Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/qUidhh55BU2WNvd9wtPeD7bAxpM.roa
File: qUidhh55BU2WNvd9wtPeD7bAxpM.roa (raw, json)
Hash identifier: O/DNoqSGbxOvOVFBdkm+LfIpGciwKgMhIKt7GCmAg08=
Subject key identifier: A9:48:9D:86:1E:79:05:4D:96:36:F7:7D:C2:D3:DE:0F:B6:C0:C6:93
Certificate issuer: /CN=357c1bbbb216d911304761fa7b31378470cab69c
Certificate serial: 01856D53CB8EDC5D7CEB9D62475B144FCA1C
Authority key identifier: 35:7C:1B:BB:B2:16:D9:11:30:47:61:FA:7B:31:37:84:70:CA:B6:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NXwbu7IW2REwR2H6ezE3hHDKtpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/qUidhh55BU2WNvd9wtPeD7bAxpM.roa
Signing time: Sun 01 Jan 2023 12:34:45 +0000
ROA not before: Sun 01 Jan 2023 12:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204809
IP address blocks: 185.238.156.0/22 maxlen: 22
2a0c:3080::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:cb:8e:dc:5d:7c:eb:9d:62:47:5b:14:4f:ca:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=357c1bbbb216d911304761fa7b31378470cab69c
Validity
Not Before: Jan 1 12:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9489d861e79054d9636f77dc2d3de0fb6c0c693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bd:c6:a4:5e:f5:48:07:8d:a3:97:a4:c0:62:
8d:19:ce:b4:f9:a6:c8:6b:b8:08:aa:03:78:73:d5:
37:23:0d:82:dc:62:b4:4c:51:ec:aa:4e:3b:24:97:
2a:db:32:e9:29:41:ac:b8:49:f1:46:c5:a5:b9:e0:
c4:35:91:e4:26:84:e9:f1:d8:ce:1c:1c:4f:25:39:
e8:ee:bf:1d:cd:26:f2:cc:33:df:43:a8:55:6f:aa:
dc:92:5e:7e:dc:57:31:6b:f3:1b:99:0a:ea:98:2f:
7e:bd:0f:b0:79:3a:b9:39:a9:c5:1e:5e:12:60:69:
ca:b0:64:74:c3:08:ef:c7:fc:56:e9:27:0e:86:1b:
39:e1:1a:e6:0e:a9:c5:70:0f:56:c2:33:a5:a5:f9:
75:07:66:e4:95:94:91:ca:82:34:2b:e9:d6:43:33:
6e:1d:7c:38:fa:5b:5f:9b:cd:33:42:a4:db:ba:47:
03:dc:3d:a3:60:14:83:5a:b8:d5:c7:8f:ab:22:ba:
fe:0e:c4:00:67:eb:9a:7e:cd:20:7f:43:3b:01:25:
be:58:7e:88:de:04:cf:9c:a8:5d:77:a7:17:9e:f9:
c0:07:40:54:8e:b3:b6:12:21:40:a2:9c:6f:94:90:
d0:04:ee:4b:eb:f5:7f:88:89:e5:1c:d9:4e:8e:7c:
b5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:48:9D:86:1E:79:05:4D:96:36:F7:7D:C2:D3:DE:0F:B6:C0:C6:93
X509v3 Authority Key Identifier:
keyid:35:7C:1B:BB:B2:16:D9:11:30:47:61:FA:7B:31:37:84:70:CA:B6:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NXwbu7IW2REwR2H6ezE3hHDKtpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/qUidhh55BU2WNvd9wtPeD7bAxpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/72cba3-6051-4218-88c2-50861eeb5d5d/1/NXwbu7IW2REwR2H6ezE3hHDKtpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.156.0/22
IPv6:
2a0c:3080::/48
