Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/pGv4AgWr-t1KDHxAYxASYZUbhSU.roa
File: pGv4AgWr-t1KDHxAYxASYZUbhSU.roa (raw, json)
Hash identifier: 00xC2kygNBAoKHEZWbql8mZ2DHuUklQOFSeazHhYHA0=
Subject key identifier: A4:6B:F8:02:05:AB:FA:DD:4A:0C:7C:40:63:10:12:61:95:1B:85:25
Certificate issuer: /CN=e87cc680c85983e7bf74498d0e6be800f86451c3
Certificate serial: 01856E2FBA69D5835671E0F34D918280392C
Authority key identifier: E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/pGv4AgWr-t1KDHxAYxASYZUbhSU.roa
Signing time: Sun 01 Jan 2023 16:34:59 +0000
ROA not before: Sun 01 Jan 2023 16:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51048
IP address blocks: 185.2.196.0/22 maxlen: 24
31.210.24.0/21 maxlen: 24
64.253.32.0/19 maxlen: 24
2a03:4300::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:ba:69:d5:83:56:71:e0:f3:4d:91:82:80:39:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e87cc680c85983e7bf74498d0e6be800f86451c3
Validity
Not Before: Jan 1 16:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46bf80205abfadd4a0c7c4063101261951b8525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:06:3d:12:fa:64:47:a3:33:5d:71:44:66:6d:
2c:01:26:a7:18:f2:c8:99:ed:9f:4e:0f:e2:ba:48:
b2:18:3b:31:2f:05:31:dd:bc:fb:b9:66:fb:10:79:
fc:35:53:5b:09:39:dd:10:39:d1:b7:f2:87:21:55:
e8:05:aa:af:97:a2:1c:b5:4e:a0:20:e2:d5:39:09:
34:76:ad:93:58:2d:36:1a:62:09:55:29:43:c9:c1:
51:d6:9a:c5:0d:2f:7f:72:10:0a:7a:fc:af:f1:40:
b8:bb:a4:b6:2f:43:15:33:37:42:d3:60:c5:af:4f:
76:8a:89:94:9c:f7:e6:cb:24:c6:53:3f:b7:df:1e:
ee:de:4c:63:79:8b:f3:be:0d:c2:b2:c1:6f:18:20:
38:fe:1c:19:6d:a3:46:5d:ca:b5:e1:91:5d:fb:5e:
5e:cf:98:93:d5:26:7e:90:d2:36:e0:f1:01:62:d3:
ce:38:d0:50:24:72:46:ab:d6:57:73:52:2f:79:58:
23:41:d9:63:0c:38:a0:1a:bd:75:b8:d4:12:be:ef:
56:6c:61:4b:94:d1:1c:30:b1:94:06:a7:56:a5:df:
6f:2c:4d:fd:3c:bf:28:d9:44:da:8d:a6:b8:79:b6:
a8:52:88:f6:cc:68:37:ca:c8:86:54:78:8d:d8:58:
b7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6B:F8:02:05:AB:FA:DD:4A:0C:7C:40:63:10:12:61:95:1B:85:25
X509v3 Authority Key Identifier:
keyid:E8:7C:C6:80:C8:59:83:E7:BF:74:49:8D:0E:6B:E8:00:F8:64:51:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6HzGgMhZg-e_dEmNDmvoAPhkUcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/pGv4AgWr-t1KDHxAYxASYZUbhSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/29af59-0b7b-4d80-8f9f-14d02e30d227/1/6HzGgMhZg-e_dEmNDmvoAPhkUcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.24.0/21
64.253.32.0/19
185.2.196.0/22
IPv6:
2a03:4300::/29
Signature Algorithm: sha256WithRSAEncryption
