Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/4R4cTOtsfBQ_YnFSicnwLOXsXdg.roa
File: 4R4cTOtsfBQ_YnFSicnwLOXsXdg.roa (raw, json)
Hash identifier: 9W6RixU9rjoziRPOVOE/CKEI5OEfsLlRJgxzB1k1fV8=
Subject key identifier: E1:1E:1C:4C:EB:6C:7C:14:3F:62:71:52:89:C9:F0:2C:E5:EC:5D:D8
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 018DD4CF3E6562B6BFBCAABBFC9219E5E6C6
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/4R4cTOtsfBQ_YnFSicnwLOXsXdg.roa
Signing time: Fri 23 Feb 2024 07:12:48 +0000
ROA not before: Fri 23 Feb 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.222.204.0/22 maxlen: 24
37.148.218.0/23 maxlen: 24
185.11.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Apr 2024 06:08:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:cf:3e:65:62:b6:bf:bc:aa:bb:fc:92:19:e5:e6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Feb 23 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e11e1c4ceb6c7c143f62715289c9f02ce5ec5dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:70:6b:35:55:b4:ac:e4:ea:85:b7:70:53:42:
7e:c8:04:fe:cd:f6:17:c8:bd:d1:2e:80:94:8a:7a:
63:2f:6a:9a:89:02:6a:4e:f1:c8:fc:47:3d:50:f2:
48:5d:1b:51:2a:24:d9:94:4e:ab:c1:69:82:ee:48:
fc:1f:f1:5f:a1:dc:a0:4c:8c:c3:a9:c0:d8:89:b2:
b0:f3:ab:5a:c9:34:51:ca:54:04:4a:92:f1:49:f4:
bf:7f:1d:89:d5:61:ff:4e:b8:5a:be:fb:48:f7:31:
c1:02:d3:a0:3a:2c:dc:9c:68:a0:e5:78:cc:cc:60:
cb:8c:da:a3:07:3d:d0:fd:c0:81:62:67:45:ca:6a:
fc:26:1e:dd:07:58:0f:94:dd:e7:33:8c:40:ed:c8:
49:26:ed:ee:cf:9b:91:5f:92:ab:18:e3:81:3b:cb:
88:a8:82:52:6c:5e:17:cc:a2:e5:75:d1:55:08:c1:
30:bb:c5:d5:c5:2f:61:b7:67:54:b1:71:6a:df:52:
6e:22:d6:d7:eb:26:f2:df:43:b1:af:d6:ab:46:f4:
35:07:b7:7a:e0:87:4c:ab:25:e9:ae:b4:01:9c:93:
5c:60:76:b7:cc:d6:c9:ff:08:75:6c:de:29:65:b8:
47:ef:72:f3:00:32:68:cc:05:04:38:98:08:60:92:
a3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1E:1C:4C:EB:6C:7C:14:3F:62:71:52:89:C9:F0:2C:E5:EC:5D:D8
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/4R4cTOtsfBQ_YnFSicnwLOXsXdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.204.0/22
37.148.218.0/23
185.11.142.0/23
Signature Algorithm: sha256WithRSAEncryption
31:a6:fa:f8:3d:c6:fa:9a:70:2b:13:73:93:11:7b:59:00:6a:
3d:bd:fd:66:bb:c7:31:17:1b:a5:27:f7:19:eb:ed:8f:91:a4:
e8:cb:34:0a:0a:9e:16:90:71:d8:f9:71:c1:c6:31:83:cb:71:
cb:62:ed:b6:2e:16:8e:86:11:c6:ab:7f:1f:32:3f:51:13:f4:
fd:59:8b:07:fa:9d:b1:4b:e2:d7:74:05:4b:2c:8e:08:84:e7:
eb:2d:56:a8:cc:a2:cb:27:3a:de:2f:2f:a7:50:b9:fd:b1:00:
41:06:4f:b1:e4:ce:34:66:57:a6:8f:c3:c2:49:ea:da:03:48:
d1:13:a9:be:5f:cc:dd:43:c4:e7:19:9f:6a:b6:89:fe:91:e6:
be:7d:06:5d:d6:0d:84:c5:0a:c6:5f:d1:03:cf:8a:9e:f2:6f:
16:14:57:fe:0e:fc:0e:26:c5:9c:74:b0:52:b3:cd:6b:84:d8:
a3:d3:da:40:30:7d:42:4a:d8:1f:58:91:9a:6f:ba:69:78:69:
49:d6:17:68:8f:09:be:86:4f:2a:e0:0a:af:49:7e:0b:9f:e2:
0f:6e:f2:70:8f:f6:72:db:e8:a1:63:bd:74:95:4b:98:b2:e0:
b9:1e:e7:fa:2d:fa:25:b7:31:3d:33:8b:b7:87:35:66:bd:3a:
32:37:20:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3Uzz5lYra/vKq7/JIZ5ebGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjQwMjIzMDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTFlMWM0Y2ViNmM3YzE0M2Y2MjcxNTI4OWM5ZjAyY2U1ZWM1ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3BrNVW0rOTqhbdwU0J+yAT+zfYX
yL3RLoCUinpjL2qaiQJqTvHI/Ec9UPJIXRtRKiTZlE6rwWmC7kj8H/FfodygTIzD
qcDYibKw86tayTRRylQESpLxSfS/fx2J1WH/TrhavvtI9zHBAtOgOizcnGig5XjM
zGDLjNqjBz3Q/cCBYmdFymr8Jh7dB1gPlN3nM4xA7chJJu3uz5uRX5KrGOOBO8uI
qIJSbF4XzKLlddFVCMEwu8XVxS9ht2dUsXFq31JuItbX6yby30Oxr9arRvQ1B7d6
4IdMqyXprrQBnJNcYHa3zNbJ/wh1bN4pZbhH73LzADJozAUEOJgIYJKjOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOEeHEzrbHwUP2JxUonJ8Czl7F3YMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvNFI0Y1RPdHNmQlFfWW5GU2ljbndMT1hzWGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH97MAwQB
JZTaAwQBuQuOMA0GCSqGSIb3DQEBCwUAA4IBAQAxpvr4Pcb6mnArE3OTEXtZAGo9
vf1mu8cxFxulJ/cZ6+2PkaToyzQKCp4WkHHY+XHBxjGDy3HLYu22LhaOhhHGq38f
Mj9RE/T9WYsH+p2xS+LXdAVLLI4IhOfrLVaozKLLJzreLy+nULn9sQBBBk+x5M40
Zlemj8PCSeraA0jRE6m+X8zdQ8TnGZ9qton+kea+fQZd1g2ExQrGX9EDz4qe8m8W
FFf+DvwOJsWcdLBSs81rhNij09pAMH1CStgfWJGab7ppeGlJ1hdojwm+hk8q4Aqv
SX4Ln+IPbvJwj/Zy2+ihY710lUuYsuC5Huf6LfoltzE9M4u3hzVmvToyNyCD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:08 2024 by rpki-client on console-fra.rpki-client.org