Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DjBEUCSuGZH9O_rTtoZxzeSgGoA.roa
File: DjBEUCSuGZH9O_rTtoZxzeSgGoA.roa (raw, json)
Hash identifier: +kG+n4uXsf7ZKt7UDyn37Ts11il4L1w8t1hCvO0wKCg=
Subject key identifier: 0E:30:44:50:24:AE:19:91:FD:3B:FA:D3:B6:86:71:CD:E4:A0:1A:80
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 01856DD40A676A04793DB85B58E63DB8BE8C
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DjBEUCSuGZH9O_rTtoZxzeSgGoA.roa
Signing time: Sun 01 Jan 2023 14:54:50 +0000
ROA not before: Sun 01 Jan 2023 14:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60072
IP address blocks: 185.58.216.0/22 maxlen: 22
31.171.192.0/21 maxlen: 21
31.171.197.0/24 maxlen: 24
31.171.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 06:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0a:67:6a:04:79:3d:b8:5b:58:e6:3d:b8:be:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Jan 1 14:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e30445024ae1991fd3bfad3b68671cde4a01a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:b7:4d:1e:0a:b7:ea:56:33:e3:76:24:df:
59:2e:44:fb:1f:95:27:b2:0e:f4:dc:84:b6:ee:3b:
a9:79:ad:07:65:f7:be:d2:b0:87:4c:17:e9:ef:af:
de:cb:fa:99:da:c2:10:f2:8b:85:bd:21:23:2e:2d:
c7:f0:52:bb:ac:0e:1f:50:13:5f:7b:69:90:de:ee:
b1:18:4f:b1:01:74:fc:37:f4:1a:57:39:eb:0f:6e:
9e:f2:3c:f3:3f:76:f1:f5:a1:80:c2:e4:4a:6c:26:
c5:8f:f3:b4:27:27:6f:30:7d:e4:6e:66:e7:34:89:
85:8e:84:25:20:fa:c4:6b:18:97:9e:7e:8a:a5:47:
80:b5:c1:52:5d:84:88:92:45:7f:2b:76:e9:50:14:
b3:97:ca:ee:44:22:7e:2f:58:e0:80:50:15:70:83:
bc:3c:72:8e:29:0a:93:9e:f4:e2:41:6a:88:3d:b8:
b7:c9:8f:05:33:f6:08:66:ce:41:fa:22:5d:5b:de:
38:30:86:d3:b1:99:fb:e1:ba:bf:8b:69:8b:2b:07:
5f:a5:a3:96:05:f3:4e:5f:58:34:33:62:2f:f8:0f:
14:46:bf:97:98:fa:e0:11:d2:e1:9a:d5:bf:2b:7f:
95:0c:29:c7:e8:e3:cb:13:31:2a:5c:58:34:76:28:
0b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:30:44:50:24:AE:19:91:FD:3B:FA:D3:B6:86:71:CD:E4:A0:1A:80
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DjBEUCSuGZH9O_rTtoZxzeSgGoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.192.0/21
185.58.216.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:ab:f9:c2:69:a4:a2:7e:41:9c:22:c1:50:fc:58:90:61:91:
e4:73:8d:23:d9:79:35:90:48:09:62:cc:53:df:f2:75:0d:79:
2c:6e:aa:ac:c1:c6:28:00:c0:12:a6:17:91:96:1f:52:2c:20:
ef:fb:3b:d4:06:8f:94:e4:83:cd:8a:5d:e5:9f:98:ca:af:f8:
34:61:b8:22:aa:8b:04:8d:0d:b6:b7:fb:68:53:54:5f:b7:59:
1a:8b:ba:d7:3e:40:1f:4e:7f:88:1b:e1:91:09:20:1f:ea:aa:
58:32:a8:15:c3:c2:66:37:d7:b9:1b:b8:63:c4:18:13:42:2b:
61:b7:a0:d9:bf:46:38:d1:5e:25:2b:be:eb:3c:88:59:d0:22:
c8:75:5c:f6:21:a9:62:28:ff:62:34:e4:85:cc:19:04:ec:43:
09:b4:45:15:24:83:7f:2e:b6:6e:a4:5f:a2:46:83:dc:6a:9b:
03:1a:2b:5e:8f:5d:82:2a:6c:d0:92:f4:9a:6a:e7:c5:61:9c:
ff:bf:92:29:ab:31:44:4b:0a:88:16:1b:ad:10:c9:37:ad:ed:
cb:f2:7f:b7:89:89:8c:5f:99:f6:71:c7:54:11:46:4b:bf:e4:
9e:39:bb:3b:81:74:df:6a:94:b1:e3:a6:00:ca:cc:ec:d6:6d:
4b:5b:11:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt1ApnagR5PbhbWOY9uL6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjMwMTAxMTQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTMwNDQ1MDI0YWUxOTkxZmQzYmZhZDNiNjg2NzFjZGU0YTAxYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3a3TR4Kt+pWM+N2JN9ZLkT7H5Un
sg703IS27jupea0HZfe+0rCHTBfp76/ey/qZ2sIQ8ouFvSEjLi3H8FK7rA4fUBNf
e2mQ3u6xGE+xAXT8N/QaVznrD26e8jzzP3bx9aGAwuRKbCbFj/O0JydvMH3kbmbn
NImFjoQlIPrEaxiXnn6KpUeAtcFSXYSIkkV/K3bpUBSzl8ruRCJ+L1jggFAVcIO8
PHKOKQqTnvTiQWqIPbi3yY8FM/YIZs5B+iJdW944MIbTsZn74bq/i2mLKwdfpaOW
BfNOX1g0M2Iv+A8URr+XmPrgEdLhmtW/K3+VDCnH6OPLEzEqXFg0digLtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA4wRFAkrhmR/Tv607aGcc3koBqAMB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvRGpCRVVDU3VHWkg5T19yVHRvWnh6ZVNnR29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx
LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH6vAAwQC
uTrYMA0GCSqGSIb3DQEBCwUAA4IBAQCaq/nCaaSifkGcIsFQ/FiQYZHkc40j2Xk1
kEgJYsxT3/J1DXksbqqswcYoAMASpheRlh9SLCDv+zvUBo+U5IPNil3ln5jKr/g0
YbgiqosEjQ22t/toU1Rft1kai7rXPkAfTn+IG+GRCSAf6qpYMqgVw8JmN9e5G7hj
xBgTQitht6DZv0Y40V4lK77rPIhZ0CLIdVz2IaliKP9iNOSFzBkE7EMJtEUVJIN/
LrZupF+iRoPcapsDGitej12CKmzQkvSaaufFYZz/v5IpqzFESwqIFhutEMk3re3L
8n+3iYmMX5n2ccdUEUZLv+SeObs7gXTfapSx46YAyszs1m1LWxEp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:55 2024 by rpki-client on console-fra.rpki-client.org