Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/d4PNCscFAyXpLi8QxIqbeFwGM4c.roa
File: d4PNCscFAyXpLi8QxIqbeFwGM4c.roa (raw, json)
Hash identifier: qMnSeknyFwe1wsc/JVtjR9WNCt+HoBz+lNzu68sa8Ms=
Subject key identifier: 77:83:CD:0A:C7:05:03:25:E9:2E:2F:10:C4:8A:9B:78:5C:06:33:87
Certificate issuer: /CN=b3edf11774f4407addbdf3cfba4c1e7aa0242223
Certificate serial: 01917432A86F175778DE3EA61396E1D778DC
Authority key identifier: B3:ED:F1:17:74:F4:40:7A:DD:BD:F3:CF:BA:4C:1E:7A:A0:24:22:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-3xF3T0QHrdvfPPukweeqAkIiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/d4PNCscFAyXpLi8QxIqbeFwGM4c.roa
Signing time: Wed 21 Aug 2024 09:09:22 +0000
ROA not before: Wed 21 Aug 2024 09:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34300
IP address blocks: 62.173.128.0/19 maxlen: 24
85.93.128.0/19 maxlen: 24
185.31.160.0/22 maxlen: 24
185.113.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 07:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:32:a8:6f:17:57:78:de:3e:a6:13:96:e1:d7:78:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3edf11774f4407addbdf3cfba4c1e7aa0242223
Validity
Not Before: Aug 21 09:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7783cd0ac7050325e92e2f10c48a9b785c063387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:b0:6b:6e:27:45:5b:cb:b8:f7:bd:47:e5:
ed:64:a2:f3:dd:49:45:1c:25:a9:d5:07:e6:c3:cb:
42:b7:13:9e:20:5e:9b:3b:e3:84:94:bb:44:c9:53:
51:53:d4:ef:46:0f:82:2c:fb:b4:a4:f7:14:e5:5c:
86:84:7f:0c:26:33:21:10:09:19:3b:ef:70:11:81:
5b:54:5f:d8:bf:3f:5c:08:ce:d5:96:ff:c2:b3:14:
67:5d:cf:0d:87:c2:6b:10:30:7a:ef:a1:62:52:91:
c6:5c:ec:50:58:29:9f:b1:63:8c:62:d0:2c:17:61:
72:16:a7:75:d5:b6:3d:c2:e4:af:54:57:67:a9:59:
4c:a3:1a:fe:26:15:ee:bf:fe:51:69:c7:9e:c3:e4:
c7:3a:56:72:7f:b6:fb:d3:47:be:41:6a:63:a7:8b:
3b:a8:5f:6a:e0:55:8b:0f:5e:af:c6:6b:4f:67:6d:
e9:77:fe:59:a9:d7:7c:29:b0:c9:0a:4a:c4:e2:48:
f2:45:04:1a:2a:d4:ee:ab:54:94:c4:81:3f:52:a2:
5e:d1:22:68:fd:6f:5b:df:70:02:4d:88:bc:d7:14:
66:75:ce:c1:ad:9f:25:d8:0e:b6:0e:ef:fc:8f:a8:
00:c4:e5:ed:a2:c4:79:2f:d1:ca:be:42:56:e3:72:
d7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:83:CD:0A:C7:05:03:25:E9:2E:2F:10:C4:8A:9B:78:5C:06:33:87
X509v3 Authority Key Identifier:
keyid:B3:ED:F1:17:74:F4:40:7A:DD:BD:F3:CF:BA:4C:1E:7A:A0:24:22:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-3xF3T0QHrdvfPPukweeqAkIiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/d4PNCscFAyXpLi8QxIqbeFwGM4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/s-3xF3T0QHrdvfPPukweeqAkIiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.173.128.0/19
85.93.128.0/19
