Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8BCpG1mYBPT0elq7aleaLdjSxA.roa
File: Y8BCpG1mYBPT0elq7aleaLdjSxA.roa (raw, json)
Hash identifier: XTjp1WBAl6ahy+fOU4zDLiKKrRJcN9qwKIlF2XEGwyg=
Subject key identifier: 63:C0:42:A4:6D:66:60:13:D3:D1:E9:6A:ED:A9:5E:68:B7:63:4B:10
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0190727F8951D40B89F5C0F9428B104BA853
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8BCpG1mYBPT0elq7aleaLdjSxA.roa
Signing time: Tue 02 Jul 2024 08:11:18 +0000
ROA not before: Tue 02 Jul 2024 08:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197722
IP address blocks: 185.31.104.0/22 maxlen: 24
185.94.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 10:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:7f:89:51:d4:0b:89:f5:c0:f9:42:8b:10:4b:a8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jul 2 08:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63c042a46d666013d3d1e96aeda95e68b7634b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b6:6a:06:d7:d7:47:37:cd:a7:4a:d7:f8:b2:
21:11:ed:ca:0a:9e:b9:65:52:96:4a:53:d4:3a:4e:
4f:a7:89:8f:7e:e3:19:6b:0e:6b:d9:30:e4:e5:e4:
90:8a:60:34:3a:8c:ac:30:9e:32:dc:42:73:a2:53:
f3:2b:e7:a5:95:97:13:97:7e:ec:15:c1:eb:09:65:
cb:af:90:2e:ef:6a:15:4b:dd:78:5b:60:3e:2e:d8:
1e:c8:15:1a:d5:8e:ca:b1:99:f6:b8:52:72:48:6f:
06:0a:60:8d:fc:7b:2d:25:57:68:ea:a0:65:09:ba:
45:35:e1:5e:78:9c:b8:3b:f0:39:5c:e5:c9:c4:6e:
39:34:94:d9:32:eb:5d:9e:a0:ad:2f:14:60:35:16:
ba:d3:f6:43:cd:54:b8:f4:08:a9:65:e6:e0:d9:1b:
43:d3:74:b6:c9:3c:13:31:d7:c5:55:1c:4e:21:95:
99:09:0c:dd:60:12:fd:0e:31:fe:98:c9:73:1c:40:
f9:25:2b:d6:97:a7:a3:e8:20:05:27:56:d8:a7:ef:
f3:f3:5f:8e:99:b7:72:c7:9e:f2:61:74:de:f5:d3:
e3:7b:bf:a0:2d:30:a9:c0:ef:af:65:b3:9b:fa:47:
79:f3:17:ec:87:76:5e:3a:ab:62:83:88:7a:0f:10:
95:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C0:42:A4:6D:66:60:13:D3:D1:E9:6A:ED:A9:5E:68:B7:63:4B:10
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Y8BCpG1mYBPT0elq7aleaLdjSxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.104.0/22
185.94.248.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:90:85:5a:67:69:02:84:14:c1:37:38:a1:a1:ac:33:51:24:
c8:f8:25:e7:01:b5:fd:e0:a5:64:ce:ea:72:73:f5:11:a1:b2:
0b:f7:f0:7b:bc:3b:0e:5c:75:71:04:a0:57:76:75:57:9c:4f:
cf:65:93:01:d1:a8:7b:31:dd:5d:3e:1d:eb:73:cc:ff:86:42:
b4:ab:8b:0c:a3:02:6a:e9:f8:27:61:a8:5c:fb:93:92:1a:61:
56:55:6a:fc:2a:76:7a:c6:f4:ee:7b:f2:6c:dc:c1:2c:a7:4e:
af:1f:9f:29:cc:70:bf:8b:75:22:31:30:41:7f:14:02:7d:0e:
d2:67:b0:80:23:3d:76:9b:19:72:cc:b9:01:2b:d9:ca:34:a2:
2d:12:8b:28:22:e9:26:39:c7:d5:1d:42:91:38:ed:db:2b:de:
2e:8e:cc:7d:a1:c1:85:bf:6c:eb:c5:94:2d:71:b3:99:92:84:
33:48:55:bf:fd:81:d0:a7:8d:b2:9b:00:c4:38:db:85:fb:d5:
33:b6:1c:88:2a:53:d0:0d:c7:6d:d5:70:3d:6a:1d:89:cf:d0:
9e:06:89:e4:32:00:35:e6:21:ca:59:46:89:f8:d7:38:9d:7a:
eb:d3:58:5f:0c:7c:e2:f8:b9:d4:06:ed:52:dc:01:7e:b4:e5:
06:c3:7d:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZByf4lR1AuJ9cD5QosQS6hTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNzAyMDgxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MwNDJhNDZkNjY2MDEzZDNkMWU5NmFlZGE5NWU2OGI3NjM0YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LZqBtfXRzfNp0rX+LIhEe3KCp65
ZVKWSlPUOk5Pp4mPfuMZaw5r2TDk5eSQimA0OoysMJ4y3EJzolPzK+ellZcTl37s
FcHrCWXLr5Au72oVS914W2A+LtgeyBUa1Y7KsZn2uFJySG8GCmCN/HstJVdo6qBl
CbpFNeFeeJy4O/A5XOXJxG45NJTZMutdnqCtLxRgNRa60/ZDzVS49AipZebg2RtD
03S2yTwTMdfFVRxOIZWZCQzdYBL9DjH+mMlzHED5JSvWl6ej6CAFJ1bYp+/z81+O
mbdyx57yYXTe9dPje7+gLTCpwO+vZbOb+kd58xfsh3ZeOqtig4h6DxCVVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGPAQqRtZmAT09Hpau2pXmi3Y0sQMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWThCQ3BHMW1ZQlBUMGVscTdhbGVhTGRqU3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuR9oAwQC
uV74MA0GCSqGSIb3DQEBCwUAA4IBAQA7kIVaZ2kChBTBNzihoawzUSTI+CXnAbX9
4KVkzupyc/URobIL9/B7vDsOXHVxBKBXdnVXnE/PZZMB0ah7Md1dPh3rc8z/hkK0
q4sMowJq6fgnYahc+5OSGmFWVWr8KnZ6xvTue/Js3MEsp06vH58pzHC/i3UiMTBB
fxQCfQ7SZ7CAIz12mxlyzLkBK9nKNKItEosoIukmOcfVHUKROO3bK94ujsx9ocGF
v2zrxZQtcbOZkoQzSFW//YHQp42ymwDEONuF+9UzthyIKlPQDcdt1XA9ah2Jz9Ce
BonkMgA15iHKWUaJ+Nc4nXrr01hfDHzi+LnUBu1S3AF+tOUGw33I
-----END CERTIFICATE-----
Generated at Fri Sep 6 12:54:51 2024 by rpki-client on console-fra.rpki-client.org