Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/ueNPAsUNqV3EGyqznOuSpQqPvKU.roa
File: ueNPAsUNqV3EGyqznOuSpQqPvKU.roa (raw, json)
Hash identifier: +hO6Keecx3aD4+ZyHX5SreCxP/ZadPBZfFR24qqdwWY=
Subject key identifier: B9:E3:4F:02:C5:0D:A9:5D:C4:1B:2A:B3:9C:EB:92:A5:0A:8F:BC:A5
Certificate issuer: /CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Certificate serial: 0185728C70FF4B433CB31C4BEE77D76FAC72
Authority key identifier: B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/ueNPAsUNqV3EGyqznOuSpQqPvKU.roa
Signing time: Mon 02 Jan 2023 12:54:44 +0000
ROA not before: Mon 02 Jan 2023 12:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31531
IP address blocks: 194.31.169.0/24 maxlen: 24
194.31.170.0/24 maxlen: 24
185.248.128.0/23 maxlen: 24
194.31.168.0/24 maxlen: 24
2a0d:e580::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:70:ff:4b:43:3c:b3:1c:4b:ee:77:d7:6f:ac:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Validity
Not Before: Jan 2 12:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9e34f02c50da95dc41b2ab39ceb92a50a8fbca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:89:cf:0b:c4:e2:22:b7:d6:4a:2e:6a:a6:79:
fd:f6:e5:5c:0b:97:73:bb:73:a0:be:34:2a:fa:ff:
4d:08:85:9e:41:3c:c8:64:fe:2e:c1:91:cd:22:93:
35:5b:c9:91:a9:10:53:52:9f:4d:a5:f5:b4:40:ab:
55:4c:d7:c0:0f:a8:be:d8:2b:da:36:78:c6:da:a9:
ea:5c:0d:dd:f0:c6:79:a7:90:6f:f4:99:c1:9b:6e:
6b:40:01:f4:95:bd:5a:50:07:c8:95:ef:41:2c:55:
b1:be:5d:7f:87:a9:70:6e:6d:7a:5b:ad:10:ae:cf:
05:b4:36:6d:c8:21:8b:e3:c0:4e:e6:27:2b:4a:98:
35:d3:28:fe:08:47:cc:0f:1c:6a:e4:12:ed:ad:12:
ac:f5:c7:43:2a:81:48:c4:3d:1f:0c:5c:3d:e4:1f:
51:95:70:22:a2:3a:5e:55:75:90:02:cf:13:fe:c4:
d7:5b:a0:04:a2:e8:86:9b:28:63:d2:45:c2:8f:e0:
40:9d:5b:5e:7f:0f:a4:3c:d8:c8:09:cf:00:d5:7f:
a9:46:bf:e2:34:44:5e:73:16:1d:d8:32:9d:ec:65:
79:a7:eb:6f:17:9e:7d:86:4d:35:43:de:dc:05:6d:
fd:eb:0a:d7:eb:6b:48:4a:bb:24:ff:d0:3b:e5:bc:
72:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:E3:4F:02:C5:0D:A9:5D:C4:1B:2A:B3:9C:EB:92:A5:0A:8F:BC:A5
X509v3 Authority Key Identifier:
keyid:B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/ueNPAsUNqV3EGyqznOuSpQqPvKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.128.0/23
194.31.168.0-194.31.170.255
IPv6:
2a0d:e580::/29
Signature Algorithm: sha256WithRSAEncryption
3c:8b:d9:5f:cf:08:a2:c1:3c:46:4a:c5:90:6b:d3:d3:0b:da:
