Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/czKS2kbuWV-rdCBIkv8y7InmrGI.roa
File: czKS2kbuWV-rdCBIkv8y7InmrGI.roa (raw, json)
Hash identifier: YXuM8MHPL5UO67T82BquN26p1LahfmmwyZKM+cWj7AQ=
Subject key identifier: 73:32:92:DA:46:EE:59:5F:AB:74:20:48:92:FF:32:EC:89:E6:AC:62
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 01869BE20227FDF5D0F9403CC152AB15827B
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/czKS2kbuWV-rdCBIkv8y7InmrGI.roa
Signing time: Wed 01 Mar 2023 06:35:25 +0000
ROA not before: Wed 01 Mar 2023 06:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 31.222.204.0/22 maxlen: 24
185.11.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Jul 2023 07:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9b:e2:02:27:fd:f5:d0:f9:40:3c:c1:52:ab:15:82:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Mar 1 06:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=733292da46ee595fab74204892ff32ec89e6ac62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:46:3b:2e:83:e6:4a:c0:7e:ef:61:5a:11:df:
8d:49:71:aa:b0:3f:c5:c9:27:9b:09:79:99:4f:7e:
7a:f8:c9:c9:fd:6f:5b:23:5c:3c:65:8c:d8:2c:d1:
90:ba:21:c1:1b:b1:0e:04:b6:21:2b:6c:4b:2e:b4:
27:cf:3c:93:ae:6d:fa:c1:e7:a5:a4:24:e2:89:4f:
19:da:19:f9:bd:33:2b:54:ba:ce:72:35:5d:84:0b:
19:ba:01:f0:68:27:a5:9a:d0:99:5b:16:40:0f:94:
a6:45:d7:70:d7:b8:fb:40:17:ac:bc:59:03:98:a4:
85:90:aa:9a:bc:df:62:16:9b:d1:b7:51:1a:0a:4b:
f3:62:56:e1:16:1a:a5:e0:c9:1a:16:70:91:06:f6:
77:10:aa:ea:be:d6:c2:0f:30:2a:6d:0d:ed:82:9e:
2e:49:0d:e6:4b:40:ad:d6:e1:44:91:cd:97:48:9a:
a1:6b:f5:c3:b4:b6:3b:f2:1e:c3:71:ee:f3:52:8c:
a5:8f:1e:f4:f1:a6:ba:3b:0e:39:b2:a6:d5:00:71:
72:7e:82:aa:2b:66:86:a2:b5:24:be:95:e6:9e:2a:
81:01:f0:9f:1a:6d:4c:4a:b3:03:60:0a:57:b2:8c:
6f:0e:9f:ce:d5:53:bf:82:43:d7:f5:0c:c6:e5:6c:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:32:92:DA:46:EE:59:5F:AB:74:20:48:92:FF:32:EC:89:E6:AC:62
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/czKS2kbuWV-rdCBIkv8y7InmrGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.204.0/22
185.11.142.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:cf:04:d8:ef:c7:82:1b:f0:6c:2f:cf:dc:a2:e0:2d:63:17:
e0:8a:4d:10:de:59:56:a8:99:3a:b7:98:f4:27:87:29:fb:96:
1c:79:82:95:30:01:ac:6d:17:24:dd:25:d1:27:7c:7e:0b:dd:
19:3c:a2:15:3c:1b:87:bf:4d:21:26:e7:9e:4d:42:3f:c0:be:
39:68:b9:60:d8:e2:c8:3f:71:07:13:55:45:bc:22:32:50:b2:
6a:c8:82:34:36:74:86:3b:81:80:8e:1a:c8:a2:70:59:ac:d7:
d0:6b:13:62:4b:07:81:07:b5:87:d8:29:13:30:15:bf:35:ab:
8a:5a:19:4c:51:3a:ee:ea:87:ec:f8:1d:33:9c:38:61:7b:c5:
05:08:56:ff:25:0a:0f:d8:2b:90:f2:02:7a:1d:4e:4f:87:ca:
3e:ac:af:f8:b5:9a:bd:ed:3c:31:68:90:f5:fb:db:ca:a5:ac:
66:15:90:d8:fb:e2:48:b6:61:8e:a7:19:58:0d:5e:81:e0:d3:
f9:0f:2d:9d:0d:a6:8d:7a:da:bf:47:0e:fb:94:56:be:12:cb:
10:a7:78:39:79:11:c7:f3:f9:1f:e2:0a:34:bd:72:32:46:69:
51:e2:1c:1b:0b:1d:24:7f:1b:26:47:8d:3e:48:93:f4:f6:64:
6d:c6:4c:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYab4gIn/fXQ+UA8wVKrFYJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjMwMzAxMDYzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzMyOTJkYTQ2ZWU1OTVmYWI3NDIwNDg5MmZmMzJlYzg5ZTZhYzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEY7LoPmSsB+72FaEd+NSXGqsD/F
ySebCXmZT356+MnJ/W9bI1w8ZYzYLNGQuiHBG7EOBLYhK2xLLrQnzzyTrm36weel
pCTiiU8Z2hn5vTMrVLrOcjVdhAsZugHwaCelmtCZWxZAD5SmRddw17j7QBesvFkD
mKSFkKqavN9iFpvRt1EaCkvzYlbhFhql4MkaFnCRBvZ3EKrqvtbCDzAqbQ3tgp4u
SQ3mS0Ct1uFEkc2XSJqha/XDtLY78h7Dce7zUoyljx708aa6Ow45sqbVAHFyfoKq
K2aGorUkvpXmniqBAfCfGm1MSrMDYApXsoxvDp/O1VO/gkPX9QzG5WygVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMyktpG7llfq3QgSJL/MuyJ5qxiMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvY3pLUzJrYnVXVi1yZENCSWt2OHk3SW5tckdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH97MAwQB
uQuOMA0GCSqGSIb3DQEBCwUAA4IBAQAezwTY78eCG/BsL8/couAtYxfgik0Q3llW
qJk6t5j0J4cp+5YceYKVMAGsbRck3SXRJ3x+C90ZPKIVPBuHv00hJueeTUI/wL45
aLlg2OLIP3EHE1VFvCIyULJqyII0NnSGO4GAjhrIonBZrNfQaxNiSweBB7WH2CkT
MBW/NauKWhlMUTru6ofs+B0znDhhe8UFCFb/JQoP2CuQ8gJ6HU5Ph8o+rK/4tZq9
7TwxaJD1+9vKpaxmFZDY++JItmGOpxlYDV6B4NP5Dy2dDaaNetq/Rw77lFa+EssQ
p3g5eRHH8/kf4go0vXIyRmlR4hwbCx0kfxsmR40+SJP09mRtxkwA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:08 2024 by rpki-client on console-fra.rpki-client.org