Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/Im007Z9vAcFBLSqv5OGabWI5cFA.roa
File: Im007Z9vAcFBLSqv5OGabWI5cFA.roa (raw, json)
Hash identifier: 6Lgr+mZkV7cjfPQCH2GgFz2XH7sAMU0KmE5lKdOgg+k=
Subject key identifier: 22:6D:34:ED:9F:6F:01:C1:41:2D:2A:AF:E4:E1:9A:6D:62:39:70:50
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 018E04C7372E74FDC16B4B6766A0358F88A0
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/Im007Z9vAcFBLSqv5OGabWI5cFA.roa
Signing time: Sun 03 Mar 2024 14:45:48 +0000
ROA not before: Sun 03 Mar 2024 14:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 31.209.192.0/18 maxlen: 18
85.220.0.0/17 maxlen: 17
157.157.0.0/16 maxlen: 16
157.157.136.0/24 maxlen: 24
213.167.152.0/24 maxlen: 24
2001:1a98::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Apr 2024 15:41:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:04:c7:37:2e:74:fd:c1:6b:4b:67:66:a0:35:8f:88:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Mar 3 14:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=226d34ed9f6f01c1412d2aafe4e19a6d62397050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:33:8a:4f:bf:80:1c:e9:d2:4d:67:3c:96:a4:
b0:aa:ac:d6:1a:ae:aa:c2:c6:e4:3e:d9:d6:54:99:
3c:8a:b0:7a:c1:08:99:9b:47:9b:93:08:49:9c:09:
28:13:9f:99:40:cd:9e:98:4e:5b:a7:05:2a:19:f6:
f3:0e:19:fc:a3:83:25:76:61:a1:c8:e6:1d:21:f1:
6a:77:69:48:83:e6:78:b0:ae:8f:d9:90:ca:5c:ab:
cf:fe:c7:1e:9e:27:68:bb:ef:66:c1:09:c0:9c:a7:
c5:a3:fe:31:23:86:25:52:b5:93:68:7f:cd:47:05:
6a:e8:ac:c8:3c:39:d8:f6:52:17:6a:68:0f:ce:cc:
08:f7:c0:b9:37:ea:e0:2e:85:3d:7e:d8:98:da:33:
fc:9e:07:70:01:f7:2f:25:b8:80:f5:c5:78:6c:35:
3e:2c:a6:9d:5e:42:dc:38:da:dd:61:b5:d4:ec:2e:
9a:98:ab:81:d5:ec:24:0d:ae:a1:94:df:09:39:d8:
ed:2a:e3:4d:84:96:3f:d3:cb:0d:8f:df:e7:2b:67:
ec:97:05:dc:75:c4:bf:5c:da:f6:4e:88:20:bc:fc:
04:8f:c1:22:97:76:f7:a0:ab:98:ac:5a:0e:b2:94:
2b:86:ed:94:ef:b8:64:fa:69:43:18:9d:d4:88:2b:
40:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6D:34:ED:9F:6F:01:C1:41:2D:2A:AF:E4:E1:9A:6D:62:39:70:50
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/Im007Z9vAcFBLSqv5OGabWI5cFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
213.167.152.0/24
IPv6:
2001:1a98::/32
Signature Algorithm: sha256WithRSAEncryption
34:ef:80:9e:51:da:90:47:2c:de:1b:1c:ed:e8:2f:9e:45:ff:
7a:2f:0e:bb:60:bf:ea:19:b0:6b:49:c8:22:c8:58:40:c7:de:
df:65:ba:fc:68:5f:d2:3b:bd:c0:6a:0f:5f:c3:1a:35:8e:6e:
32:88:0a:da:5a:75:4d:f3:77:4b:60:0c:18:7d:94:cd:df:e8:
74:c3:60:77:c0:40:d9:a8:5c:04:14:13:cc:c0:f0:28:c4:b0:
24:93:7f:a0:b5:e8:d8:0a:c5:50:ce:d6:ba:d0:f4:5b:4a:b3:
9b:d7:f2:f4:e9:49:4a:f8:26:0d:dd:b0:07:ed:c6:bf:c2:e5:
86:ce:3d:df:8d:2b:ef:cf:73:6e:1c:19:fe:4e:0b:8c:cb:29:
c4:a6:66:df:93:54:0f:fe:d1:8f:ba:df:3e:c0:c2:09:52:4d:
33:2c:4c:67:46:73:d4:94:8b:43:7d:57:2b:35:6d:62:fd:5e:
19:cd:86:64:cb:16:bb:ac:90:95:b0:84:c6:b5:22:c9:03:66:
9b:5d:18:b4:0d:82:6f:15:1f:cb:6c:40:e9:73:14:16:5a:54:
34:33:62:e0:c7:a8:9b:9f:44:46:4f:e5:e5:4a:17:e1:6c:c6:
15:dd:37:90:a9:ab:2d:b0:20:e4:ec:be:7e:13:48:a3:04:fd:
68:86:22:13
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY4ExzcudP3Ba0tnZqA1j4igMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjQwMzAzMTQ0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZkMzRlZDlmNmYwMWMxNDEyZDJhYWZlNGUxOWE2ZDYyMzk3MDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDOKT7+AHOnSTWc8lqSwqqzWGq6q
wsbkPtnWVJk8irB6wQiZm0ebkwhJnAkoE5+ZQM2emE5bpwUqGfbzDhn8o4MldmGh
yOYdIfFqd2lIg+Z4sK6P2ZDKXKvP/scenidou+9mwQnAnKfFo/4xI4YlUrWTaH/N
RwVq6KzIPDnY9lIXamgPzswI98C5N+rgLoU9ftiY2jP8ngdwAfcvJbiA9cV4bDU+
LKadXkLcONrdYbXU7C6amKuB1ewkDa6hlN8JOdjtKuNNhJY/08sNj9/nK2fslwXc
dcS/XNr2ToggvPwEj8Eil3b3oKuYrFoOspQrhu2U77hk+mlDGJ3UiCtA7QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCJtNO2fbwHBQS0qr+Thmm1iOXBQMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvSW0wMDdaOXZBY0ZCTFNxdjVPR2FiV0k1Y0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQGH9HAAwQH
VdwAAwMAnZ0DBADVp5gwDQQCAAIwBwMFACABGpgwDQYJKoZIhvcNAQELBQADggEB
ADTvgJ5R2pBHLN4bHO3oL55F/3ovDrtgv+oZsGtJyCLIWEDH3t9luvxoX9I7vcBq
D1/DGjWObjKICtpadU3zd0tgDBh9lM3f6HTDYHfAQNmoXAQUE8zA8CjEsCSTf6C1
6NgKxVDO1rrQ9FtKs5vX8vTpSUr4Jg3dsAftxr/C5YbOPd+NK+/Pc24cGf5OC4zL
KcSmZt+TVA/+0Y+63z7AwglSTTMsTGdGc9SUi0N9Vys1bWL9XhnNhmTLFruskJWw
hMa1IskDZptdGLQNgm8VH8tsQOlzFBZaVDQzYuDHqJufREZP5eVKF+FsxhXdN5Cp
qy2wIOTsvn4TSKME/WiGIhM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:52 2024 by rpki-client on console-fra.rpki-client.org