Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/jA7_X8XqP8BLxPzznHNETYvUNts.roa
File: jA7_X8XqP8BLxPzznHNETYvUNts.roa (raw, json)
Hash identifier: C3n6BrYpCud7TxMGZUu5N9gD8bG2DmzlzC2hevTO3eQ=
Subject key identifier: 8C:0E:FF:5F:C5:EA:3F:C0:4B:C4:FC:F3:9C:73:44:4D:8B:D4:36:DB
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 018745DF4B794E41A92B6140575FCEE00002
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/jA7_X8XqP8BLxPzznHNETYvUNts.roa
Signing time: Mon 03 Apr 2023 06:47:54 +0000
ROA not before: Mon 03 Apr 2023 06:47:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60072
IP address blocks: 185.58.219.0/24 maxlen: 24
185.58.216.0/22 maxlen: 22
31.171.192.0/21 maxlen: 21
31.171.197.0/24 maxlen: 24
31.171.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:45:df:4b:79:4e:41:a9:2b:61:40:57:5f:ce:e0:00:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Apr 3 06:47:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c0eff5fc5ea3fc04bc4fcf39c73444d8bd436db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:e4:6e:15:cb:74:1b:fb:ef:4b:cf:49:b5:
cc:a5:af:e7:96:2e:1a:36:2a:0a:3d:28:2b:48:32:
e2:02:3d:6f:fb:c3:64:b8:d5:5f:0f:e8:23:c5:ec:
6d:66:9a:93:a7:ba:2d:37:d3:3e:37:12:8c:b8:f7:
2f:c9:e3:3d:6c:2f:28:bc:68:4c:0a:5e:cd:fe:71:
25:22:c1:24:31:ab:26:03:a6:71:00:1f:ea:11:d1:
03:7f:33:b4:3b:6d:18:ff:75:83:75:c1:8c:c5:7c:
43:7c:dd:0a:af:79:0e:cc:e2:6b:6c:30:d2:40:ae:
5a:22:76:7f:f0:16:ea:8b:56:a9:9f:a8:4d:db:41:
6f:41:5d:ab:9e:76:c5:68:a3:50:13:ec:dd:85:1a:
d0:51:29:5c:65:f3:93:67:ad:8a:16:de:9a:20:cb:
ca:06:13:e8:90:92:4b:b7:25:7d:29:a0:84:a6:20:
3e:09:91:df:82:b9:48:10:08:db:d9:57:43:01:f9:
7c:d7:4b:35:ec:00:02:49:83:ce:b3:f9:83:3d:6a:
6a:61:17:e4:30:96:63:bf:c0:83:d4:62:ac:ac:3b:
7d:1d:38:29:64:01:78:b4:48:88:f4:c7:59:e7:d4:
ee:c1:68:e4:49:90:20:d7:d8:09:f3:c7:42:e0:34:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0E:FF:5F:C5:EA:3F:C0:4B:C4:FC:F3:9C:73:44:4D:8B:D4:36:DB
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/jA7_X8XqP8BLxPzznHNETYvUNts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.192.0/21
185.58.216.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:c5:07:58:b8:81:3a:9d:03:f5:32:e4:fd:86:25:82:07:a4:
36:62:66:b3:66:2b:b3:ac:d3:8b:c3:3c:48:89:cd:04:84:51:
ed:63:22:35:8d:9e:86:83:01:99:8b:47:79:a0:5c:56:77:4c:
45:ad:8f:32:1f:ff:be:2b:24:ac:7b:bd:0a:3f:8d:08:1e:de:
89:e4:b1:d6:4d:36:18:17:1c:09:8b:37:c4:04:43:27:62:ed:
d2:fd:3f:17:9b:d8:0d:61:5d:98:04:42:b3:0c:53:d8:55:c8:
98:9f:93:38:19:2c:c6:24:e2:a1:a4:1e:4b:36:b9:f4:61:8f:
dd:7f:9f:c2:54:0d:94:29:26:10:3f:ae:cf:68:ae:49:41:7d:
9b:8b:9a:5c:9a:ce:44:9f:27:31:b8:ff:e5:76:84:6b:a1:39:
31:e5:c4:d6:e2:79:a7:f3:d4:b5:81:6a:ae:9b:58:96:b2:29:
26:d0:5f:37:c8:58:5d:b0:09:6e:44:25:25:ad:8c:66:85:7c:
93:39:dc:19:97:2d:fe:d6:c2:0b:b1:57:76:30:f3:93:53:1c:
1f:1e:c9:d8:9c:03:49:0a:69:8b:fb:0f:a8:b0:b4:fe:65:70:
0d:5f:32:c6:48:8b:e6:0d:76:c5:27:c1:98:38:f7:d3:ed:66:
09:61:a8:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdF30t5TkGpK2FAV1/O4AACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjMwNDAzMDY0NzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBlZmY1ZmM1ZWEzZmMwNGJjNGZjZjM5YzczNDQ0ZDhiZDQzNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXjkbhXLdBv770vPSbXMpa/nli4a
NioKPSgrSDLiAj1v+8NkuNVfD+gjxextZpqTp7otN9M+NxKMuPcvyeM9bC8ovGhM
Cl7N/nElIsEkMasmA6ZxAB/qEdEDfzO0O20Y/3WDdcGMxXxDfN0Kr3kOzOJrbDDS
QK5aInZ/8Bbqi1apn6hN20FvQV2rnnbFaKNQE+zdhRrQUSlcZfOTZ62KFt6aIMvK
BhPokJJLtyV9KaCEpiA+CZHfgrlIEAjb2VdDAfl810s17AACSYPOs/mDPWpqYRfk
MJZjv8CD1GKsrDt9HTgpZAF4tEiI9MdZ59TuwWjkSZAg19gJ88dC4DRE+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIwO/1/F6j/AS8T885xzRE2L1DbbMB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvakE3X1g4WHFQOEJMeFB6em5ITkVUWXZVTnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx
LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH6vAAwQC
uTrYMA0GCSqGSIb3DQEBCwUAA4IBAQC4xQdYuIE6nQP1MuT9hiWCB6Q2YmazZiuz
rNOLwzxIic0EhFHtYyI1jZ6GgwGZi0d5oFxWd0xFrY8yH/++KySse70KP40IHt6J
5LHWTTYYFxwJizfEBEMnYu3S/T8Xm9gNYV2YBEKzDFPYVciYn5M4GSzGJOKhpB5L
Nrn0YY/df5/CVA2UKSYQP67PaK5JQX2bi5pcms5EnycxuP/ldoRroTkx5cTW4nmn
89S1gWqum1iWsikm0F83yFhdsAluRCUlrYxmhXyTOdwZly3+1sILsVd2MPOTUxwf
HsnYnANJCmmL+w+osLT+ZXANXzLGSIvmDXbFJ8GYOPfT7WYJYagB
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:10:22 2024 by rpki-client on console-ams.rpki-client.org