Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/M6wyeHS0aN2-Qz8HotqfITy3_Ls.roa
File: M6wyeHS0aN2-Qz8HotqfITy3_Ls.roa (raw, json)
Hash identifier: GfixMYUgg7dNZv3DguM9nmqH9l51s+DKzLO+nRud72w=
Subject key identifier: 33:AC:32:78:74:B4:68:DD:BE:43:3F:07:A2:DA:9F:21:3C:B7:FC:BB
Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Certificate serial: 01856F5DABAF17F66CA9D7B56DF87944A687
Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/M6wyeHS0aN2-Qz8HotqfITy3_Ls.roa
Signing time: Sun 01 Jan 2023 22:04:47 +0000
ROA not before: Sun 01 Jan 2023 22:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31317
IP address blocks: 31.220.112.0/21 maxlen: 32
185.95.112.0/22 maxlen: 32
195.192.192.0/21 maxlen: 32
45.119.124.0/22 maxlen: 32
185.156.28.0/22 maxlen: 32
195.192.200.0/21 maxlen: 32
185.114.140.0/22 maxlen: 32
37.251.224.0/21 maxlen: 32
185.178.56.0/22 maxlen: 32
37.251.232.0/21 maxlen: 32
2a05:fb80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:ab:af:17:f6:6c:a9:d7:b5:6d:f8:79:44:a6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e
Validity
Not Before: Jan 1 22:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33ac327874b468ddbe433f07a2da9f213cb7fcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:46:6c:75:41:57:e5:b1:ec:66:fe:94:b8:
52:3c:8c:d8:18:e6:b6:6f:25:4a:01:bd:61:cc:ad:
e3:cd:aa:4b:a4:bb:bb:20:d6:77:5e:4b:6e:7e:42:
c5:29:77:78:60:0d:7b:b7:f5:88:41:34:f6:c4:b4:
83:b2:33:c3:27:df:71:9d:5c:f8:a4:92:e8:f6:2c:
55:a2:88:0f:0f:13:08:82:35:4f:ea:49:73:c4:f5:
72:6f:6d:9a:ba:83:10:97:05:af:f0:26:7b:cc:c2:
ce:1f:8a:9a:86:93:49:9c:70:74:30:1c:90:45:d8:
77:12:b6:10:9b:05:dc:73:26:71:7e:cc:9d:20:32:
c4:88:22:65:02:76:02:a3:25:f5:75:ab:ec:b7:40:
5d:b7:2c:5f:f8:a0:5e:06:aa:92:05:e5:43:39:3e:
f7:4f:76:f1:1d:71:05:7e:9d:42:b4:df:f8:4a:57:
e0:fb:d7:b4:f8:bb:6f:e7:b4:43:59:96:6d:a1:8a:
4b:27:74:8a:14:1d:1a:20:ac:92:c6:08:d8:16:ac:
4d:aa:8d:a7:71:4f:c6:93:cb:8a:83:7b:4e:fa:da:
ae:1e:a6:9f:4b:97:f5:48:97:1a:57:0b:b9:3b:b0:
48:4e:16:2e:2f:73:6e:75:88:7b:0d:df:08:95:bc:
a5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:AC:32:78:74:B4:68:DD:BE:43:3F:07:A2:DA:9F:21:3C:B7:FC:BB
X509v3 Authority Key Identifier:
keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/M6wyeHS0aN2-Qz8HotqfITy3_Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.112.0/21
37.251.224.0/20
45.119.124.0/22
185.95.112.0/22
185.114.140.0/22
185.156.28.0/22
185.178.56.0/22
