Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/NoXKi2rs7lAKTJ8DeYnzxQnYZvY.roa
File: NoXKi2rs7lAKTJ8DeYnzxQnYZvY.roa (raw, json)
Hash identifier: Jp69clCy2FJCxrpaNb9IYX9UCQTfg/OLpcYVVOpFSR8=
Subject key identifier: 36:85:CA:8B:6A:EC:EE:50:0A:4C:9F:03:79:89:F3:C5:09:D8:66:F6
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018968737F52D11BEF32CFB0147777481C8E
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/NoXKi2rs7lAKTJ8DeYnzxQnYZvY.roa
Signing time: Tue 18 Jul 2023 10:02:26 +0000
ROA not before: Tue 18 Jul 2023 10:02:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393954
IP address blocks: 31.186.225.0/24 maxlen: 24
95.172.65.0/24 maxlen: 24
2a02:b50:8002::/48 maxlen: 48
2a02:b50:4013::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:73:7f:52:d1:1b:ef:32:cf:b0:14:77:77:48:1c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jul 18 10:02:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3685ca8b6aecee500a4c9f037989f3c509d866f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:9b:1c:97:30:38:69:a5:40:ac:ee:40:9e:
22:93:8a:a8:e3:a4:85:91:36:77:70:29:ae:1c:9f:
0e:c6:fd:88:cb:62:7f:af:3b:f3:c8:63:66:e7:69:
f1:b6:1b:72:79:83:d3:0f:cc:40:0a:a9:92:07:93:
b0:6b:3c:38:07:f3:e0:11:a7:2a:bd:da:ba:65:fe:
26:2c:e1:70:26:25:9f:7b:58:0c:b9:56:78:86:33:
c6:d4:93:7a:07:71:db:9a:31:0a:6b:bc:d1:19:0d:
c5:1b:c7:84:2c:7e:81:21:af:49:f5:fc:12:88:82:
ca:9c:25:3f:01:83:bf:82:e1:af:87:48:22:2d:d7:
8e:12:43:fb:bc:5d:e7:30:24:ed:8c:ed:52:a5:41:
5f:7a:b1:e9:e0:8a:09:cd:92:35:04:15:75:8b:5d:
ae:e6:00:97:18:94:ce:bf:cc:e0:16:69:e2:c6:ff:
f4:09:cf:af:98:04:8d:b5:80:9f:34:7e:46:5a:13:
7f:8a:70:9c:b0:5a:9c:f2:37:d7:b7:c7:1d:4a:76:
8a:53:48:13:87:50:bb:5f:fa:a8:e0:9e:24:f1:66:
a3:e5:d4:d2:e6:6f:66:ec:a8:1c:b4:8e:ae:06:28:
8e:3c:ce:3a:ce:5f:23:4d:c0:f6:17:52:3f:0f:2c:
1f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:85:CA:8B:6A:EC:EE:50:0A:4C:9F:03:79:89:F3:C5:09:D8:66:F6
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/NoXKi2rs7lAKTJ8DeYnzxQnYZvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.225.0/24
95.172.65.0/24
IPv6:
2a02:b50:4013::/48
2a02:b50:8002::/48
Signature Algorithm: sha256WithRSAEncryption
5c:27:2a:5b:6e:6e:ac:d3:df:98:a6:e9:32:9b:2c:cf:4f:ba:
9b:3e:d6:1b:c9:61:d1:3d:2d:4f:fb:19:80:f1:0e:d4:91:67:
21:fd:f4:90:13:32:9b:f0:41:1b:5e:e7:86:8a:1e:60:00:11:
90:f3:45:e9:c9:ef:4a:37:79:b6:db:29:f3:f7:19:cf:42:e6:
b5:70:e6:fd:fd:50:bc:26:dc:eb:4c:d5:88:1d:0e:ef:d7:b8:
ab:07:36:95:2c:65:34:7e:fe:80:cb:9f:37:c6:88:cc:7d:db:
9f:5e:da:91:fa:41:99:94:5f:2b:0a:00:c0:91:bc:f4:fd:50:
97:be:e8:ce:de:ac:6b:aa:8e:e6:8a:90:7f:16:bb:49:bc:f7:
b3:14:75:d8:84:05:6d:03:5e:10:b6:bd:b6:b4:cc:32:e2:9d:
c6:de:10:70:73:9c:a0:d6:f3:1b:15:1f:4c:96:32:ba:ee:7e:
0f:9d:31:be:1d:d5:57:cc:a0:a1:9a:15:f4:c8:e2:f1:fa:3e:
aa:71:d6:6b:31:31:a8:66:44:5b:c8:a4:e4:d9:2f:d7:2c:ff:
34:94:c7:5e:a7:06:57:56:15:cc:2b:8a:bc:7a:b2:6a:fa:f4:
87:44:ef:02:e6:95:f9:fa:d3:05:c3:a5:27:74:c3:87:4b:ea:
0e:a3:5d:8d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYloc39S0RvvMs+wFHd3SByOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjMwNzE4MTAwMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg1Y2E4YjZhZWNlZTUwMGE0YzlmMDM3OTg5ZjNjNTA5ZDg2NmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxybHJcwOGmlQKzuQJ4ik4qo46SF
kTZ3cCmuHJ8Oxv2Iy2J/rzvzyGNm52nxthtyeYPTD8xACqmSB5Owazw4B/PgEacq
vdq6Zf4mLOFwJiWfe1gMuVZ4hjPG1JN6B3HbmjEKa7zRGQ3FG8eELH6BIa9J9fwS
iILKnCU/AYO/guGvh0giLdeOEkP7vF3nMCTtjO1SpUFferHp4IoJzZI1BBV1i12u
5gCXGJTOv8zgFmnixv/0Cc+vmASNtYCfNH5GWhN/inCcsFqc8jfXt8cdSnaKU0gT
h1C7X/qo4J4k8Waj5dTS5m9m7KgctI6uBiiOPM46zl8jTcD2F1I/DywfAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFDaFyotq7O5QCkyfA3mJ88UJ2Gb2MB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvTm9YS2kycnM3bEFLVEo4RGVZbnp4UW5ZWnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAH7rhAwQA
X6xBMBgEAgACMBIDBwAqAgtQQBMDBwAqAgtQgAIwDQYJKoZIhvcNAQELBQADggEB
AFwnKltubqzT35im6TKbLM9Pups+1hvJYdE9LU/7GYDxDtSRZyH99JATMpvwQRte
54aKHmAAEZDzRenJ70o3ebbbKfP3Gc9C5rVw5v39ULwm3OtM1YgdDu/XuKsHNpUs
ZTR+/oDLnzfGiMx9259e2pH6QZmUXysKAMCRvPT9UJe+6M7erGuqjuaKkH8Wu0m8
97MUddiEBW0DXhC2vba0zDLincbeEHBznKDW8xsVH0yWMrrufg+dMb4d1VfMoKGa
FfTI4vH6Pqpx1msxMahmRFvIpOTZL9cs/zSUx16nBldWFcwrirx6smr69IdE7wLm
lfn60wXDpSd0w4dL6g6jXY0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:58 2024 by rpki-client on console-fra.rpki-client.org