Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/zIcF1HPPy-UOLdevfOG4ee0OQsw.roa
File: zIcF1HPPy-UOLdevfOG4ee0OQsw.roa (raw, json)
Hash identifier: d/VL2gJJVWrWVeP7U+qqvz4vvh3SNH5YQPRJmQKRPKY=
Subject key identifier: CC:87:05:D4:73:CF:CB:E5:0E:2D:D7:AF:7C:E1:B8:79:ED:0E:42:CC
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 01914C6AE6278555F334CC0A950A1A54FCDE
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/zIcF1HPPy-UOLdevfOG4ee0OQsw.roa
Signing time: Tue 13 Aug 2024 15:45:59 +0000
ROA not before: Tue 13 Aug 2024 15:45:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9002
IP address blocks: 31.128.32.0/22 maxlen: 24
90.156.254.0/23 maxlen: 24
91.218.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 11:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:6a:e6:27:85:55:f3:34:cc:0a:95:0a:1a:54:fc:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Aug 13 15:45:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc8705d473cfcbe50e2dd7af7ce1b879ed0e42cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:79:ee:7f:1c:5b:fe:9b:4f:65:32:d3:7b:e4:
2b:ec:d3:e2:10:f9:3f:e2:3a:4c:14:40:b5:1f:93:
a4:66:35:3c:2b:7c:b9:01:c3:3e:cd:4c:52:93:f2:
e4:a0:d1:d6:46:ff:dd:5c:0c:48:e3:15:36:86:13:
e4:99:f7:54:a4:ef:55:91:5f:bf:70:f4:0a:af:58:
15:a5:64:05:40:ff:f6:bd:ad:62:9d:32:a4:f2:80:
82:71:e4:58:e5:6c:bb:f5:8a:1e:df:61:70:d0:a4:
ae:89:1a:3f:a8:03:4d:98:2f:6c:05:4a:f1:9e:94:
b0:66:b3:49:ed:e9:f3:72:2a:37:d5:8a:00:05:16:
91:54:0f:33:09:39:8b:2a:d6:ad:59:24:85:80:03:
b5:a4:3f:e9:88:29:7e:36:84:56:0b:24:8a:9a:f6:
87:03:48:88:86:eb:68:b9:8f:9f:f7:51:0c:58:8a:
71:97:a5:bb:ef:d6:67:9f:34:ba:c9:84:f5:e6:1f:
8f:6d:ef:b8:c3:51:f4:d9:6c:0c:17:3b:46:ad:53:
02:3f:62:6f:7c:48:50:09:fe:28:bf:6c:49:aa:39:
ca:a6:a8:ae:b8:c6:ec:1c:00:d9:93:43:f7:63:41:
50:11:52:34:1d:34:87:cf:5b:e9:b7:a5:f8:62:e0:
8e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:87:05:D4:73:CF:CB:E5:0E:2D:D7:AF:7C:E1:B8:79:ED:0E:42:CC
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/zIcF1HPPy-UOLdevfOG4ee0OQsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.32.0/22
90.156.254.0/23
91.218.142.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:20:b9:b2:27:97:9d:30:02:32:e1:c4:4e:45:b9:22:cf:f8:
df:a6:be:98:22:a6:f4:70:cf:fb:fe:b6:4e:a2:75:c7:e0:80:
76:f6:48:ff:85:c8:7e:49:e7:ec:7a:80:30:f1:70:9f:d7:f4:
35:44:f0:51:a3:6d:7a:eb:ce:5c:58:29:1d:0f:41:06:d2:0a:
dd:ea:c0:20:2e:32:f1:bf:b3:3a:4c:3f:97:d0:27:5c:2a:a8:
db:ba:68:6e:30:b6:29:49:5d:57:62:2c:22:92:5c:83:69:57:
21:b6:2c:0f:26:9e:8f:b8:b9:f7:7b:62:5b:49:0b:9f:dd:1e:
e6:ca:2e:4a:94:4a:b2:fa:c8:c8:b0:43:6a:0f:6e:17:a8:7f:
3b:b0:87:e2:d2:6a:87:7f:43:0a:f9:88:18:60:4d:40:45:51:
eb:02:04:d0:59:df:4e:ad:9b:c0:b0:ff:7e:d2:fa:07:77:fb:
59:59:f8:1f:6c:dc:99:13:09:01:9e:9a:42:f1:ed:ab:08:ea:
2c:ac:6e:c1:39:17:cb:5b:25:92:a7:f6:a6:41:41:72:9b:68:
7d:23:17:1f:af:d7:b6:77:3b:58:06:61:15:27:15:14:ea:12:
e2:68:fd:60:77:38:05:03:3f:f7:9c:4e:83:9c:0e:2d:9c:b6:
31:ae:9b:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFMauYnhVXzNMwKlQoaVPzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwODEzMTU0NTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg3MDVkNDczY2ZjYmU1MGUyZGQ3YWY3Y2UxYjg3OWVkMGU0MmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nnufxxb/ptPZTLTe+Qr7NPiEPk/
4jpMFEC1H5OkZjU8K3y5AcM+zUxSk/LkoNHWRv/dXAxI4xU2hhPkmfdUpO9VkV+/
cPQKr1gVpWQFQP/2va1inTKk8oCCceRY5Wy79Yoe32Fw0KSuiRo/qANNmC9sBUrx
npSwZrNJ7enzcio31YoABRaRVA8zCTmLKtatWSSFgAO1pD/piCl+NoRWCySKmvaH
A0iIhutouY+f91EMWIpxl6W779ZnnzS6yYT15h+Pbe+4w1H02WwMFztGrVMCP2Jv
fEhQCf4ov2xJqjnKpqiuuMbsHADZk0P3Y0FQEVI0HTSHz1vpt6X4YuCOrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMyHBdRzz8vlDi3Xr3zhuHntDkLMMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvekljRjFIUFB5LVVPTGRldmZPRzRlZTBPUXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH4AgAwQB
Wpz+AwQBW9qOMA0GCSqGSIb3DQEBCwUAA4IBAQCLILmyJ5edMAIy4cRORbkiz/jf
pr6YIqb0cM/7/rZOonXH4IB29kj/hch+SefseoAw8XCf1/Q1RPBRo216685cWCkd
D0EG0grd6sAgLjLxv7M6TD+X0CdcKqjbumhuMLYpSV1XYiwiklyDaVchtiwPJp6P
uLn3e2JbSQuf3R7myi5KlEqy+sjIsENqD24XqH87sIfi0mqHf0MK+YgYYE1ARVHr
AgTQWd9OrZvAsP9+0voHd/tZWfgfbNyZEwkBnppC8e2rCOosrG7BORfLWyWSp/am
QUFym2h9Ixcfr9e2dztYBmEVJxUU6hLiaP1gdzgFAz/3nE6DnA4tnLYxrpuQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:24 2025 by rpki-client