195.192.192.0/20
IPv6:
2a05:fb80::/29
Signature Algorithm: sha256WithRSAEncryption
09:d0:33:6a:af:71:fa:06:33:29:7f:a2:07:72:7c:3f:d9:2e:
63:e0:b8:35:42:86:36:a6:73:e5:d4:0d:07:1c:8c:e2:7e:ff:
38:bb:ce:1b:e8:eb:90:ca:67:cc:a8:34:00:a9:68:5c:6d:04:
e7:cb:de:4c:2d:a7:e0:53:c2:70:3b:97:aa:93:a7:40:bd:3f:
2f:24:0c:aa:79:8c:60:c1:fb:c4:0f:62:03:6b:d8:48:be:6d:
eb:61:67:1a:d5:cd:a9:42:2f:bb:d1:49:0a:f7:0f:2b:7e:a2:
af:47:46:d3:64:5d:d3:72:b3:78:e4:6a:5d:9d:2e:9f:b0:96:
ed:10:48:96:ae:c3:9e:22:85:31:e8:c0:95:ae:2c:f1:76:13:
9d:13:ad:92:29:09:3f:44:c6:b9:a3:6c:5a:c1:4b:1f:02:2b:
0d:36:d0:3b:99:34:0e:16:48:22:27:d3:4d:41:73:8e:f0:ad:
a5:50:46:72:9c:f6:19:45:f3:48:5e:77:72:2a:0e:ab:35:fc:
36:bb:ae:c9:0f:b2:b6:7c:8d:95:f2:7f:7c:39:95:ba:a3:ec:
88:8b:b9:ff:83:79:8f:2e:91:1f:76:4e:34:79:be:41:5b:5b:
43:f9:31:a2:91:a4:33:1c:9d:64:5f:f4:f6:05:5d:54:32:19:
38:84:9f:7b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvXauvF/Zsqde1bfh5RKaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh
MTUxMmUwHhcNMjMwMTAxMjIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2FjMzI3ODc0YjQ2OGRkYmU0MzNmMDdhMmRhOWYyMTNjYjdmY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkxGbHVBV+Wx7Gb+lLhSPIzYGOa2
byVKAb1hzK3jzapLpLu7INZ3XktufkLFKXd4YA17t/WIQTT2xLSDsjPDJ99xnVz4
pJLo9ixVoogPDxMIgjVP6klzxPVyb22auoMQlwWv8CZ7zMLOH4qahpNJnHB0MByQ
Rdh3ErYQmwXccyZxfsydIDLEiCJlAnYCoyX1davst0Bdtyxf+KBeBqqSBeVDOT73
T3bxHXEFfp1CtN/4Slfg+9e0+Ltv57RDWZZtoYpLJ3SKFB0aIKySxgjYFqxNqo2n
cU/Gk8uKg3tO+tquHqafS5f1SJcaVwu5O7BIThYuL3NudYh7Dd8IlbylcQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDOsMnh0tGjdvkM/B6LanyE8t/y7MB8GA1UdIwQY
MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt
NjdhNTQwZTI5N2YwLzEvTTZ3eWVIUzBhTjItUXo4SG90cWZJVHkzX0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw
LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH9xwAwQE
JfvgAwQCLXd8AwQCuV9wAwQCuXKMAwQCuZwcAwQCubI4AwQEw8DAMA0EAgACMAcD
BQMqBfuAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ0DNqr3H6BjMpf6IHcnw/2S5j4Lg1
QoY2pnPl1A0HHIzifv84u84b6OuQymfMqDQAqWhcbQTny95MLafgU8JwO5eqk6dA
vT8vJAyqeYxgwfvED2IDa9hIvm3rYWca1c2pQi+70UkK9w8rfqKvR0bTZF3TcrN4
5GpdnS6fsJbtEEiWrsOeIoUx6MCVrizxdhOdE62SKQk/RMa5o2xawUsfAisNNtA7
mTQOFkgiJ9NNQXOO8K2lUEZynPYZRfNIXndyKg6rNfw2u67JD7K2fI2V8n98OZW6
o+yIi7n/g3mPLpEfdk40eb5BW1tD+TGikaQzHJ1kX/T2BV1UMhk4hJ97
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:31 2024 by rpki-client on console-fra.rpki-client.org