Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/fkZvOEG18XGNL6M4tgodyzib11Y.roa
File: fkZvOEG18XGNL6M4tgodyzib11Y.roa (raw, json)
Hash identifier: ilBBgEVM4HakRErmTzB88mmsFQ7zzBTam+uqa/3MKUI=
Subject key identifier: 7E:46:6F:38:41:B5:F1:71:8D:2F:A3:38:B6:0A:1D:CB:38:9B:D7:56
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 018E487CD8E429C197895CACB84B9A2381FC
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/fkZvOEG18XGNL6M4tgodyzib11Y.roa
Signing time: Sat 16 Mar 2024 18:18:45 +0000
ROA not before: Sat 16 Mar 2024 18:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56582
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 29 May 2024 10:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:7c:d8:e4:29:c1:97:89:5c:ac:b8:4b:9a:23:81:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Mar 16 18:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e466f3841b5f1718d2fa338b60a1dcb389bd756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:79:e4:ff:09:f8:ae:3a:0d:f7:fe:7d:95:1a:
b0:ac:d9:68:cf:82:18:71:91:a0:28:e2:8d:7d:da:
5f:e7:4f:e4:59:ae:d0:e1:5b:4a:02:e3:fa:95:e9:
f0:6c:7b:a2:e5:5e:0b:20:8d:21:79:f2:0e:37:9c:
fd:d0:95:f5:bc:7e:30:14:e3:6d:01:84:c9:54:56:
99:6b:ed:67:86:8a:f1:f5:e2:26:68:2f:9a:50:24:
8c:2e:b1:47:f4:46:0e:89:fb:10:32:4c:25:66:45:
d9:93:bf:23:f3:a2:d5:1b:82:1b:9e:a2:2e:ae:5b:
7b:1a:a8:69:a5:2d:b3:3e:12:2f:3e:ba:92:0b:f6:
b2:4d:d1:b0:af:88:98:a8:b2:c8:54:3a:db:86:ff:
6c:26:9e:4a:4d:a7:b6:23:e4:8c:5b:91:43:9d:75:
c3:ca:7c:e1:2c:43:06:f3:eb:b9:ee:11:bf:04:ce:
3b:ca:4e:5d:c6:7c:e3:e3:b7:24:8c:96:d1:e5:38:
7e:4c:d7:8c:7f:13:86:64:66:23:1a:5c:07:dd:d6:
6b:42:74:6d:9c:84:d5:46:da:a3:6e:de:90:4f:4b:
87:5b:54:47:af:13:bc:78:e5:2b:88:dd:c5:10:dc:
37:89:89:be:57:88:4f:bd:24:4b:bf:97:33:02:23:
dd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:46:6F:38:41:B5:F1:71:8D:2F:A3:38:B6:0A:1D:CB:38:9B:D7:56
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/fkZvOEG18XGNL6M4tgodyzib11Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0-31.169.78.255
31.169.81.0-31.169.82.255
31.169.84.0/24
31.169.92.0/22
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
7c:fb:2d:98:8a:61:d5:70:aa:bd:a6:52:5f:66:0e:91:b2:3d:
fe:17:74:7a:c4:f7:69:83:db:79:72:09:eb:cd:44:85:09:d5:
98:d3:c9:5f:67:68:02:50:4f:32:1a:1b:60:4c:01:58:97:9e:
37:25:de:50:e2:2b:28:27:bd:79:90:c4:1b:48:8f:90:48:93:
bf:b5:8f:21:30:d1:d1:66:e6:35:b4:0b:69:72:6a:83:93:8d:
d4:31:11:46:ce:bd:de:be:3d:7f:7b:53:7f:50:59:2d:ad:ef:
50:80:b3:8a:6f:85:55:99:32:bd:67:42:21:58:8d:41:76:82:
41:c6:b7:5a:60:20:7b:3b:82:5c:e9:4c:ac:54:ec:9f:00:b4:
f9:1e:6d:6a:1b:be:1b:da:42:75:67:86:a3:89:ce:6a:ec:8d:
67:56:da:c1:71:81:7f:85:f9:8f:33:33:ab:95:78:cf:27:b1:
00:06:91:99:3a:a8:44:d7:58:66:89:91:9f:8a:75:9f:de:be:
f2:e6:74:aa:49:1d:5c:f1:c8:64:2d:2a:44:41:18:29:38:44:
9e:96:00:12:85:b5:11:14:41:b4:66:5a:07:00:9a:eb:b4:b7:
bc:86:67:ae:75:c9:fb:68:6a:a1:8d:6d:52:74:f6:5f:7a:83:
31:08:0b:88
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY5IfNjkKcGXiVysuEuaI4H8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjQwMzE2MTgxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ2NmYzODQxYjVmMTcxOGQyZmEzMzhiNjBhMWRjYjM4OWJkNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3nk/wn4rjoN9/59lRqwrNloz4IY
cZGgKOKNfdpf50/kWa7Q4VtKAuP6lenwbHui5V4LII0hefION5z90JX1vH4wFONt
AYTJVFaZa+1nhorx9eImaC+aUCSMLrFH9EYOifsQMkwlZkXZk78j86LVG4IbnqIu
rlt7GqhppS2zPhIvPrqSC/ayTdGwr4iYqLLIVDrbhv9sJp5KTae2I+SMW5FDnXXD
ynzhLEMG8+u57hG/BM47yk5dxnzj47ckjJbR5Th+TNeMfxOGZGYjGlwH3dZrQnRt
nITVRtqjbt6QT0uHW1RHrxO8eOUriN3FENw3iYm+V4hPvSRLv5czAiPdGwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFH5GbzhBtfFxjS+jOLYKHcs4m9dWMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvZmtadk9FRzE4WEdOTDZNNHRnb2R5emliMTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUowDAMEAh+pTAMEAB+pTjAMAwQAH6lRAwQAH6lSAwQA
H6lUAwQCH6lcAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEBCwUAA4IB
AQB8+y2YimHVcKq9plJfZg6Rsj3+F3R6xPdpg9t5cgnrzUSFCdWY08lfZ2gCUE8y
GhtgTAFYl543Jd5Q4isoJ715kMQbSI+QSJO/tY8hMNHRZuY1tAtpcmqDk43UMRFG
zr3evj1/e1N/UFktre9QgLOKb4VVmTK9Z0IhWI1BdoJBxrdaYCB7O4Jc6UysVOyf
ALT5Hm1qG74b2kJ1Z4ajic5q7I1nVtrBcYF/hfmPMzOrlXjPJ7EABpGZOqhE11hm
iZGfinWf3r7y5nSqSR1c8chkLSpEQRgpOESelgAShbURFEG0ZloHAJrrtLe8hmeu
dcn7aGqhjW1SdPZfeoMxCAuI
-----END CERTIFICATE-----
Generated at Wed May 29 16:34:29 2024 by rpki-client on console-ams.rpki-client.org