Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/z3YJ1eJhp1q0dPXjnKFNa7B8-cs.roa
File: z3YJ1eJhp1q0dPXjnKFNa7B8-cs.roa (raw, json)
Hash identifier: DDV4qrr+7pENvz/FrgJOrJOLcsfnifOktYEatYZo/So=
Subject key identifier: CF:76:09:D5:E2:61:A7:5A:B4:74:F5:E3:9C:A1:4D:6B:B0:7C:F9:CB
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 01856D5407D47A65306AA66C97F3C510964A
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/z3YJ1eJhp1q0dPXjnKFNa7B8-cs.roa
Signing time: Sun 01 Jan 2023 12:35:01 +0000
ROA not before: Sun 01 Jan 2023 12:35:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 192.40.69.0/24 maxlen: 24
192.35.206.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
31.25.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jan 2023 08:59:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:07:d4:7a:65:30:6a:a6:6c:97:f3:c5:10:96:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 12:35:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf7609d5e261a75ab474f5e39ca14d6bb07cf9cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:2b:ea:86:f6:5a:13:a6:2d:03:36:fe:b0:
a8:c1:6c:e8:6d:bc:d6:7d:e5:55:4f:76:84:cc:1e:
85:9c:c3:26:c8:22:e7:ff:95:4e:95:92:64:1d:4b:
df:a7:ac:e5:00:c4:92:6f:f7:2a:86:36:14:92:bc:
9a:3c:7e:6b:d1:14:e5:07:54:42:23:1e:dc:4b:96:
c4:14:41:2b:98:45:6f:ff:4f:4a:a5:83:9e:55:ae:
09:90:88:fb:d0:5d:e1:ac:7e:ad:0a:30:ed:dd:5a:
12:1d:d6:f7:73:b3:84:a7:85:50:f9:99:24:76:04:
62:ef:a9:6c:74:61:04:e9:2d:79:e3:85:6c:97:ad:
a4:86:ad:a0:bc:88:54:f4:7e:da:2a:f2:a1:b1:26:
52:b3:42:b3:cb:af:f5:88:1e:09:83:be:6c:af:7d:
dc:75:ea:8e:32:14:1e:56:78:0f:2d:c4:b7:80:b0:
7d:96:ef:01:d9:ac:36:06:7d:da:b9:ab:4b:89:55:
4f:48:9e:9c:7d:b3:88:71:a7:2a:9d:dc:ba:42:50:
ca:90:79:2a:3b:96:64:7d:6a:1a:ae:cb:1a:a2:a0:
db:6c:67:96:73:5a:24:80:02:d2:89:b0:c7:29:59:
c7:c8:0d:1a:05:aa:9b:c6:2a:71:46:ea:ae:1c:5c:
f8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:76:09:D5:E2:61:A7:5A:B4:74:F5:E3:9C:A1:4D:6B:B0:7C:F9:CB
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/z3YJ1eJhp1q0dPXjnKFNa7B8-cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
147.189.163.0/24
192.35.206.0/24
192.40.69.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:83:7c:2f:ec:4d:d1:07:da:5c:3d:ba:d9:c7:d5:6b:7f:93:
ee:66:73:2e:2b:32:aa:e4:eb:c8:54:0d:36:b2:99:57:4d:50:
98:e2:93:b5:3a:50:0f:91:1b:e6:93:29:74:6d:b6:7a:74:c1:
2b:06:d2:46:9e:7b:4a:12:6b:97:da:17:de:17:c5:04:42:19:
1e:b3:e4:ba:31:e7:1a:ca:cf:a8:13:d7:1e:5b:b0:5c:5a:85:
31:2e:ca:db:e3:ff:aa:f4:8a:8c:77:09:12:6a:b9:f4:3b:83:
1e:fe:3c:c1:af:30:16:d6:a7:9e:0b:b2:1f:e3:8d:8e:ab:82:
6e:e4:d2:b9:3d:19:78:b8:3a:41:67:33:8f:91:81:8c:63:b0:
22:c5:e8:07:07:15:43:db:59:c0:b4:6e:14:f2:e3:4f:92:67:
df:69:5d:a8:fb:53:47:e0:86:8e:0b:00:d3:15:60:17:67:f6:
cd:d9:73:4a:bd:59:c0:70:e0:be:ca:47:7c:22:57:fa:30:25:
8c:ef:e9:8b:a1:06:e0:86:35:23:2d:72:6e:32:ac:a2:e3:5c:
53:dd:2d:15:33:80:98:e8:cf:a5:c9:3d:ba:9c:ce:a1:57:04:
d7:db:82:24:21:0e:df:55:78:c7:11:3b:8b:72:63:f3:df:a0:
aa:81:b6:a1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtVAfUemUwaqZsl/PFEJZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwMTAxMTIzNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc2MDlkNWUyNjFhNzVhYjQ3NGY1ZTM5Y2ExNGQ2YmIwN2NmOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy8r6ob2WhOmLQM2/rCowWzobbzW
feVVT3aEzB6FnMMmyCLn/5VOlZJkHUvfp6zlAMSSb/cqhjYUkryaPH5r0RTlB1RC
Ix7cS5bEFEErmEVv/09KpYOeVa4JkIj70F3hrH6tCjDt3VoSHdb3c7OEp4VQ+Zkk
dgRi76lsdGEE6S1544Vsl62khq2gvIhU9H7aKvKhsSZSs0Kzy6/1iB4Jg75sr33c
deqOMhQeVngPLcS3gLB9lu8B2aw2Bn3auatLiVVPSJ6cfbOIcacqndy6QlDKkHkq
O5ZkfWoarssaoqDbbGeWc1okgALSibDHKVnHyA0aBaqbxipxRuquHFz4vwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM92CdXiYadatHT145yhTWuwfPnLMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvejNZSjFlSmhwMXEwZFBYam5LRk5hN0I4LWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHxkLAwQA
k72jAwQAwCPOAwQAwChFMA0GCSqGSIb3DQEBCwUAA4IBAQCpg3wv7E3RB9pcPbrZ
x9Vrf5PuZnMuKzKq5OvIVA02splXTVCY4pO1OlAPkRvmkyl0bbZ6dMErBtJGnntK
EmuX2hfeF8UEQhkes+S6Mecays+oE9ceW7BcWoUxLsrb4/+q9IqMdwkSarn0O4Me
/jzBrzAW1qeeC7If442Oq4Ju5NK5PRl4uDpBZzOPkYGMY7AixegHBxVD21nAtG4U
8uNPkmffaV2o+1NH4IaOCwDTFWAXZ/bN2XNKvVnAcOC+ykd8Ilf6MCWM7+mLoQbg
hjUjLXJuMqyi41xT3S0VM4CY6M+lyT26nM6hVwTX24IkIQ7fVXjHETuLcmPz36Cq
gbah
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:37 2024 by rpki-client on console-fra.rpki-client.org