4e:75:6f:b1:82:88:49:90:06:cc:3c:71:8e:21:b6:6c:13:ea:
90:f1:41:b6:14:93:94:f8:b2:48:ab:51:db:cd:42:c7:bd:de:
54:0a:be:16:13:1a:ed:6d:80:c2:40:d9:af:5d:ed:3f:ad:c9:
cf:49:ff:b3:3b:d2:bf:16:8e:8f:3f:ef:b9:c1:0f:2f:ba:bf:
b4:de:a9:55:b7:f0:b7:4f:73:c9:29:85:61:0a:2b:e4:e7:34:
97:fd:12:55:ae:34:97:cb:fb:03:5a:ad:07:c6:71:36:90:0a:
8d:52:33:46:2d:3f:3a:bd:32:ef:9f:20:c2:5f:2e:52:e6:1c:
16:41:fc:00:22:77:35:22:c7:4e:35:f3:93:de:ef:10:92:ca:
0e:33:24:99:8d:d8:7d:de:e1:d6:2f:ff:8a:f6:87:ee:d1:65:
7b:79:f4:39:fc:5a:e7:c6:0e:ee:b1:b2:d4:b2:3b:36:d9:44:
42:69:f0:95:e1:c6:26:8e:89:0c:8b:48:92:91:d7:de:31:67:
1d:df:5b:70:ff:0c:fe:82:75:50:4f:30:2e:d4:15:f6:e6:25:
0b:fd:5a:31:74:0a:05:51:54:d8:fe:5e:5f:0e:24:be:10:b5:
cc:55:20:0d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVyjHD/S0M8sxxL7nfXb6xyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MGQ2Y2E5NWUyNzcwZjU1MzQwZDkwOWVjN2M5N2VlY2Ez
ZmUyMGUwHhcNMjMwMTAyMTI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWUzNGYwMmM1MGRhOTVkYzQxYjJhYjM5Y2ViOTJhNTBhOGZiY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYnPC8TiIrfWSi5qpnn99uVcC5dz
u3OgvjQq+v9NCIWeQTzIZP4uwZHNIpM1W8mRqRBTUp9NpfW0QKtVTNfAD6i+2Cva
NnjG2qnqXA3d8MZ5p5Bv9JnBm25rQAH0lb1aUAfIle9BLFWxvl1/h6lwbm16W60Q
rs8FtDZtyCGL48BO5icrSpg10yj+CEfMDxxq5BLtrRKs9cdDKoFIxD0fDFw95B9R
lXAiojpeVXWQAs8T/sTXW6AEouiGmyhj0kXCj+BAnVtefw+kPNjICc8A1X+pRr/i
NERecxYd2DKd7GV5p+tvF559hk01Q97cBW396wrX62tISrsk/9A75bxy9wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLnjTwLFDaldxBsqs5zrkqUKj7ylMB8GA1UdIwQY
MBaAFLYNbKleJ3D1U0DZCex8l+7KP+IOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUt
MjM4NDdhNDBkOWU0LzEvdWVOUEFzVU5xVjNFR3lxem5PdVNwUXFQdktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUtMjM4NDdhNDBkOWU0
LzEvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBufiAMAwD
BAPCH6gDBADCH6owDQQCAAIwBwMFAyoN5YAwDQYJKoZIhvcNAQELBQADggEBADyL
2V/PCKLBPEZKxZBr09ML2k51b7GCiEmQBsw8cY4htmwT6pDxQbYUk5T4skirUdvN
Qse93lQKvhYTGu1tgMJA2a9d7T+tyc9J/7M70r8Wjo8/77nBDy+6v7TeqVW38LdP
c8kphWEKK+TnNJf9ElWuNJfL+wNarQfGcTaQCo1SM0YtPzq9Mu+fIMJfLlLmHBZB
/AAidzUix04185Pe7xCSyg4zJJmN2H3e4dYv/4r2h+7RZXt59Dn8WufGDu6xstSy
OzbZREJp8JXhxiaOiQyLSJKR194xZx3fW3D/DP6CdVBPMC7UFfbmJQv9WjF0CgVR
VNj+Xl8OJL4QtcxVIA0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:15 2024 by rpki-client on console-ams.rpki-client.org