Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/ubf4EQIZ85zAdHFY_39REY3gCMQ.roa
File: ubf4EQIZ85zAdHFY_39REY3gCMQ.roa (raw, json)
Hash identifier: fnsZs2XtHfr5aDC6gbGlKzkT4mlh9TDtGsFeZiPqqDM=
Subject key identifier: B9:B7:F8:11:02:19:F3:9C:C0:74:71:58:FF:7F:51:11:8D:E0:08:C4
Certificate issuer: /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial: 018678E9DA693BCE1F9B148F5906CCFABD1A
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/ubf4EQIZ85zAdHFY_39REY3gCMQ.roa
Signing time: Wed 22 Feb 2023 11:37:17 +0000
ROA not before: Wed 22 Feb 2023 11:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50290
IP address blocks: 31.15.124.0/22 maxlen: 22
109.69.32.0/22 maxlen: 22
185.74.174.0/24 maxlen: 24
185.74.174.0/23 maxlen: 23
46.30.132.0/22 maxlen: 22
46.30.130.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 Feb 2023 12:14:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:78:e9:da:69:3b:ce:1f:9b:14:8f:59:06:cc:fa:bd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Validity
Not Before: Feb 22 11:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9b7f8110219f39cc0747158ff7f51118de008c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ac:9c:09:a4:35:56:da:36:64:28:1f:f3:f1:
e0:3b:b8:51:19:a7:de:f4:2b:1c:58:f3:fd:ca:78:
46:65:3f:9b:26:4f:ed:c7:e9:2e:c3:34:ff:a1:3e:
ec:63:be:e3:72:72:e7:21:be:d0:b2:44:14:89:2f:
91:30:e4:24:32:2b:c4:05:24:b5:76:79:3c:69:82:
f1:19:7b:f8:76:f0:d5:7c:5b:26:4b:ea:05:e3:22:
36:7d:69:ba:8d:18:c1:0e:ae:d3:71:fc:60:e8:5a:
b0:98:59:a7:63:af:9f:43:b7:e6:0f:eb:71:04:55:
90:f4:a8:b0:56:8a:1d:99:a8:8e:73:53:b8:3b:35:
7e:fe:c0:8a:9a:92:58:a1:18:08:33:94:06:82:b2:
1c:49:52:4e:4c:8e:79:5b:b8:83:43:ef:01:ee:fc:
bd:b0:3c:43:ac:b9:a8:2b:b9:03:9e:24:98:ed:77:
7c:c2:62:e2:ef:7e:fb:18:88:72:42:e9:6b:c6:3d:
6b:47:ae:60:63:8b:e7:01:7d:2d:96:36:6f:cd:02:
94:23:70:55:a4:50:15:84:fc:75:0e:4b:6a:a4:13:
6d:7e:19:20:ce:29:1b:5d:2c:ec:66:be:d4:6e:ac:
44:59:14:4b:03:40:2a:c5:57:95:b4:7f:27:d3:7b:
b1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B7:F8:11:02:19:F3:9C:C0:74:71:58:FF:7F:51:11:8D:E0:08:C4
X509v3 Authority Key Identifier:
keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/ubf4EQIZ85zAdHFY_39REY3gCMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.124.0/22
46.30.130.0-46.30.135.255
109.69.32.0/22
185.74.174.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:88:15:53:e6:aa:5e:7a:a0:f5:d3:76:43:f5:00:76:a0:10:
55:2e:39:43:d9:14:d1:7c:a6:3a:52:e8:3f:89:f7:23:f8:35:
42:b1:94:e2:3a:0e:26:47:78:a9:5c:07:74:3d:8a:cc:98:06:
ad:0e:41:0b:5d:a1:27:9a:b2:dd:7a:c0:bc:35:b3:ad:d0:39:
e6:a0:b4:56:bb:b9:83:62:69:15:a0:75:83:ee:22:88:31:df:
e4:f4:fa:8d:a9:a5:d7:50:e3:f7:eb:5d:52:51:9c:36:d2:d1:
75:98:6e:d6:ed:6e:13:bf:e2:20:e8:76:c0:c3:72:7d:df:d6:
d0:22:f9:a2:5c:8f:d3:64:0d:85:8a:07:0c:85:d0:a5:10:00:
98:ef:ac:9e:64:78:24:97:87:f5:61:a2:fd:c9:1e:88:e2:6f:
f7:a3:69:e6:72:5b:f4:e2:94:28:15:4a:30:41:36:c4:d8:1b:
2f:4c:76:c5:b3:ae:2d:b2:a3:b9:76:6d:5d:d7:99:b8:4f:cd:
d9:9b:2f:bb:81:95:41:93:59:c8:e3:64:39:fe:40:34:b6:0c:
b2:80:ae:bb:cb:81:5b:be:37:e0:99:a0:cb:3a:38:3e:0f:6f:
39:bb:4e:15:3e:f7:6a:42:0b:0a:d0:b3:83:d9:06:05:f2:cf:
51:75:84:13
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZ46dppO84fmxSPWQbM+r0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjMwMjIyMTEzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWI3ZjgxMTAyMTlmMzljYzA3NDcxNThmZjdmNTExMThkZTAwOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqycCaQ1Vto2ZCgf8/HgO7hRGafe
9CscWPP9ynhGZT+bJk/tx+kuwzT/oT7sY77jcnLnIb7QskQUiS+RMOQkMivEBSS1
dnk8aYLxGXv4dvDVfFsmS+oF4yI2fWm6jRjBDq7Tcfxg6FqwmFmnY6+fQ7fmD+tx
BFWQ9KiwVoodmaiOc1O4OzV+/sCKmpJYoRgIM5QGgrIcSVJOTI55W7iDQ+8B7vy9
sDxDrLmoK7kDniSY7Xd8wmLi7377GIhyQulrxj1rR65gY4vnAX0tljZvzQKUI3BV
pFAVhPx1DktqpBNtfhkgzikbXSzsZr7UbqxEWRRLA0AqxVeVtH8n03uxSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLm3+BECGfOcwHRxWP9/URGN4AjEMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvdWJmNEVRSVo4NXpBZEhGWV8zOVJFWTNnQ01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCHw98MAwD
BAEuHoIDBAMuHoADBAJtRSADBAG5Sq4wDQYJKoZIhvcNAQELBQADggEBAHyIFVPm
ql56oPXTdkP1AHagEFUuOUPZFNF8pjpS6D+J9yP4NUKxlOI6DiZHeKlcB3Q9isyY
Bq0OQQtdoSeast16wLw1s63QOeagtFa7uYNiaRWgdYPuIogx3+T0+o2ppddQ4/fr
XVJRnDbS0XWYbtbtbhO/4iDodsDDcn3f1tAi+aJcj9NkDYWKBwyF0KUQAJjvrJ5k
eCSXh/Vhov3JHojib/ejaeZyW/TilCgVSjBBNsTYGy9MdsWzri2yo7l2bV3XmbhP
zdmbL7uBlUGTWcjjZDn+QDS2DLKArrvLgVu+N+CZoMs6OD4Pbzm7ThU+92pCCwrQ
s4PZBgXyz1F1hBM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:04 2024 by rpki-client on console-ams.rpki-client.org