3:55:8d:75:1b:
9b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A8:DD:32:BA:4F:D8:3D:15:FA:26:4D:3C:93:8F:4C:13:F5:80:5B
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/36jdMrpP2D0V-iZNPJOPTBP1gFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.32.0/20
46.21.16.0/22
46.21.29.0/24
46.21.31.0/24
77.220.64.0/19
185.155.176.0/22
185.155.184.0/23
193.221.216.0/23
193.222.104.0/23
IPv6:
2a00:bd00::/32
2a02:210::/32
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
57:90:4f:28:0d:0c:62:1f:67:88:28:98:25:28:58:29:91:c7:
34:40:cf:e5:32:60:37:a4:c2:4e:bc:07:77:4a:cd:ba:62:fa:
e5:65:15:6e:c4:56:3b:c3:fa:60:90:9e:2e:5c:1c:95:ef:bb:
7c:cc:64:03:92:b9:9c:a9:58:99:45:19:42:5c:01:ab:94:5c:
be:dd:42:54:be:03:43:ac:fd:cd:51:b6:8d:cc:1d:d6:fd:ed:
de:85:37:1c:5b:53:06:1c:1b:bd:24:dc:c8:3f:66:9d:7b:9a:
d6:bf:b9:e1:72:75:04:ca:45:89:7f:36:e1:f2:f7:ae:15:27:
d0:c5:87:bb:2c:8e:16:8b:84:b1:06:cd:80:15:8c:ae:9f:f0:
92:16:e7:30:73:07:9e:2b:42:af:61:a8:df:82:8e:93:81:2b:
c1:0e:16:e9:d9:a4:82:7d:f6:1b:cb:1f:67:05:b8:64:01:f9:
cf:da:3f:42:a5:6b:11:1b:d3:6f:52:ea:6d:d2:17:01:bd:c4:
16:ff:d2:b8:76:ac:c0:61:1e:82:f8:0a:32:7f:30:a4:29:a1:
4e:22:b9:0a:01:b1:ba:6d:63:36:71:78:db:5b:6d:e9:8f:03:
10:ef:9b:c1:8b:99:fe:f7:b9:f1:a9:67:77:11:5e:e2:f5:92:
d2:0e:03:74
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYXtXGPHMYaqn49JEbwgISh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjMwMTI2MDkxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmE4ZGQzMmJhNGZkODNkMTVmYTI2NGQzYzkzOGY0YzEzZjU4MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozA8TKP+xDSCPXhhSFoiMBA1QRF2
IELsSRflVZan4PBNOb9D0ZghvDBrC2p0GTS1phZrGOlgjiptz0/6DfN0oOPVUz6Z
Xn/ltTReDhmaJOCi3Fgej09Hg3pmQMa7IwXZT6bDBGAzOx1/Vu1Gkm0/VUBt1omM
4pmDrgE/fPD76XqmPoM4E0oM+iX6zw6d9/ZxQbz5wS+5oqRHWMWb+RnUvoPZ2xCG
liLKoCpVX35/fEpxsB1YEZUDJU3ek0MoWp8qIYmV4gOhPCKh7NEsaWS38EOLExPa
LvSPkEmb7lBIzlWGo8rs/xFVJFBWa/QKCm2m9V7eLsyKt2Cqs1WNdRubawIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFN+o3TK6T9g9FfomTTyTj0wT9YBbMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvMzZqZE1ycFAyRDBWLWlaTlBKT1BUQlAxZ0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEHywgAwQC
LhUQAwQALhUdAwQALhUfAwQFTdxAAwQCuZuwAwQBuZu4AwQBwd3YAwQBwd5oMBsE
AgACMBUDBQAqAL0AAwUAKgICEAMFAyoP6IAwDQYJKoZIhvcNAQELBQADggEBAFeQ
TygNDGIfZ4gomCUoWCmRxzRAz+UyYDekwk68B3dKzbpi+uVlFW7EVjvD+mCQni5c
HJXvu3zMZAOSuZypWJlFGUJcAauUXL7dQlS+A0Os/c1Rto3MHdb97d6FNxxbUwYc
G70k3Mg/Zp17mta/ueFydQTKRYl/NuHy964VJ9DFh7ssjhaLhLEGzYAVjK6f8JIW
5zBzB54rQq9hqN+CjpOBK8EOFunZpIJ99hvLH2cFuGQB+c/aP0KlaxEb029S6m3S
FwG9xBb/0rh2rMBhHoL4CjJ/MKQpoU4iuQoBsbptYzZxeNtbbemPAxDvm8GLmf73
ufGpZ3cRXuL1ktIOA3Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:58 2023 by rpki-client on console-fra.rpki-client.org