Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/qfVXuFwrO9tGkaY2n5OH3FaRskg.roa
File: qfVXuFwrO9tGkaY2n5OH3FaRskg.roa (raw, json)
Hash identifier: HS2P7CdTM95xl5PeQJFVJO9xFnWZ0ju2IhN8ibLJinE=
Subject key identifier: A9:F5:57:B8:5C:2B:3B:DB:46:91:A6:36:9F:93:87:DC:56:91:B2:48
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 018CC6B9052B8FE690B17D9CE95535E96642
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/qfVXuFwrO9tGkaY2n5OH3FaRskg.roa
Signing time: Mon 01 Jan 2024 20:31:03 +0000
ROA not before: Mon 01 Jan 2024 20:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 185.35.12.0/22 maxlen: 22
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 15 Mar 2024 09:52:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:05:2b:8f:e6:90:b1:7d:9c:e9:55:35:e9:66:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Jan 1 20:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9f557b85c2b3bdb4691a6369f9387dc5691b248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:f1:62:94:5b:38:dc:c2:79:ab:ba:96:9c:
b8:c3:9d:f9:b7:07:b6:3a:6d:8e:71:74:ab:18:bd:
ba:2b:f1:c4:48:0d:5f:3f:d8:68:82:a5:1f:8a:a4:
a2:dc:ea:bd:48:c1:05:5b:36:01:25:b0:0a:5f:51:
50:6b:a9:bc:c6:9d:4b:ea:6e:b8:65:33:72:07:89:
e5:db:ea:8a:84:7f:87:c7:fc:e3:35:89:94:fa:5e:
c0:78:f9:a9:34:91:79:5e:90:4b:16:ff:6f:f5:8f:
62:48:b8:ed:51:8d:45:5d:4a:ec:f5:72:fa:97:d1:
71:7f:cc:db:a8:54:d5:52:dd:d5:17:0b:dd:31:31:
9d:19:dd:fd:36:0f:c1:49:20:95:ae:d8:46:3b:0d:
3d:c6:65:ef:93:8f:8a:31:84:68:65:de:16:39:b3:
21:2d:29:e0:92:e4:9f:68:1e:cd:c0:bc:94:9a:ec:
eb:7d:29:e5:4e:8c:46:d0:03:e9:77:3a:50:a4:87:
94:d2:97:9c:1d:fc:cf:7c:a3:b8:05:6c:51:52:76:
46:70:4d:9c:ff:14:93:b4:7d:15:7b:7b:2a:3d:c4:
d1:8e:46:f2:93:54:f2:c4:0a:13:0f:75:b2:8d:20:
40:7b:4e:f0:87:df:e6:fa:27:54:48:8b:73:18:07:
d1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F5:57:B8:5C:2B:3B:DB:46:91:A6:36:9F:93:87:DC:56:91:B2:48
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/qfVXuFwrO9tGkaY2n5OH3FaRskg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.12.0/22
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:30:6f:45:cd:15:24:2e:f6:01:0d:17:c4:a5:0c:7a:86:df:
f4:a1:1f:35:e7:da:5d:0f:e2:bf:1b:2f:2a:52:a6:d9:a0:5a:
fa:7c:a4:3c:a0:5a:72:08:72:c0:f0:ea:2d:cb:8a:9f:a4:11:
5d:06:41:b2:6d:a7:56:28:ad:db:a2:44:06:c6:65:8b:50:3c:
6c:54:fd:f7:99:37:66:b7:52:96:ad:df:e2:67:ff:a5:90:aa:
91:ce:da:4e:ef:26:1b:17:02:ee:ba:a5:6b:be:28:50:9c:08:
07:98:e6:45:b7:0c:fe:3a:70:75:3a:50:b5:18:84:48:37:09:
82:74:2a:0c:84:34:ef:cc:bb:03:fa:0a:9c:22:35:ad:cd:84:
3a:1b:7e:0c:82:3e:7c:14:4d:73:43:0b:55:8e:2d:90:73:3d:
10:f6:54:63:7d:e0:fc:fe:ba:8e:e8:21:67:2e:e0:d3:36:f7:
0f:a5:f7:76:f9:36:17:b6:c0:0d:a5:38:06:7b:a2:97:cd:f7:
27:bd:6b:1f:60:11:5f:bb:cc:22:a7:eb:46:9a:cc:d6:0c:d4:
cd:77:35:a4:21:89:74:01:07:ce:6b:61:58:cf:3b:50:7a:2b:
f4:5a:1a:16:57:10:d4:d3:35:ec:d1:df:b6:33:85:10:c9:7f:
47:8f:76:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuQUrj+aQsX2c6VU16WZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY1NTdiODVjMmIzYmRiNDY5MWE2MzY5ZjkzODdkYzU2OTFiMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdXxYpRbONzCeau6lpy4w535twe2
Om2OcXSrGL26K/HESA1fP9hogqUfiqSi3Oq9SMEFWzYBJbAKX1FQa6m8xp1L6m64
ZTNyB4nl2+qKhH+Hx/zjNYmU+l7AePmpNJF5XpBLFv9v9Y9iSLjtUY1FXUrs9XL6
l9Fxf8zbqFTVUt3VFwvdMTGdGd39Ng/BSSCVrthGOw09xmXvk4+KMYRoZd4WObMh
LSngkuSfaB7NwLyUmuzrfSnlToxG0APpdzpQpIeU0pecHfzPfKO4BWxRUnZGcE2c
/xSTtH0Ve3sqPcTRjkbyk1TyxAoTD3WyjSBAe07wh9/m+idUSItzGAfRYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKn1V7hcKzvbRpGmNp+Th9xWkbJIMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvcWZWWHVGd3JPOXRHa2FZMm41T0gzRmFSc2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSMMMA0E
AgACMAcDBQMqANygMA0GCSqGSIb3DQEBCwUAA4IBAQC3MG9FzRUkLvYBDRfEpQx6
ht/0oR8159pdD+K/Gy8qUqbZoFr6fKQ8oFpyCHLA8Ooty4qfpBFdBkGybadWKK3b
okQGxmWLUDxsVP33mTdmt1KWrd/iZ/+lkKqRztpO7yYbFwLuuqVrvihQnAgHmOZF
twz+OnB1OlC1GIRINwmCdCoMhDTvzLsD+gqcIjWtzYQ6G34Mgj58FE1zQwtVji2Q
cz0Q9lRjfeD8/rqO6CFnLuDTNvcPpfd2+TYXtsANpTgGe6KXzfcnvWsfYBFfu8wi
p+tGmszWDNTNdzWkIYl0AQfOa2FYzztQeiv0WhoWVxDU0zXs0d+2M4UQyX9Hj3bb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:48 2024 by rpki-client on console-fra.rpki-client.org