Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/cT7gW3TOrQ6BFeEzjebK1PH2Xbw.roa
File: cT7gW3TOrQ6BFeEzjebK1PH2Xbw.roa (raw, json)
Hash identifier: For8NUKlCs4V6lxk7QYvXFMN4j26lqfDvj7TfN5DFk4=
Subject key identifier: 71:3E:E0:5B:74:CE:AD:0E:81:15:E1:33:8D:E6:CA:D4:F1:F6:5D:BC
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 01857082D5A09724D61CDA3549993196A91C
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/cT7gW3TOrQ6BFeEzjebK1PH2Xbw.roa
Signing time: Mon 02 Jan 2023 03:25:00 +0000
ROA not before: Mon 02 Jan 2023 03:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203055
IP address blocks: 89.44.168.0/21 maxlen: 24
31.216.144.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:d5:a0:97:24:d6:1c:da:35:49:99:31:96:a9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jan 2 03:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=713ee05b74cead0e8115e1338de6cad4f1f65dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:14:9f:06:2f:d5:5d:7d:c3:ff:0f:79:d1:e0:
20:a2:2b:41:79:04:b1:47:ce:83:45:40:06:56:29:
4c:4a:b0:c1:27:96:58:a6:70:a9:99:b7:fb:59:99:
8b:ba:ac:d4:65:5e:89:cd:14:ca:fd:76:bc:b7:3f:
a1:94:b8:26:9e:58:67:9d:f0:15:fc:a0:e6:01:f0:
ef:1c:50:c1:19:a4:ee:b4:2a:30:99:06:1c:50:11:
67:51:4f:7b:5d:cc:6e:5e:9f:4f:d1:1c:85:3e:78:
4f:e1:bc:c8:d3:b5:e5:2d:6b:e1:ee:67:a0:1f:1a:
fb:44:89:c1:a3:3d:78:2d:39:51:4e:e1:06:a8:12:
f1:3a:a6:9e:c1:c4:20:3c:d7:d0:ab:1e:87:ca:9c:
ec:e6:8a:b2:69:6e:9d:71:ad:aa:0d:be:35:12:06:
9e:f1:ab:fd:bf:25:bd:28:0a:61:b4:17:71:be:7f:
56:9f:2d:84:1c:dc:0c:1f:00:44:a5:c2:1b:f3:1f:
65:7c:18:96:df:84:70:76:50:43:fa:5f:15:0c:2c:
b8:cb:71:a3:67:54:90:dc:0c:52:2e:f0:54:4f:c8:
68:23:ee:4b:ba:5f:06:22:e7:dc:f3:5f:1d:e8:6c:
ad:c5:b9:2a:7f:fc:55:49:fb:24:e2:6f:b3:69:43:
72:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3E:E0:5B:74:CE:AD:0E:81:15:E1:33:8D:E6:CA:D4:F1:F6:5D:BC
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/cT7gW3TOrQ6BFeEzjebK1PH2Xbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
89.44.168.0/21
Signature Algorithm: sha256WithRSAEncryption
43:0b:cf:a2:b4:cb:00:e8:e2:57:64:a1:01:18:69:0c:ce:94:
f5:0f:84:ec:d8:00:3a:ba:20:40:cc:49:b1:c8:af:54:93:e0:
69:da:24:28:4a:9f:9e:fe:62:e7:21:14:66:31:c3:88:f6:e5:
5c:a7:18:05:08:9a:2b:40:a1:91:5e:b8:b4:01:ac:e1:62:56:
01:f3:4d:5e:e9:1a:4f:90:8f:59:9e:69:30:b2:ce:84:5c:87:
6c:4c:af:4b:3e:d7:92:47:05:42:06:25:dd:0a:56:8b:c9:b0:
8a:72:c5:96:1b:30:79:13:e7:dd:fc:22:fb:69:ef:0e:4e:0c:
9a:25:2a:7e:17:c9:2b:5e:c9:98:be:a9:30:d6:fe:fc:a3:d1:
69:af:db:6e:86:18:51:97:4a:50:f8:9c:03:01:52:c2:27:52:
be:42:0d:c6:ec:86:a5:b5:9f:67:80:49:84:0a:6f:cf:c7:92:
58:69:14:d7:3a:2f:fa:5b:72:98:ce:10:79:31:a2:20:4d:65:
47:5c:ae:b9:1d:4c:13:f4:27:77:37:3f:f6:e3:5e:ee:cf:d5:
75:99:07:f0:f7:18:d0:73:19:90:38:71:d3:60:94:1e:e5:99:
36:c8:66:f6:5c:a0:16:11:34:d5:f1:6a:4d:7d:95:6f:71:75:
2f:67:3d:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwgtWglyTWHNo1SZkxlqkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDEwZGEzNTc2MjQyMzI0Y2VmYjJjODFjMTMzOWE2YzBl
M2I0MDMwHhcNMjMwMTAyMDMyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTNlZTA1Yjc0Y2VhZDBlODExNWUxMzM4ZGU2Y2FkNGYxZjY1ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRSfBi/VXX3D/w950eAgoitBeQSx
R86DRUAGVilMSrDBJ5ZYpnCpmbf7WZmLuqzUZV6JzRTK/Xa8tz+hlLgmnlhnnfAV
/KDmAfDvHFDBGaTutCowmQYcUBFnUU97XcxuXp9P0RyFPnhP4bzI07XlLWvh7meg
Hxr7RInBoz14LTlRTuEGqBLxOqaewcQgPNfQqx6Hypzs5oqyaW6dca2qDb41Egae
8av9vyW9KAphtBdxvn9Wny2EHNwMHwBEpcIb8x9lfBiW34RwdlBD+l8VDCy4y3Gj
Z1SQ3AxSLvBUT8hoI+5Lul8GIufc818d6Gytxbkqf/xVSfsk4m+zaUNyIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHE+4Ft0zq0OgRXhM43mytTx9l28MB8GA1UdIwQY
MBaAFNEBDaNXYkIyTO+yyBwTOabA47QDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAt
YTcwNDEyZmJjODMyLzEvY1Q3Z1czVE9yUTZCRmVFemplYksxUEgyWGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAtYTcwNDEyZmJjODMy
LzEvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH9iQAwQD
WSyoMA0GCSqGSIb3DQEBCwUAA4IBAQBDC8+itMsA6OJXZKEBGGkMzpT1D4Ts2AA6
uiBAzEmxyK9Uk+Bp2iQoSp+e/mLnIRRmMcOI9uVcpxgFCJorQKGRXri0AazhYlYB
801e6RpPkI9Znmkwss6EXIdsTK9LPteSRwVCBiXdClaLybCKcsWWGzB5E+fd/CL7
ae8OTgyaJSp+F8krXsmYvqkw1v78o9Fpr9tuhhhRl0pQ+JwDAVLCJ1K+Qg3G7Ial
tZ9ngEmECm/Px5JYaRTXOi/6W3KYzhB5MaIgTWVHXK65HUwT9Cd3Nz/2417uz9V1
mQfw9xjQcxmQOHHTYJQe5Zk2yGb2XKAWETTV8WpNfZVvcXUvZz1K
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:36 2024 by rpki-client on console-fra.rpki-client.org