185.31.160.0/22
185.113.108.0/22
Signature Algorithm: sha256WithRSAEncryption
67:a4:63:85:59:a6:22:b0:b0:76:99:6d:c1:69:d4:0c:e3:6e:
90:90:b2:5e:85:61:10:aa:06:bc:ca:08:4a:66:fd:1f:3f:9f:
45:f8:c9:67:b3:f3:e0:b5:f8:ed:9e:ec:5c:b5:dd:ff:67:19:
d1:8f:12:7d:e8:4a:2c:2d:28:0f:17:92:bc:a2:ed:65:30:2f:
9f:aa:10:aa:02:94:32:34:55:08:74:09:a6:ab:2e:5c:42:1a:
77:ee:d7:30:2f:b3:3c:f0:8e:56:41:b8:48:26:ed:a8:a3:fa:
2a:32:fe:32:37:9a:8a:8b:58:26:31:ba:6e:d0:66:01:c8:14:
be:fe:4b:da:c9:d7:ce:d0:3e:56:6e:f6:82:96:d4:fc:e4:8a:
08:70:e5:50:53:c4:61:a9:bd:44:f3:05:8a:a5:8b:ac:48:5b:
a3:29:a0:c2:c3:da:c4:27:4d:c2:da:41:dd:bb:00:90:68:bc:
0b:8b:77:46:11:b8:6e:3f:70:06:4e:68:80:fb:be:02:1c:03:
55:e1:73:5e:a2:4c:7d:7f:54:4d:9c:27:1e:99:26:d2:6d:db:
fd:42:5e:d4:a3:c0:40:58:b7:13:ad:27:2e:1f:54:9e:5a:77:
e4:af:98:54:39:64:ca:ca:aa:f4:57:ff:5b:d3:f9:cc:86:fa:
ca:08:2a:ff
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZF0MqhvF1d43j6mE5bh13jcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWRmMTE3NzRmNDQwN2FkZGJkZjNjZmJhNGMxZTdhYTAy
NDIyMjMwHhcNMjQwODIxMDkwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzgzY2QwYWM3MDUwMzI1ZTkyZTJmMTBjNDhhOWI3ODVjMDYzMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurSwa24nRVvLuPe9R+XtZKLz3UlF
HCWp1Qfmw8tCtxOeIF6bO+OElLtEyVNRU9TvRg+CLPu0pPcU5VyGhH8MJjMhEAkZ
O+9wEYFbVF/Yvz9cCM7Vlv/CsxRnXc8Nh8JrEDB676FiUpHGXOxQWCmfsWOMYtAs
F2FyFqd11bY9wuSvVFdnqVlMoxr+JhXuv/5Raceew+THOlZyf7b700e+QWpjp4s7
qF9q4FWLD16vxmtPZ23pd/5Zqdd8KbDJCkrE4kjyRQQaKtTuq1SUxIE/UqJe0SJo
/W9b33ACTYi81xRmdc7BrZ8l2A62Du/8j6gAxOXtosR5L9HKvkJW43LX8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHeDzQrHBQMl6S4vEMSKm3hcBjOHMB8GA1UdIwQY
MBaAFLPt8Rd09EB63b3zz7pMHnqgJCIjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy0zeEYzVDBRSHJkdmZQUHVrd2VlcUFrSWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81MDMwMTgtOWJhYy00ODU4LThkZjgt
YWRjYTFhNTdhYjBjLzEvZDRQTkNzY0ZBeVhwTGk4UXhJcWJlRndHTTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81MDMwMTgtOWJhYy00ODU4LThkZjgtYWRjYTFhNTdhYjBj
LzEvcy0zeEYzVDBRSHJkdmZQUHVrd2VlcUFrSWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFPq2AAwQF
VV2AAwQCuR+gAwQCuXFsMA0GCSqGSIb3DQEBCwUAA4IBAQBnpGOFWaYisLB2mW3B
adQM426QkLJehWEQqga8yghKZv0fP59F+Mlns/Pgtfjtnuxctd3/ZxnRjxJ96Eos
LSgPF5K8ou1lMC+fqhCqApQyNFUIdAmmqy5cQhp37tcwL7M88I5WQbhIJu2oo/oq
Mv4yN5qKi1gmMbpu0GYByBS+/kvaydfO0D5WbvaCltT85IoIcOVQU8Rhqb1E8wWK
pYusSFujKaDCw9rEJ03C2kHduwCQaLwLi3dGEbhuP3AGTmiA+74CHANV4XNeokx9
f1RNnCcemSbSbdv9Ql7Uo8BAWLcTrScuH1SeWnfkr5hUOWTKyqr0V/9b0/nMhvrK
CCr/
-----END CERTIFICATE-----
Generated at Tue Sep 10 08:57:20 2024 by rpki-client on console-fra.rpki-client.org