Signature Algorithm: sha256WithRSAEncryption
da:5f:cf:c4:32:e3:8c:70:10:74:3e:29:9e:42:d1:00:43:8c:
e9:8c:49:01:03:5d:84:0c:5f:a5:6a:c5:09:46:db:7f:51:4f:
79:54:ff:c0:8f:84:6d:af:3b:c5:b6:dd:05:28:e7:42:32:f7:
43:61:51:34:de:a5:dd:2c:72:88:09:5a:17:26:9f:4a:39:a2:
45:9c:f0:45:2c:d3:f5:61:02:5e:7a:35:38:8b:4b:ed:c5:5e:
5c:53:95:07:2d:0e:5b:73:83:06:c5:fa:54:1e:1e:72:76:50:
e2:99:51:a4:66:8a:fa:12:a3:62:c1:cd:2f:ce:eb:fa:d7:10:
9c:0e:31:a7:c3:34:44:13:9e:8d:a6:1a:bf:74:7b:59:14:7b:
6c:9e:f3:27:79:1a:f2:ec:70:f9:b9:8c:e0:f6:d2:d5:bb:68:
e3:07:60:1d:dc:eb:7b:0a:f9:15:14:60:3a:bb:a7:a7:33:cb:
75:29:96:e8:5b:27:b2:08:15:9f:ee:62:a6:ea:ce:73:43:e1:
cd:80:e2:1b:c2:0e:69:0c:40:24:67:d1:07:23:ca:4a:10:d0:
4c:76:c0:9b:80:b6:1c:0c:02:a3:a3:66:a0:16:a1:b6:b1:74:
26:c8:1d:bb:fe:4f:55:79:f4:65:28:d0:da:6d:4e:d4:19:e1:
77:9e:d3:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtU8uO3F18651iR1sUT8ocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1N2MxYmJiYjIxNmQ5MTEzMDQ3NjFmYTdiMzEzNzg0NzBj
YWI2OWMwHhcNMjMwMTAxMTIzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQ4OWQ4NjFlNzkwNTRkOTYzNmY3N2RjMmQzZGUwZmI2YzBjNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb3GpF71SAeNo5ekwGKNGc60+abI
a7gIqgN4c9U3Iw2C3GK0TFHsqk47JJcq2zLpKUGsuEnxRsWlueDENZHkJoTp8djO
HBxPJTno7r8dzSbyzDPfQ6hVb6rckl5+3Fcxa/MbmQrqmC9+vQ+weTq5OanFHl4S
YGnKsGR0wwjvx/xW6ScOhhs54RrmDqnFcA9WwjOlpfl1B2bklZSRyoI0K+nWQzNu
HXw4+ltfm80zQqTbukcD3D2jYBSDWrjVx4+rIrr+DsQAZ+uafs0gf0M7ASW+WH6I
3gTPnKhdd6cXnvnAB0BUjrO2EiFAopxvlJDQBO5L6/V/iInlHNlOjny1xwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKlInYYeeQVNljb3fcLT3g+2wMaTMB8GA1UdIwQY
MBaAFDV8G7uyFtkRMEdh+nsxN4RwyracMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlh3YnU3SVcyUkV3UjJINmV6RTNoSERLdHB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83MmNiYTMtNjA1MS00MjE4LTg4YzIt
NTA4NjFlZWI1ZDVkLzEvcVVpZGhoNTVCVTJXTnZkOXd0UGVEN2JBeHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi83MmNiYTMtNjA1MS00MjE4LTg4YzItNTA4NjFlZWI1ZDVk
LzEvTlh3YnU3SVcyUkV3UjJINmV6RTNoSERLdHB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCue6cMA8E
AgACMAkDBwAqDDCAAAAwDQYJKoZIhvcNAQELBQADggEBANpfz8Qy44xwEHQ+KZ5C
0QBDjOmMSQEDXYQMX6VqxQlG239RT3lU/8CPhG2vO8W23QUo50Iy90NhUTTepd0s
cogJWhcmn0o5okWc8EUs0/VhAl56NTiLS+3FXlxTlQctDltzgwbF+lQeHnJ2UOKZ
UaRmivoSo2LBzS/O6/rXEJwOMafDNEQTno2mGr90e1kUe2ye8yd5GvLscPm5jOD2
0tW7aOMHYB3c63sK+RUUYDq7p6czy3UpluhbJ7IIFZ/uYqbqznND4c2A4hvCDmkM
QCRn0QcjykoQ0Ex2wJuAthwMAqOjZqAWobaxdCbIHbv+T1V59GUo0NptTtQZ4Xee
0+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:18 2024 by rpki-client on console-fra.rpki-client.org