Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/L7W4mu7ROygIyQlgvMDhLgB_LeI.roa
File: L7W4mu7ROygIyQlgvMDhLgB_LeI.roa (raw, json)
Hash identifier: nJfz1UVQVr8ZyiT0klGEJtGhhCm3bHRQdadDVjrl3zI=
Subject key identifier: 2F:B5:B8:9A:EE:D1:3B:28:08:C9:09:60:BC:C0:E1:2E:00:7F:2D:E2
Certificate issuer: /CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Certificate serial: 01856D0AB89903FCDED69A49F225B5FD490F
Authority key identifier: BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/L7W4mu7ROygIyQlgvMDhLgB_LeI.roa
Signing time: Sun 01 Jan 2023 11:14:57 +0000
ROA not before: Sun 01 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34119
IP address blocks: 185.211.176.0/22 maxlen: 22
77.95.32.0/21 maxlen: 21
31.22.4.0/24 maxlen: 24
31.22.0.0/21 maxlen: 21
31.22.7.0/24 maxlen: 24
185.2.168.0/22 maxlen: 22
2a02:5300::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:b8:99:03:fc:de:d6:9a:49:f2:25:b5:fd:49:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5
Validity
Not Before: Jan 1 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fb5b89aeed13b2808c90960bcc0e12e007f2de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e3:a2:fc:8f:73:89:62:30:eb:25:1a:64:2f:
67:ad:07:d3:19:42:f5:59:80:60:9e:07:7e:63:04:
33:58:51:31:cc:ce:5e:69:22:92:1e:27:6e:33:a9:
f2:d6:86:44:72:7a:97:32:18:77:65:0e:b4:b9:18:
e4:66:20:f2:c1:51:79:0f:6a:f4:9f:8c:cb:e4:8e:
0c:6a:bf:53:bc:86:23:e6:b5:98:30:d8:22:8c:a1:
f5:d5:58:b5:ac:d4:bd:30:cc:e9:fa:18:41:06:b7:
7e:ae:0e:05:05:e6:f3:7c:79:c9:c4:41:5f:1e:0f:
4e:5f:e1:5b:bf:a0:16:fd:1e:b9:69:4a:9d:65:d6:
f0:22:8e:83:33:4a:d0:f8:f6:5f:1f:95:7d:dd:05:
99:5e:93:b0:22:c6:58:9e:21:7b:25:6b:1e:cd:c1:
14:83:f2:7f:4b:af:50:87:fc:c3:c5:f7:16:70:d5:
03:d7:00:a7:1e:8b:a5:58:16:4f:35:f0:00:84:58:
3d:7c:80:65:2b:c8:c5:9f:67:5a:45:36:e1:c4:f9:
90:af:e4:4d:00:68:30:99:b9:75:e3:f8:6b:7e:a2:
a4:89:a7:b0:0c:6a:41:23:f5:1d:60:7d:6c:60:2d:
7e:85:06:53:c3:ed:05:c2:6d:55:0e:ec:7e:48:72:
72:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B5:B8:9A:EE:D1:3B:28:08:C9:09:60:BC:C0:E1:2E:00:7F:2D:E2
X509v3 Authority Key Identifier:
keyid:BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/L7W4mu7ROygIyQlgvMDhLgB_LeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.0.0/21
77.95.32.0/21
185.2.168.0/22
185.211.176.0/22
IPv6:
2a02:5300::/32
Signature Algorithm: sha256WithRSAEncryption