02:42:c4:3c:b6:50:8c:a2:cb:7f:97:82:3e:29:43:e4:45:c0:
b0:02:6f:e9:c6:37:40:1d:bf:6c:c6:32:37:02:f7:1a:73:cc:
02:f7:2d:05:24:f9:a2:a0:3c:aa:f1:fd:62:24:ef:91:2f:f5:
30:32:a6:e1:b8:06:7e:9b:ba:db:22:8e:64:89:10:4a:0c:bc:
63:86:8c:8e:30:57:90:98:c9:63:0a:57:ef:ab:23:aa:69:eb:
eb:5c:17:b5:d3:96:64:03:28:8f:41:3c:40:ad:04:69:7f:88:
e3:91:63:20:1a:53:37:9e:f2:55:41:e0:4c:ef:37:81:06:e8:
c4:e5:d0:d7:f5:bb:c5:d6:77:a7:59:0f:72:c6:0d:f3:bd:44:
fa:88:63:4b:de:e7:e4:94:6e:31:f3:79:a1:8a:cd:a0:c2:e8:
fd:88:ae:f7:e2:7b:10:ed:13:99:78:1c:fa:fe:ca:c1:1f:28:
46:e0:e8:1a:ce:9f:21:15:de:88:fa:a2:bc:b9:d1:f9:04:b4:
4c:2c:ff:22:94:ec:06:c6:c2:62:0b:76:f1:02:bf:79:81:0e:
be:83:2f:d9:3a:44:87:40:19:a0:5a:fd:ce:d1:63:98:a5:02:
7f:fd:28:b0:ec:32:d4:fe:64:a8:0d:f2:be:93:37:c3:ae:bd:
ea:77:a9:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuL7pp1YNWceDzTZGCgDksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4N2NjNjgwYzg1OTgzZTdiZjc0NDk4ZDBlNmJlODAwZjg2
NDUxYzMwHhcNMjMwMTAxMTYzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZiZjgwMjA1YWJmYWRkNGEwYzdjNDA2MzEwMTI2MTk1MWI4NTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQY9EvpkR6MzXXFEZm0sASanGPLI
me2fTg/iukiyGDsxLwUx3bz7uWb7EHn8NVNbCTndEDnRt/KHIVXoBaqvl6IctU6g
IOLVOQk0dq2TWC02GmIJVSlDycFR1prFDS9/chAKevyv8UC4u6S2L0MVMzdC02DF
r092iomUnPfmyyTGUz+33x7u3kxjeYvzvg3CssFvGCA4/hwZbaNGXcq14ZFd+15e
z5iT1SZ+kNI24PEBYtPOONBQJHJGq9ZXc1IveVgjQdljDDigGr11uNQSvu9WbGFL
lNEcMLGUBqdWpd9vLE39PL8o2UTajaa4ebaoUoj2zGg3ysiGVHiN2Fi3hwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKRr+AIFq/rdSgx8QGMQEmGVG4UlMB8GA1UdIwQY
MBaAFOh8xoDIWYPnv3RJjQ5r6AD4ZFHDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkh6R2dNaFpnLWVfZEVtTkRtdm9BUGhrVWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yOWFmNTktMGI3Yi00ZDgwLThmOWYt
MTRkMDJlMzBkMjI3LzEvcEd2NEFnV3ItdDFLREh4QVl4QVNZWlViaFNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yOWFmNTktMGI3Yi00ZDgwLThmOWYtMTRkMDJlMzBkMjI3
LzEvNkh6R2dNaFpnLWVfZEVtTkRtdm9BUGhrVWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDH9IYAwQF
QP0gAwQCuQLEMA0EAgACMAcDBQMqA0MAMA0GCSqGSIb3DQEBCwUAA4IBAQACQsQ8
tlCMost/l4I+KUPkRcCwAm/pxjdAHb9sxjI3Avcac8wC9y0FJPmioDyq8f1iJO+R
L/UwMqbhuAZ+m7rbIo5kiRBKDLxjhoyOMFeQmMljClfvqyOqaevrXBe105ZkAyiP
QTxArQRpf4jjkWMgGlM3nvJVQeBM7zeBBujE5dDX9bvF1nenWQ9yxg3zvUT6iGNL
3ufklG4x83mhis2gwuj9iK734nsQ7ROZeBz6/srBHyhG4Ogazp8hFd6I+qK8udH5
BLRMLP8ilOwGxsJiC3bxAr95gQ6+gy/ZOkSHQBmgWv3O0WOYpQJ//Siw7DLU/mSo
DfK+kzfDrr3qd6nq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:12 2024 by rpki-client on console-ams.rpki-client.org