Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/1-cag1UmtxXT0TG4sjhulDcO01Sk.roa
File: 1-cag1UmtxXT0TG4sjhulDcO01Sk.roa (raw, json)
Hash identifier: l1Wvc09PPg+rnK9qqJolgDiC5fjLvl71ChtaGS1hnAE=
Subject key identifier: F9:C6:A0:D5:49:AD:C5:74:F4:4C:6E:2C:8E:1B:A5:0D:C3:B4:D5:29
Certificate issuer: /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial: 018692CBA750BFF9415C7CB002232CCFA68D
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/1-cag1UmtxXT0TG4sjhulDcO01Sk.roa
Signing time: Mon 27 Feb 2023 12:14:25 +0000
ROA not before: Mon 27 Feb 2023 12:14:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50290
IP address blocks: 31.15.124.0/22 maxlen: 22
109.69.32.0/22 maxlen: 22
109.69.32.0/21 maxlen: 21
185.74.174.0/24 maxlen: 24
185.74.174.0/23 maxlen: 23
46.30.132.0/22 maxlen: 22
46.30.130.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:cb:a7:50:bf:f9:41:5c:7c:b0:02:23:2c:cf:a6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Validity
Not Before: Feb 27 12:14:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9c6a0d549adc574f44c6e2c8e1ba50dc3b4d529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ee:99:29:90:d8:14:0c:43:e1:95:03:89:e9:
36:4a:93:28:c8:4f:6d:39:69:27:24:0b:4d:5a:36:
76:c7:73:70:33:fc:39:c9:f5:c8:61:ff:c4:96:22:
79:f2:51:3c:0c:d1:53:5d:3b:b8:6a:ad:97:84:7f:
82:bb:a2:9c:1d:13:4f:3c:3c:97:6d:ff:b1:8a:9d:
aa:70:c0:de:0c:7a:47:7d:59:01:6c:f2:c4:08:cb:
ca:48:b2:19:db:a0:4d:d2:b0:d6:26:23:0e:a0:0d:
27:76:a8:98:df:86:f2:af:10:79:b8:4b:27:d3:81:
22:c0:25:0f:4d:f1:a0:87:3e:a8:4c:1f:1d:f6:2a:
00:9f:e8:c7:a4:05:3d:12:77:54:e8:12:a8:c5:cd:
9e:82:7e:fd:c1:65:c6:98:42:c3:6a:55:e0:0b:b1:
0e:0b:e0:5f:8f:6e:47:15:43:1d:b2:6d:6f:99:5a:
f8:78:c4:60:67:c9:20:63:f9:a3:c2:21:af:f4:9e:
05:d3:ba:11:cb:58:50:58:2b:0c:1f:7a:7c:29:df:
4a:b1:08:07:bc:ee:28:ae:f0:32:3f:0d:ad:de:5e:
b8:91:a3:c9:79:5f:a1:26:85:a6:97:77:40:ba:57:
41:86:07:6e:64:ec:d2:89:78:db:e6:58:d2:5f:f4:
0f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C6:A0:D5:49:AD:C5:74:F4:4C:6E:2C:8E:1B:A5:0D:C3:B4:D5:29
X509v3 Authority Key Identifier:
keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/1-cag1UmtxXT0TG4sjhulDcO01Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.124.0/22
46.30.130.0-46.30.135.255
109.69.32.0/21
185.74.174.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:3c:2f:e5:b9:5f:b4:88:8b:92:75:d5:69:eb:cd:21:d4:ed:
df:71:6c:bb:1f:cb:37:ed:35:20:a9:a8:02:33:a0:20:0a:78:
06:fa:35:85:76:37:b4:14:b3:57:44:c8:5d:9c:e6:0d:b1:97:
16:b6:24:69:c0:2c:6b:16:13:24:2e:c1:c9:79:31:95:28:3a:
0b:bc:b0:ea:d6:16:43:93:05:99:4a:fd:95:10:ae:cc:d5:d9:
53:34:ee:01:c1:68:50:a5:a1:44:14:b0:7e:2b:95:a3:0f:cb:
7c:36:6c:6a:ac:81:27:06:43:6a:54:83:e1:43:16:e7:d8:30:
4f:d5:cc:dd:0f:ad:6c:93:bf:17:cc:71:27:f7:fc:b1:ce:7a:
51:c8:c7:4c:b6:98:a0:cb:ba:a7:9e:ed:8f:70:00:3b:92:86:
18:81:65:7d:fd:d4:26:06:3e:10:b3:4f:bf:c2:fe:e6:36:44:
eb:10:a1:90:9c:e8:f7:80:61:d0:ac:86:06:4f:0e:02:b6:cf:
13:61:97:e1:94:82:62:7f:ba:59:4d:05:9b:66:6e:2c:b4:7a:
aa:d9:17:6e:d5:01:ca:2c:1c:4c:05:40:4d:fe:ba:c6:d4:95:
7a:d6:42:50:dd:61:22:75:64:7e:f3:05:65:2b:a2:6a:7e:de:
be:99:0a:c4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYaSy6dQv/lBXHywAiMsz6aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjMwMjI3MTIxNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWM2YTBkNTQ5YWRjNTc0ZjQ0YzZlMmM4ZTFiYTUwZGMzYjRkNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+6ZKZDYFAxD4ZUDiek2SpMoyE9t
OWknJAtNWjZ2x3NwM/w5yfXIYf/EliJ58lE8DNFTXTu4aq2XhH+Cu6KcHRNPPDyX
bf+xip2qcMDeDHpHfVkBbPLECMvKSLIZ26BN0rDWJiMOoA0ndqiY34byrxB5uEsn
04EiwCUPTfGghz6oTB8d9ioAn+jHpAU9EndU6BKoxc2egn79wWXGmELDalXgC7EO
C+Bfj25HFUMdsm1vmVr4eMRgZ8kgY/mjwiGv9J4F07oRy1hQWCsMH3p8Kd9KsQgH
vO4orvAyPw2t3l64kaPJeV+hJoWml3dAuldBhgduZOzSiXjb5ljSX/QPhQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPnGoNVJrcV09ExuLI4bpQ3DtNUpMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvMS1jYWcxVW10eFhUMFRHNHNqaHVsRGNPMDFTay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2YvMGRkYTQyLTUzYTUtNGFiYS04NmFlLTYzOWUxNGQwNGRl
Ni8xL2dtZjdTZ3RuZTROM2tIdUMteC00Z1Fvdjd3Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAh8PfDAM
AwQBLh6CAwQDLh6AAwQDbUUgAwQBuUquMA0GCSqGSIb3DQEBCwUAA4IBAQAfPC/l
uV+0iIuSddVp680h1O3fcWy7H8s37TUgqagCM6AgCngG+jWFdje0FLNXRMhdnOYN
sZcWtiRpwCxrFhMkLsHJeTGVKDoLvLDq1hZDkwWZSv2VEK7M1dlTNO4BwWhQpaFE
FLB+K5WjD8t8NmxqrIEnBkNqVIPhQxbn2DBP1czdD61sk78XzHEn9/yxznpRyMdM
tpigy7qnnu2PcAA7koYYgWV9/dQmBj4Qs0+/wv7mNkTrEKGQnOj3gGHQrIYGTw4C
ts8TYZfhlIJif7pZTQWbZm4stHqq2Rdu1QHKLBxMBUBN/rrG1JV61kJQ3WEidWR+
8wVlK6Jqft6+mQrE
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:11 2023 by rpki-client on console-fra.rpki-client.org