Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/0unRgMWOJWhFkoJGSJOXyytYSB0.roa
File: 0unRgMWOJWhFkoJGSJOXyytYSB0.roa (raw, json)
Hash identifier: zhsck5Cqy/pKsi0qjJ8IUxmj3PNki0KsGZTPuCCzi+E=
Subject key identifier: D2:E9:D1:80:C5:8E:25:68:45:92:82:46:48:93:97:CB:2B:58:48:1D
Certificate issuer: /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial: 0185730CB879D2CE6A6751B11461B479EC5D
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/0unRgMWOJWhFkoJGSJOXyytYSB0.roa
Signing time: Mon 02 Jan 2023 15:14:51 +0000
ROA not before: Mon 02 Jan 2023 15:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 212.104.208.0/24 maxlen: 24
185.83.20.0/22 maxlen: 22
31.25.8.0/23 maxlen: 23
185.175.91.0/24 maxlen: 24
2a11:bd80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:b8:79:d2:ce:6a:67:51:b1:14:61:b4:79:ec:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Validity
Not Before: Jan 2 15:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2e9d180c58e256845928246489397cb2b58481d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9b:b1:65:a3:63:7b:8d:68:b9:3c:c9:8b:3b:
95:cc:34:d4:00:56:ba:14:c5:95:03:70:41:36:9a:
5c:c2:38:7a:be:f1:80:d0:2d:3a:06:ab:6e:e8:67:
7f:e1:6b:7e:c8:60:98:4d:37:57:d1:9a:de:c7:04:
c2:96:c5:e8:31:f2:a0:fe:49:39:ff:29:09:79:b7:
3c:81:80:a2:d2:d5:57:42:fc:d6:87:81:78:69:e2:
df:53:9b:e3:14:2b:75:10:f4:40:ca:f4:e5:ea:bc:
6c:37:bd:61:b3:b0:e8:aa:e6:25:31:f8:84:67:c9:
64:30:5c:ea:46:e8:63:0c:55:fa:11:bb:af:f6:be:
29:b1:42:d6:27:4b:b5:d3:0c:04:fa:ed:02:1f:48:
d2:f8:8e:1f:32:41:8b:fa:7f:1f:fa:14:97:2e:2f:
9d:e5:3c:8c:a8:57:d6:cb:83:e2:c3:7b:e1:1d:93:
8c:9b:ee:4f:a8:96:0b:cc:16:5f:fc:5a:60:0c:93:
30:0e:be:51:7b:8c:58:3d:85:2a:f0:5f:ab:71:e2:
d0:8b:53:c1:c8:2e:6c:ce:5a:ff:99:9a:39:54:53:
1d:3c:49:07:7d:38:25:4e:b4:0c:61:5d:fd:1f:89:
a8:4b:45:58:20:e2:d8:39:cd:3c:3b:89:6e:16:fb:
f5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E9:D1:80:C5:8E:25:68:45:92:82:46:48:93:97:CB:2B:58:48:1D
X509v3 Authority Key Identifier:
keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/0unRgMWOJWhFkoJGSJOXyytYSB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.8.0/23
185.83.20.0/22
185.175.91.0/24
212.104.208.0/24
IPv6:
2a11:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
52:00:ee:eb:9d:59:d4:14:71:17:29:f8:a4:9f:d1:27:0d:19:
2d:23:10:e8:46:41:ef:0b:b1:21:50:0b:34:58:fa:46:3d:b5:
b6:9f:ed:29:b6:ab:e7:a9:ee:5d:b0:ce:15:be:f0:77:9d:91:
07:a7:47:50:27:b4:98:2c:3a:b8:0a:97:75:c5:cd:e2:ae:43:
db:00:c4:1d:9c:63:5a:3c:8d:89:99:59:eb:9b:93:86:1b:a5:
a0:4a:c4:2c:2d:17:6f:15:d0:23:01:0d:f1:27:e2:c0:3f:8a:
a4:62:5f:fa:48:14:44:ca:a2:fa:60:bd:0e:d1:53:9b:6f:b2:
04:fc:14:0d:eb:33:3f:6c:65:36:09:57:36:99:6a:35:2c:56:
3f:94:35:3f:eb:23:f5:46:5f:d3:57:eb:f3:3f:25:c3:69:3e:
ba:49:73:b4:30:4a:79:9f:81:48:06:57:e6:47:8d:5e:01:e4:
a5:f8:78:f8:cb:49:90:b7:9d:08:0b:c0:7b:6f:81:96:5b:e7:
b4:1b:4f:36:b3:ae:03:9a:6b:05:83:59:07:3b:19:f8:2f:3f:
fd:59:99:a4:e9:ea:94:6b:df:5b:7e:34:56:f4:17:cf:44:01:
a7:b3:e2:1f:d2:6a:06:77:5e:44:83:20:a7:9a:eb:39:91:d9:
1a:79:a8:f3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzDLh50s5qZ1GxFGG0eexdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGU4NWJiZDQ3OGY1ZTg0MmY0YzRmOGQ4NTIyNWQxMDBl
MGY0ZGYwHhcNMjMwMTAyMTUxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmU5ZDE4MGM1OGUyNTY4NDU5MjgyNDY0ODkzOTdjYjJiNTg0ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5uxZaNje41ouTzJizuVzDTUAFa6
FMWVA3BBNppcwjh6vvGA0C06Bqtu6Gd/4Wt+yGCYTTdX0ZrexwTClsXoMfKg/kk5
/ykJebc8gYCi0tVXQvzWh4F4aeLfU5vjFCt1EPRAyvTl6rxsN71hs7DoquYlMfiE
Z8lkMFzqRuhjDFX6Ebuv9r4psULWJ0u10wwE+u0CH0jS+I4fMkGL+n8f+hSXLi+d
5TyMqFfWy4Piw3vhHZOMm+5PqJYLzBZf/FpgDJMwDr5Re4xYPYUq8F+rceLQi1PB
yC5szlr/mZo5VFMdPEkHfTglTrQMYV39H4moS0VYIOLYOc08O4luFvv1qwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNLp0YDFjiVoRZKCRkiTl8srWEgdMB8GA1UdIwQY
MBaAFM/ehbvUePXoQvTE+NhSJdEA4PTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgt
ZjkzZDFmODE1YjdkLzEvMHVuUmdNV09KV2hGa29KR1NKT1h5eXRZU0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgtZjkzZDFmODE1Yjdk
LzEvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBHxkIAwQC
uVMUAwQAua9bAwQA1GjQMA0EAgACMAcDBQAqEb2AMA0GCSqGSIb3DQEBCwUAA4IB
AQBSAO7rnVnUFHEXKfikn9EnDRktIxDoRkHvC7EhUAs0WPpGPbW2n+0ptqvnqe5d
sM4VvvB3nZEHp0dQJ7SYLDq4Cpd1xc3irkPbAMQdnGNaPI2JmVnrm5OGG6WgSsQs
LRdvFdAjAQ3xJ+LAP4qkYl/6SBREyqL6YL0O0VObb7IE/BQN6zM/bGU2CVc2mWo1
LFY/lDU/6yP1Rl/TV+vzPyXDaT66SXO0MEp5n4FIBlfmR41eAeSl+Hj4y0mQt50I
C8B7b4GWW+e0G082s64DmmsFg1kHOxn4Lz/9WZmk6eqUa99bfjRW9BfPRAGns+If
0moGd15EgyCnmus5kdkaeajz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:05 2024 by rpki-client on console-ams.rpki-client.org