Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/T9vQH4Z_v5ySOu-VNJykQI0FQpQ.roa
File: T9vQH4Z_v5ySOu-VNJykQI0FQpQ.roa (raw, json)
Hash identifier: oQaQU0acTEwcznv97b5kPXvK+xWBu+H8IqVh7/5Y96k=
Subject key identifier: 4F:DB:D0:1F:86:7F:BF:9C:92:3A:EF:95:34:9C:A4:40:8D:05:42:94
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018A1D391935063A500BA1AB330713DE0BB1
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/T9vQH4Z_v5ySOu-VNJykQI0FQpQ.roa
Signing time: Tue 22 Aug 2023 12:29:55 +0000
ROA not before: Tue 22 Aug 2023 12:29:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205020
IP address blocks: 85.31.94.0/23 maxlen: 23
80.251.0.0/20 maxlen: 20
85.31.64.0/19 maxlen: 19
5.11.28.0/22 maxlen: 22
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Aug 2023 10:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1d:39:19:35:06:3a:50:0b:a1:ab:33:07:13:de:0b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 22 12:29:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fdbd01f867fbf9c923aef95349ca4408d054294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:81:c6:8c:55:e2:67:a6:68:b5:e0:80:f3:
cf:29:aa:13:0a:c2:1f:b8:16:70:63:60:63:c9:86:
e1:70:9c:7b:4d:4a:a3:3e:f2:7f:26:31:c7:41:3d:
f3:e9:ca:22:eb:c0:cc:0b:36:99:79:46:59:6e:93:
d6:99:23:ff:9f:76:08:9c:c1:76:28:c5:d4:a5:82:
d8:b7:ea:38:bf:66:16:0b:4c:7a:4f:cf:ff:cd:8f:
21:97:55:5c:07:ca:2b:e6:2d:96:ea:8b:7e:ab:93:
4b:96:6e:55:6c:02:75:3e:03:d0:be:84:ce:9e:fe:
63:85:f7:29:70:eb:e9:b9:a7:d3:67:00:cd:86:ee:
49:ba:54:53:7f:65:80:af:2f:aa:cd:93:43:4f:0e:
c4:d1:d5:e4:29:5e:d4:5f:cc:90:3e:d9:16:43:5f:
5a:ef:f9:9b:4e:a6:24:c1:0b:4d:c4:04:a5:e0:13:
24:cd:00:d0:05:98:86:8b:19:d4:85:59:96:34:90:
05:a8:81:43:b7:f2:05:5c:da:ef:77:d1:01:c2:e8:
84:aa:b4:7b:3e:43:60:fe:1b:aa:95:c7:ed:8f:70:
00:19:bc:c6:c8:e6:bf:be:73:4b:28:9a:2a:c8:f7:
e7:e7:02:ac:e2:a1:f2:d5:51:51:64:27:ab:6a:05:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DB:D0:1F:86:7F:BF:9C:92:3A:EF:95:34:9C:A4:40:8D:05:42:94
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/T9vQH4Z_v5ySOu-VNJykQI0FQpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.28.0/22
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
45:17:81:5c:81:54:f6:b0:4f:ca:46:f6:7d:ae:d1:47:bb:0b:
b5:e5:eb:bb:07:b3:62:e6:ef:b8:c2:12:77:11:b1:ec:9f:53:
da:2c:cf:58:5b:d0:8a:86:e8:54:62:2d:2e:92:20:5a:f6:ee:
28:58:2d:4f:65:3c:eb:a7:a8:f0:a0:67:ab:48:14:86:4a:73:
84:a0:de:44:74:6d:69:59:27:cf:62:bc:7a:e8:4b:21:c8:7f:
e0:44:83:b3:29:d7:d1:66:6f:8a:aa:87:fa:9c:6a:f1:55:22:
a3:62:29:05:5e:19:2f:5a:c2:ce:5f:a7:94:6d:08:97:08:8a:
d4:42:16:e6:02:2d:27:87:e3:e6:6c:97:8d:50:30:fa:17:72:
4d:c3:3c:61:3e:cb:56:a1:bd:2c:50:01:fe:b7:d8:53:a5:82:
87:8c:b1:d5:2a:cb:a3:4d:df:b0:b3:3d:a9:f6:a7:60:5a:ac:
6a:9c:3c:aa:01:eb:97:5c:7b:f2:a3:fd:5f:eb:78:3d:76:f0:
20:c5:93:a9:07:1c:79:c5:44:59:e5:2e:79:d0:9d:ae:ea:40:
23:c4:b1:5e:e3:e4:fc:60:6e:2b:10:73:fb:c7:e1:d3:9b:20:
49:9a:71:02:84:b9:fc:9e:10:01:8b:dd:50:f1:24:c8:98:60:
9b:17:79:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYodORk1BjpQC6GrMwcT3guxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODIyMTIyOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmRiZDAxZjg2N2ZiZjljOTIzYWVmOTUzNDljYTQ0MDhkMDU0Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPaBxoxV4memaLXggPPPKaoTCsIf
uBZwY2BjyYbhcJx7TUqjPvJ/JjHHQT3z6coi68DMCzaZeUZZbpPWmSP/n3YInMF2
KMXUpYLYt+o4v2YWC0x6T8//zY8hl1VcB8or5i2W6ot+q5NLlm5VbAJ1PgPQvoTO
nv5jhfcpcOvpuafTZwDNhu5JulRTf2WAry+qzZNDTw7E0dXkKV7UX8yQPtkWQ19a
7/mbTqYkwQtNxASl4BMkzQDQBZiGixnUhVmWNJAFqIFDt/IFXNrvd9EBwuiEqrR7
PkNg/huqlcftj3AAGbzGyOa/vnNLKJoqyPfn5wKs4qHy1VFRZCeragVo0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE/b0B+Gf7+ckjrvlTScpECNBUKUMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvVDl2UUg0Wl92NXlTT3UtVk5KeWtRSTBGUXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBQscAwQE
UPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQBFF4FcgVT2sE/KRvZ9rtFHuwu1
5eu7B7Ni5u+4whJ3EbHsn1PaLM9YW9CKhuhUYi0ukiBa9u4oWC1PZTzrp6jwoGer
SBSGSnOEoN5EdG1pWSfPYrx66EshyH/gRIOzKdfRZm+Kqof6nGrxVSKjYikFXhkv
WsLOX6eUbQiXCIrUQhbmAi0nh+PmbJeNUDD6F3JNwzxhPstWob0sUAH+t9hTpYKH
jLHVKsujTd+wsz2p9qdgWqxqnDyqAeuXXHvyo/1f63g9dvAgxZOpBxx5xURZ5S55
0J2u6kAjxLFe4+T8YG4rEHP7x+HTmyBJmnEChLn8nhABi91Q8STImGCbF3kR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org