Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/1hdHNrpflRQstcTFsu7NpppFKXk.roa
File: 1hdHNrpflRQstcTFsu7NpppFKXk.roa (raw, json)
Hash identifier: WnWr1WtL1LNH03ed9ErFvakcZ+Dfp32pzov/ycmxhjo=
Subject key identifier: D6:17:47:36:BA:5F:95:14:2C:B5:C4:C5:B2:EE:CD:A6:9A:45:29:79
Certificate issuer: /CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Certificate serial: 01856D2F4450E80000828826EFC9DC250C87
Authority key identifier: 19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/1hdHNrpflRQstcTFsu7NpppFKXk.roa
Signing time: Sun 01 Jan 2023 11:54:52 +0000
ROA not before: Sun 01 Jan 2023 11:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20847
IP address blocks: 31.7.4.0/22 maxlen: 24
31.7.0.0/22 maxlen: 24
185.144.224.0/23 maxlen: 24
2a03:9700:8000::/33 maxlen: 33
2a03:9700::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:44:50:e8:00:00:82:88:26:ef:c9:dc:25:0c:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=190ec7aab20fc4c801c67963e59e4f93600e401d
Validity
Not Before: Jan 1 11:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6174736ba5f95142cb5c4c5b2eecda69a452979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d4:ef:69:23:d9:9e:5d:08:f3:02:51:ce:e7:
c0:4c:9f:fb:1e:14:7b:ed:52:76:2c:b4:fc:f7:57:
62:6a:c0:23:f6:36:41:50:d2:1f:12:4e:e4:73:44:
da:4f:52:d2:77:a2:62:bc:f2:d6:2b:13:bb:12:65:
c5:79:e7:aa:64:5f:b7:a8:5c:7f:7d:fe:0e:0e:87:
e1:df:17:4f:08:1d:23:62:6f:ea:88:46:97:5c:c4:
74:5e:b6:e1:a7:2e:cf:88:2d:34:68:49:53:69:69:
fb:4a:50:13:49:05:4a:89:5e:08:18:b9:f9:2f:3d:
55:7c:34:a6:34:ed:6a:c1:19:57:db:20:46:3e:c5:
94:5c:5d:84:4d:60:55:7a:bd:d8:d2:cf:6c:5a:c0:
4f:4c:8b:64:69:c8:93:98:df:a6:0e:47:5b:97:c7:
3c:49:20:c3:f2:0b:d3:25:9b:2c:86:90:6f:91:2f:
57:90:25:cf:f8:a5:7b:b0:52:5a:ab:39:e1:02:e4:
91:be:75:d5:07:6c:bf:c9:e6:0e:23:2e:f2:a5:e1:
6d:62:24:02:ab:5b:7f:68:7f:1f:ba:2d:78:62:0c:
de:cc:a3:3a:3e:5b:a8:18:76:99:14:86:ad:9f:81:
2d:97:a5:dc:07:77:6b:f0:ab:86:e8:da:15:a9:4a:
84:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:47:36:BA:5F:95:14:2C:B5:C4:C5:B2:EE:CD:A6:9A:45:29:79
X509v3 Authority Key Identifier:
keyid:19:0E:C7:AA:B2:0F:C4:C8:01:C6:79:63:E5:9E:4F:93:60:0E:40:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/1hdHNrpflRQstcTFsu7NpppFKXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/ba3b69-65e5-498e-ba08-dab9b483c123/1/GQ7HqrIPxMgBxnlj5Z5Pk2AOQB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.0.0/21
185.144.224.0/23
IPv6:
2a03:9700::/32
