Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/Y7W-PxcKAc6SsEgYddEooAV32dQ.roa
File: Y7W-PxcKAc6SsEgYddEooAV32dQ.roa (raw, json)
Hash identifier: I+xuAQgWH/XdsLHfwqhzLDmVhSgfDKRAvAZXtstf9lo=
Subject key identifier: 63:B5:BE:3F:17:0A:01:CE:92:B0:48:18:75:D1:28:A0:05:77:D9:D4
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 01856CE633D1D97B479F992DA45458CF5A1B
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/Y7W-PxcKAc6SsEgYddEooAV32dQ.roa
Signing time: Sun 01 Jan 2023 10:35:03 +0000
ROA not before: Sun 01 Jan 2023 10:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202391
IP address blocks: 31.25.95.0/24 maxlen: 24
185.49.104.0/22 maxlen: 24
185.118.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Feb 2023 06:46:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:33:d1:d9:7b:47:9f:99:2d:a4:54:58:cf:5a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jan 1 10:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63b5be3f170a01ce92b0481875d128a00577d9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:62:ab:83:5c:47:03:bb:9a:c2:ec:47:ee:93:
91:dc:d4:98:31:84:8c:2b:79:c6:e5:03:38:e7:ef:
51:b0:14:c2:5d:8f:cc:b3:68:23:ed:07:72:f6:d7:
67:b5:a3:94:68:88:44:a8:62:1a:89:18:ea:e4:68:
35:44:3f:88:3d:36:03:51:a7:78:e0:55:e1:e3:32:
65:a5:e0:ca:be:45:6f:b4:67:36:f5:81:9f:49:7a:
a7:8c:32:19:aa:ff:1a:2d:7b:bb:c6:1c:5f:3b:24:
97:7d:47:b9:00:65:86:d7:08:01:67:9c:d5:44:77:
77:b4:d4:02:fe:22:f0:7e:b6:9b:21:25:be:c7:ec:
9d:00:dd:d0:27:26:8a:83:34:a1:16:fe:ee:a5:9e:
28:7c:45:87:78:d5:dc:19:60:6e:ed:d2:9e:e9:79:
71:53:ec:e4:d5:d5:4c:8d:25:0f:2c:8b:6e:52:3c:
8f:98:e6:36:3a:ce:43:9f:92:55:3a:92:79:0e:d1:
f6:68:59:ef:e8:71:9e:0e:38:fe:27:0b:d4:26:d3:
ad:1f:63:60:1e:7b:95:62:13:a6:d4:ee:92:76:9e:
58:29:32:8e:cd:af:67:97:74:30:43:e3:48:f0:d9:
01:e9:45:b4:e1:1d:90:c0:7a:0f:3f:a7:80:98:9f:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B5:BE:3F:17:0A:01:CE:92:B0:48:18:75:D1:28:A0:05:77:D9:D4
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/Y7W-PxcKAc6SsEgYddEooAV32dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.95.0/24
185.49.104.0/22
185.118.12.0/22
Signature Algorithm: sha256WithRSAEncryption
15:4d:e6:2e:68:6a:07:4d:89:5e:28:0e:11:ff:c9:3a:cf:e1:
67:0f:35:77:42:5e:86:7f:4d:c7:3b:3e:bc:11:f4:31:63:60:
c6:86:e1:8e:78:d5:3b:c9:39:67:94:0d:c5:32:03:f2:ee:05:
d7:f2:73:ca:02:70:ed:9a:f8:e5:66:00:15:a8:f8:78:fa:b5:
44:3b:a1:1b:e8:f2:9c:0b:4d:87:19:ec:26:c6:d1:9d:d2:17:
1e:15:cf:9c:7a:bc:98:88:18:06:96:14:f2:61:d6:4d:cc:93:
bb:b0:20:c5:12:9e:26:67:82:6c:5d:18:87:ce:18:c9:43:c8:
0d:85:d5:51:57:dc:37:13:30:93:7e:ad:68:07:db:20:72:5e:
83:dc:75:1d:8c:43:8a:ce:34:5a:3f:23:a9:b8:1c:26:cb:7c:
a5:93:be:e2:74:fa:a2:a8:09:94:4f:18:e2:8f:62:1a:fb:4b:
eb:45:eb:b7:c9:88:b6:55:88:0a:4c:70:51:0b:78:66:93:b6:
30:4a:42:c6:e5:c0:13:bb:92:90:85:98:fe:62:3b:f9:02:d7:
7b:7e:64:db:b4:b0:e0:bc:a8:8b:a9:47:1e:c2:95:b8:a5:a8:
cc:1b:71:cd:2a:6c:77:0d:1a:3c:ba:5e:db:a0:83:3e:1b:2f:
e0:48:30:e3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVs5jPR2XtHn5ktpFRYz1obMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjMwMTAxMTAzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2I1YmUzZjE3MGEwMWNlOTJiMDQ4MTg3NWQxMjhhMDA1NzdkOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGKrg1xHA7uawuxH7pOR3NSYMYSM
K3nG5QM45+9RsBTCXY/Ms2gj7Qdy9tdntaOUaIhEqGIaiRjq5Gg1RD+IPTYDUad4
4FXh4zJlpeDKvkVvtGc29YGfSXqnjDIZqv8aLXu7xhxfOySXfUe5AGWG1wgBZ5zV
RHd3tNQC/iLwfrabISW+x+ydAN3QJyaKgzShFv7upZ4ofEWHeNXcGWBu7dKe6Xlx
U+zk1dVMjSUPLItuUjyPmOY2Os5Dn5JVOpJ5DtH2aFnv6HGeDjj+JwvUJtOtH2Ng
HnuVYhOm1O6Sdp5YKTKOza9nl3QwQ+NI8NkB6UW04R2QwHoPP6eAmJ84CwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGO1vj8XCgHOkrBIGHXRKKAFd9nUMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL1k3Vy1QeGNLQWM2U3NFZ1lkZEVvb0FWMzJkUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAfGV8D
BAK5MWgDBAK5dgwwDQYJKoZIhvcNAQELBQADggEBABVN5i5oagdNiV4oDhH/yTrP
4WcPNXdCXoZ/Tcc7PrwR9DFjYMaG4Y541TvJOWeUDcUyA/LuBdfyc8oCcO2a+OVm
ABWo+Hj6tUQ7oRvo8pwLTYcZ7CbG0Z3SFx4Vz5x6vJiIGAaWFPJh1k3Mk7uwIMUS
niZngmxdGIfOGMlDyA2F1VFX3DcTMJN+rWgH2yByXoPcdR2MQ4rONFo/I6m4HCbL
fKWTvuJ0+qKoCZRPGOKPYhr7S+tF67fJiLZViApMcFELeGaTtjBKQsblwBO7kpCF
mP5iO/kC13t+ZNu0sOC8qIupRx7ClbilqMwbcc0qbHcNGjy6Xtuggz4bL+BIMOM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:53 2024 by rpki-client on console-fra.rpki-client.org