Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/cPyddnGkdn2PBwf-H8krGXfVBSk.roa
File: cPyddnGkdn2PBwf-H8krGXfVBSk.roa (raw, json)
Hash identifier: 4MM3m+rO9GIlWGmU3FJrThkOIPxz+EigkH6Qn6Zddl4=
Subject key identifier: 70:FC:9D:76:71:A4:76:7D:8F:07:07:FE:1F:C9:2B:19:77:D5:05:29
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 0188E4577546608C148F43BBF8CE8BD5F70E
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/cPyddnGkdn2PBwf-H8krGXfVBSk.roa
Signing time: Thu 22 Jun 2023 18:21:56 +0000
ROA not before: Thu 22 Jun 2023 18:21:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 83.229.66.0/24 maxlen: 32
193.32.96.0/23 maxlen: 32
193.32.98.0/23 maxlen: 32
80.240.98.0/23 maxlen: 32
217.194.136.0/24 maxlen: 32
217.194.136.0/23 maxlen: 32
193.47.56.0/22 maxlen: 32
195.216.128.0/22 maxlen: 32
103.14.104.0/22 maxlen: 32
194.99.60.0/23 maxlen: 32
194.99.62.0/23 maxlen: 32
212.103.56.0/22 maxlen: 32
185.18.40.0/22 maxlen: 32
31.12.76.0/23 maxlen: 32
31.12.78.0/23 maxlen: 32
185.51.23.0/24 maxlen: 32
46.149.160.0/22 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e4:57:75:46:60:8c:14:8f:43:bb:f8:ce:8b:d5:f7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jun 22 18:21:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70fc9d7671a4767d8f0707fe1fc92b1977d50529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:81:b3:5f:88:96:47:f6:9e:52:86:99:e7:3a:
55:ea:60:22:8c:c5:83:ea:91:2b:17:72:33:a8:d7:
14:43:5d:6d:17:ea:07:8e:f5:28:6d:59:f3:8c:73:
bd:fd:c2:98:ca:1d:1b:3e:20:86:10:b2:c5:8c:f1:
48:f0:74:da:98:d3:30:28:2e:98:9b:1b:27:3c:25:
56:02:e7:f8:86:00:ab:d0:f6:48:87:fe:d8:cc:f7:
f4:5d:2e:cb:48:2e:d5:f1:c9:8a:b8:95:d1:75:91:
bf:64:43:01:02:c8:28:8c:7c:82:ac:11:f3:26:99:
79:9f:31:c0:29:08:88:2b:71:80:d3:41:99:6d:52:
64:8b:ba:bd:f6:35:b1:bf:dc:73:40:59:4b:99:c7:
aa:e9:f9:ce:3a:1a:f7:59:79:53:8d:f9:bd:25:d1:
69:a8:c6:db:3a:2d:9c:f9:a2:27:46:da:4d:5e:08:
bb:c5:36:92:27:a1:fb:f7:ba:7e:1b:81:8d:d5:fb:
ec:94:bb:5b:b9:36:62:65:a5:82:3a:29:18:ae:96:
63:0d:01:ad:f1:7f:4b:d0:3a:99:61:43:b2:84:38:
d2:92:0e:ad:f5:be:6f:5a:2c:3a:49:68:33:f3:e6:
b4:09:03:98:0d:1d:af:8d:d0:d6:e6:74:e6:40:8d:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FC:9D:76:71:A4:76:7D:8F:07:07:FE:1F:C9:2B:19:77:D5:05:29
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/cPyddnGkdn2PBwf-H8krGXfVBSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.76.0/22
46.149.160.0/22