Signature Algorithm: sha256WithRSAEncryption
2f:79:cd:9d:0f:45:2b:27:04:d1:16:a3:8f:50:6b:72:f0:ee:
40:9e:d0:7a:ec:ef:4f:9f:4e:10:10:38:c2:f1:34:66:cb:09:
dc:55:d7:d4:3b:34:96:80:a7:dc:4c:cf:8f:88:bb:b8:02:26:
b8:b5:cf:79:0e:63:f6:e0:40:b8:6d:73:55:66:aa:23:d7:5f:
b7:93:34:80:f9:a6:f7:8a:15:4c:c8:25:3a:9f:bf:90:7a:13:
85:07:dc:23:ec:6b:35:3d:a0:e1:33:fe:71:98:e3:35:63:c1:
03:c6:aa:38:4d:ca:9c:36:96:43:b5:49:d0:9a:e4:b9:89:9e:
d4:be:79:fa:1f:de:95:fe:03:3a:96:15:bf:ca:fd:35:b2:ca:
64:60:c8:3e:0e:a4:25:6b:81:0a:f9:75:62:b7:b0:87:50:aa:
b4:e1:34:b3:7e:6e:68:47:73:f3:6b:75:b6:34:4a:d2:dd:a1:
a8:e6:30:e0:45:24:4c:7f:79:8a:f5:78:1a:f6:65:1b:e9:3f:
77:eb:7a:20:4e:fb:e1:e7:a3:65:c6:32:dc:f7:26:38:aa:81:
19:25:f1:e1:4b:e7:7c:37:32:79:f1:4d:f2:92:f3:a1:36:38:
35:f4:42:93:5a:84:21:dc:7c:4b:c5:1b:57:62:46:7b:be:7a:
19:aa:c1:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtL0RQ6AAAgogm78ncJQyHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MGVjN2FhYjIwZmM0YzgwMWM2Nzk2M2U1OWU0ZjkzNjAw
ZTQwMWQwHhcNMjMwMTAxMTE1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3NDczNmJhNWY5NTE0MmNiNWM0YzViMmVlY2RhNjlhNDUyOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptTvaSPZnl0I8wJRzufATJ/7HhR7
7VJ2LLT891diasAj9jZBUNIfEk7kc0TaT1LSd6JivPLWKxO7EmXFeeeqZF+3qFx/
ff4ODofh3xdPCB0jYm/qiEaXXMR0Xrbhpy7PiC00aElTaWn7SlATSQVKiV4IGLn5
Lz1VfDSmNO1qwRlX2yBGPsWUXF2ETWBVer3Y0s9sWsBPTItkaciTmN+mDkdbl8c8
SSDD8gvTJZsshpBvkS9XkCXP+KV7sFJaqznhAuSRvnXVB2y/yeYOIy7ypeFtYiQC
q1t/aH8fui14YgzezKM6PluoGHaZFIatn4Etl6XcB3dr8KuG6NoVqUqEAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNYXRza6X5UULLXExbLuzaaaRSl5MB8GA1UdIwQY
MBaAFBkOx6qyD8TIAcZ5Y+WeT5NgDkAdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgt
ZGFiOWI0ODNjMTIzLzEvMWhkSE5ycGZsUlFzdGNURnN1N05wcHBGS1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iYTNiNjktNjVlNS00OThlLWJhMDgtZGFiOWI0ODNjMTIz
LzEvR1E3SHFySVB4TWdCeG5sajVaNVBrMkFPUUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcAAwQB
uZDgMA0EAgACMAcDBQAqA5cAMA0GCSqGSIb3DQEBCwUAA4IBAQAvec2dD0UrJwTR
FqOPUGty8O5AntB67O9Pn04QEDjC8TRmywncVdfUOzSWgKfcTM+PiLu4Aia4tc95
DmP24EC4bXNVZqoj11+3kzSA+ab3ihVMyCU6n7+QehOFB9wj7Gs1PaDhM/5xmOM1
Y8EDxqo4TcqcNpZDtUnQmuS5iZ7Uvnn6H96V/gM6lhW/yv01sspkYMg+DqQla4EK
+XVit7CHUKq04TSzfm5oR3Pza3W2NErS3aGo5jDgRSRMf3mK9Xga9mUb6T9363og
Tvvh56NlxjLc9yY4qoEZJfHhS+d8NzJ58U3ykvOhNjg19EKTWoQh3HxLxRtXYkZ7
vnoZqsGW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:22 2024 by rpki-client on console-fra.rpki-client.org