2b:4e:41:de:3e:fa:39:cc:cd:d8:51:54:04:61:13:a1:21:74:
1a:9f:52:e9:03:9f:da:d0:0c:d4:86:9c:73:44:99:7f:56:b0:
6f:a1:74:93:37:51:75:c7:af:67:b5:25:c0:96:54:8b:20:08:
22:83:bb:5f:75:a0:86:61:27:37:6a:b0:b5:73:52:88:70:9d:
40:25:e8:a0:c1:7c:ab:64:ce:23:ed:a5:8b:6d:d3:fe:f8:0c:
0e:d8:10:44:a1:39:76:c1:f5:86:fd:8e:6b:e2:bf:ed:22:12:
d3:97:c9:32:1a:9b:ee:1b:9f:24:9a:52:1b:84:9b:2c:18:fa:
01:c3:0a:12:00:d8:d3:f1:5e:37:71:3d:bd:7c:ac:d5:44:a7:
b8:f8:16:45:b4:74:e7:9d:77:57:43:ff:1f:bb:69:20:d6:44:
d3:df:97:b8:b3:e2:ad:28:41:61:22:87:ea:1a:c3:39:92:9c:
e7:9e:fc:27:8d:3b:82:35:d4:0f:ee:b5:78:2a:74:cc:8b:82:
c6:ad:4d:f2:85:54:b6:d0:46:c5:8c:fb:dd:38:31:cd:69:0a:
e3:6b:14:16:4c:40:28:af:94:21:0f:fd:1d:99:b1:f8:7c:62:
32:7d:f2:7d:b1:11:4c:96:ea:10:58:ef:d6:e0:b0:2c:44:da:
29:7c:4b:af
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtCriZA/ze1ppJ8iW1/UkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWQ3YzQyZTkxNzg0NGNiYzJkZTRhOTFjNmMxNzAxZGU1
OTcxYjUwHhcNMjMwMTAxMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI1Yjg5YWVlZDEzYjI4MDhjOTA5NjBiY2MwZTEyZTAwN2YyZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OOi/I9ziWIw6yUaZC9nrQfTGUL1
WYBgngd+YwQzWFExzM5eaSKSHiduM6ny1oZEcnqXMhh3ZQ60uRjkZiDywVF5D2r0
n4zL5I4Mar9TvIYj5rWYMNgijKH11Vi1rNS9MMzp+hhBBrd+rg4FBebzfHnJxEFf
Hg9OX+Fbv6AW/R65aUqdZdbwIo6DM0rQ+PZfH5V93QWZXpOwIsZYniF7JWsezcEU
g/J/S69Qh/zDxfcWcNUD1wCnHoulWBZPNfAAhFg9fIBlK8jFn2daRTbhxPmQr+RN
AGgwmbl14/hrfqKkiaewDGpBI/UdYH1sYC1+hQZTw+0Fwm1VDux+SHJy0QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFC+1uJru0TsoCMkJYLzA4S4Afy3iMB8GA1UdIwQY
MBaAFLydfELpF4RMvC3kqRxsFwHeWXG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQt
MDNmYjU0MTg3ZWUyLzEvTDdXNG11N1JPeWdJeVFsZ3ZNRGhMZ0JfTGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQtMDNmYjU0MTg3ZWUy
LzEvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxYAAwQD
TV8gAwQCuQKoAwQCudOwMA0EAgACMAcDBQAqAlMAMA0GCSqGSIb3DQEBCwUAA4IB
AQArTkHePvo5zM3YUVQEYROhIXQan1LpA5/a0AzUhpxzRJl/VrBvoXSTN1F1x69n
tSXAllSLIAgig7tfdaCGYSc3arC1c1KIcJ1AJeigwXyrZM4j7aWLbdP++AwO2BBE
oTl2wfWG/Y5r4r/tIhLTl8kyGpvuG58kmlIbhJssGPoBwwoSANjT8V43cT29fKzV
RKe4+BZFtHTnnXdXQ/8fu2kg1kTT35e4s+KtKEFhIofqGsM5kpznnvwnjTuCNdQP
7rV4KnTMi4LGrU3yhVS20EbFjPvdODHNaQrjaxQWTEAor5QhD/0dmbH4fGIyffJ9
sRFMluoQWO/W4LAsRNopfEuv
-----END CERTIFICATE-----
Generated at Tue Jan 2 02:56:40 2024 by rpki-client on console.sobornost.net