Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/hEHAiIUuX4l4gymolmuvyxGlgCE.roa
File: hEHAiIUuX4l4gymolmuvyxGlgCE.roa (raw, json)
Hash identifier: cMFN96mw47Q9aPJ20+snR2LINplIJStpWZsguqVYDqM=
Subject key identifier: 84:41:C0:88:85:2E:5F:89:78:83:29:A8:96:6B:AF:CB:11:A5:80:21
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0185728CA8BAF5915E8B493069AE627DD383
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/hEHAiIUuX4l4gymolmuvyxGlgCE.roa
Signing time: Mon 02 Jan 2023 12:54:58 +0000
ROA not before: Mon 02 Jan 2023 12:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.83.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.80.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Aug 2023 13:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:a8:ba:f5:91:5e:8b:49:30:69:ae:62:7d:d3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jan 2 12:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8441c088852e5f89788329a8966bafcb11a58021
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:b9:af:0a:07:5b:3d:ac:59:89:23:3c:5c:
f1:1b:18:8d:79:97:2c:8c:8b:54:f8:3e:de:3e:97:
5b:23:b6:3d:a0:36:50:eb:73:4f:3b:aa:79:c3:5d:
9c:64:20:e1:f8:78:91:fd:09:53:1c:d9:32:9d:35:
59:35:9d:7c:02:e2:8e:b4:3d:54:6e:5e:c2:15:4c:
ec:0a:e9:31:b4:e6:a6:cb:ce:de:f5:52:f9:69:28:
92:ab:c6:a9:c6:2d:10:5b:95:7c:29:68:2b:a7:12:
c7:89:d0:45:46:d1:1a:cb:78:b4:09:ce:6b:e4:66:
f0:7c:95:32:7e:cf:f9:75:f5:45:ab:14:06:de:75:
0a:33:0b:30:f9:ca:34:13:9c:7d:3a:3e:70:85:ec:
48:4b:38:b7:7a:3d:b9:8e:57:3a:67:57:70:7d:98:
8b:91:0b:18:8c:f1:fa:64:8e:4e:7c:b3:d7:5b:b5:
e8:c4:59:9e:74:ab:aa:a0:9b:28:68:11:cb:f1:94:
b7:11:ff:36:eb:11:e9:33:54:e3:0b:85:82:ea:e9:
67:77:42:ad:e2:de:3d:bc:f8:60:02:4a:83:7b:09:
b7:4f:d2:fd:0d:86:25:c1:76:35:a0:5c:ec:ef:b2:
8f:db:6e:88:d5:1b:f3:97:85:67:ad:87:a5:5c:b9:
76:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:41:C0:88:85:2E:5F:89:78:83:29:A8:96:6B:AF:CB:11:A5:80:21
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/hEHAiIUuX4l4gymolmuvyxGlgCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.82.0-31.169.84.255
31.169.86.0/24
31.169.88.0/24
31.169.90.0/24
Signature Algorithm: sha256WithRSAEncryption
24:88:c4:ce:8d:0f:11:d9:e9:4f:f7:5d:30:25:bb:63:bb:e5:
49:ff:56:9c:18:f9:b9:c7:f7:e7:72:de:19:d7:40:11:f1:ce:
c6:c6:b6:b0:3e:af:92:4a:ac:d6:af:7f:59:fd:99:1c:67:65:
d6:64:f8:cb:ac:3f:40:86:58:23:2c:dd:99:e2:d2:c3:4b:b9:
7a:a2:0b:91:0c:41:dd:6c:c8:74:9c:c5:88:4e:18:53:24:e3:
51:49:fb:a1:cc:98:5e:90:d5:b2:cd:30:44:27:71:c1:f9:84:
43:61:56:19:31:ba:9a:d8:97:a5:cb:2a:69:0a:c4:de:4b:5b:
3f:2d:3d:a0:4b:8c:ba:8a:87:0c:c7:98:ce:ca:38:7e:b2:ca:
5b:48:8d:8d:52:b8:e7:26:70:ef:28:d8:82:85:6d:15:22:62:
3b:d3:19:5d:b4:e4:b2:34:eb:40:c9:48:d7:e4:f7:21:7c:98:
c8:4a:e4:aa:75:3c:16:64:8b:54:24:98:3c:9c:3b:30:a6:6f:
61:d4:bb:a1:71:43:77:ac:64:ec:97:fb:f5:7f:c8:77:6b:fa:
bc:59:3e:f0:5e:18:10:e9:d3:f5:40:6c:a9:41:26:dd:4a:d2:
e8:96:ac:09:2d:ea:c4:03:06:b5:c6:c1:50:2c:53:9f:79:08:
cb:a1:eb:d2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVyjKi69ZFei0kwaa5ifdODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjMwMTAyMTI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQxYzA4ODg1MmU1Zjg5Nzg4MzI5YTg5NjZiYWZjYjExYTU4MDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2a5rwoHWz2sWYkjPFzxGxiNeZcs
jItU+D7ePpdbI7Y9oDZQ63NPO6p5w12cZCDh+HiR/QlTHNkynTVZNZ18AuKOtD1U
bl7CFUzsCukxtOamy87e9VL5aSiSq8apxi0QW5V8KWgrpxLHidBFRtEay3i0Cc5r
5GbwfJUyfs/5dfVFqxQG3nUKMwsw+co0E5x9Oj5whexISzi3ej25jlc6Z1dwfZiL
kQsYjPH6ZI5OfLPXW7XoxFmedKuqoJsoaBHL8ZS3Ef826xHpM1TjC4WC6ulnd0Kt
4t49vPhgAkqDewm3T9L9DYYlwXY1oFzs77KP226I1Rvzl4VnrYelXLl2vwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIRBwIiFLl+JeIMpqJZrr8sRpYAhMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvaEVIQWlJVXVYNGw0Z3ltb2xtdXZ5eEdsZ0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAH6lQMAwD
BAEfqVIDBAAfqVQDBAAfqVYDBAAfqVgDBAAfqVowDQYJKoZIhvcNAQELBQADggEB
ACSIxM6NDxHZ6U/3XTAlu2O75Un/VpwY+bnH9+dy3hnXQBHxzsbGtrA+r5JKrNav
f1n9mRxnZdZk+MusP0CGWCMs3Zni0sNLuXqiC5EMQd1syHScxYhOGFMk41FJ+6HM
mF6Q1bLNMEQnccH5hENhVhkxuprYl6XLKmkKxN5LWz8tPaBLjLqKhwzHmM7KOH6y
yltIjY1SuOcmcO8o2IKFbRUiYjvTGV205LI060DJSNfk9yF8mMhK5Kp1PBZki1Qk
mDycOzCmb2HUu6FxQ3esZOyX+/V/yHdr+rxZPvBeGBDp0/VAbKlBJt1K0uiWrAkt
6sQDBrXGwVAsU595CMuh69I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:56 2024 by rpki-client on console-fra.rpki-client.org