80.240.98.0/23
83.229.66.0/24
103.14.104.0/22
185.18.40.0/22
185.51.23.0/24
193.32.96.0/22
193.47.56.0/22
194.99.60.0/22
195.216.128.0/22
212.103.56.0/22
217.194.136.0/23
Signature Algorithm: sha256WithRSAEncryption
39:d1:88:fa:d6:94:9b:84:44:a7:42:02:ff:3b:34:45:2b:e3:
f7:9e:ad:cf:77:20:53:37:dc:bf:c7:2f:05:e0:db:3a:97:54:
58:b5:e9:2c:e9:3a:6a:04:27:60:3b:fd:77:30:b1:27:4c:2b:
eb:39:85:83:69:03:2e:de:7f:c0:f5:a1:af:65:0d:bd:1c:52:
a3:80:e2:65:b4:c4:61:ff:9c:9f:e4:ed:2e:4d:8e:b8:c8:a2:
06:15:06:c2:bf:29:37:4c:85:ab:f2:7f:e4:4c:03:7e:ee:66:
b5:38:b9:84:bc:2e:37:3d:7e:28:f5:84:75:90:0c:e5:3c:16:
7a:5a:92:d2:42:7c:3e:62:db:e0:4a:8e:39:83:09:c6:86:2a:
45:5b:77:97:77:fb:8c:e7:23:ca:4e:6b:51:fc:10:4e:59:48:
92:c1:67:37:f5:25:66:ef:9e:67:c9:cf:93:f2:8b:96:22:e6:
44:ce:2e:51:c5:d6:ae:cd:af:6d:20:b3:03:c5:c5:b4:d2:e1:
bf:7b:8b:95:ad:2d:17:9e:a3:3d:8c:7d:77:e7:72:d3:bf:8c:
1c:2c:1f:62:69:15:6a:e9:55:92:d1:6d:91:7e:8f:c1:6f:b5:
c6:62:47:82:de:a7:33:50:f1:ec:87:30:5c:65:ce:3f:30:04:
3d:00:07:4f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYjkV3VGYIwUj0O7+M6L1fcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjMwNjIyMTgyMTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGZjOWQ3NjcxYTQ3NjdkOGYwNzA3ZmUxZmM5MmIxOTc3ZDUwNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoGzX4iWR/aeUoaZ5zpV6mAijMWD
6pErF3IzqNcUQ11tF+oHjvUobVnzjHO9/cKYyh0bPiCGELLFjPFI8HTamNMwKC6Y
mxsnPCVWAuf4hgCr0PZIh/7YzPf0XS7LSC7V8cmKuJXRdZG/ZEMBAsgojHyCrBHz
Jpl5nzHAKQiIK3GA00GZbVJki7q99jWxv9xzQFlLmceq6fnOOhr3WXlTjfm9JdFp
qMbbOi2c+aInRtpNXgi7xTaSJ6H797p+G4GN1fvslLtbuTZiZaWCOikYrpZjDQGt
8X9L0DqZYUOyhDjSkg6t9b5vWiw6SWgz8+a0CQOYDR2vjdDW5nTmQI3FTQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHD8nXZxpHZ9jwcH/h/JKxl31QUpMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvY1B5ZGRuR2tkbjJQQndmLUg4a3JHWGZWQlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCHwxMAwQC
LpWgAwQBUPBiAwQAU+VCAwQCZw5oAwQCuRIoAwQAuTMXAwQCwSBgAwQCwS84AwQC
wmM8AwQCw9iAAwQC1Gc4AwQB2cKIMA0GCSqGSIb3DQEBCwUAA4IBAQA50Yj61pSb
hESnQgL/OzRFK+P3nq3PdyBTN9y/xy8F4Ns6l1RYteks6TpqBCdgO/13MLEnTCvr
OYWDaQMu3n/A9aGvZQ29HFKjgOJltMRh/5yf5O0uTY64yKIGFQbCvyk3TIWr8n/k
TAN+7ma1OLmEvC43PX4o9YR1kAzlPBZ6WpLSQnw+YtvgSo45gwnGhipFW3eXd/uM
5yPKTmtR/BBOWUiSwWc39SVm755nyc+T8ouWIuZEzi5Rxdauza9tILMDxcW00uG/
e4uVrS0XnqM9jH1353LTv4wcLB9iaRVq6VWS0W2Rfo/Bb7XGYkeC3qczUPHshzBc
Zc4/MAQ9AAdP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org