Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/qBy3gHXHkbzVItxhdDD83R8JNOk.roa
File: qBy3gHXHkbzVItxhdDD83R8JNOk.roa (raw, json)
Hash identifier: z2A/f8WRw60rbmt1rergaOs9ExWk8gEDYgwnPWOQLfc=
Subject key identifier: A8:1C:B7:80:75:C7:91:BC:D5:22:DC:61:74:30:FC:DD:1F:09:34:E9
Certificate issuer: /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial: 018CC8711F4ABCCFEE6067EE2438F144EBB7
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/qBy3gHXHkbzVItxhdDD83R8JNOk.roa
Signing time: Tue 02 Jan 2024 04:31:45 +0000
ROA not before: Tue 02 Jan 2024 04:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33923
IP address blocks: 194.6.246.0/24 maxlen: 32
185.183.236.0/22 maxlen: 32
194.145.184.0/22 maxlen: 32
94.246.128.0/18 maxlen: 32
2a00:1a40::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 31 Jan 2024 15:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:1f:4a:bc:cf:ee:60:67:ee:24:38:f1:44:eb:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Validity
Not Before: Jan 2 04:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a81cb78075c791bcd522dc617430fcdd1f0934e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:f4:b1:8e:cb:ab:5c:1a:a5:eb:44:25:97:
f8:54:19:13:c7:0c:d2:cb:6f:d7:01:3b:88:12:02:
56:9a:5b:93:c2:04:ed:f7:e4:f6:38:89:70:2a:2e:
77:27:d9:e6:12:0d:8d:da:43:d2:8c:52:10:41:84:
d2:04:db:6a:0a:95:fc:97:30:9d:48:37:04:45:60:
20:3a:76:64:55:46:31:fb:3c:42:68:5a:04:0b:11:
10:24:e6:9d:04:b1:e2:73:95:91:52:6c:82:92:23:
1d:5c:4e:20:93:ee:1f:d5:83:dc:73:14:d2:26:f7:
62:8e:df:6f:83:43:70:62:be:55:20:ad:bc:9b:e8:
95:56:93:49:6e:d6:81:e0:e5:84:56:44:71:ac:d5:
b5:f3:ae:c3:73:85:99:21:a9:02:d3:34:31:7c:4a:
d0:e2:de:1b:a9:f1:2a:76:f5:f1:91:91:20:07:11:
b4:78:a5:30:90:bd:73:cf:e0:4f:12:51:4a:80:ce:
24:c5:c4:03:55:28:dc:d8:72:6e:9e:07:89:0b:a3:
c0:ca:14:ff:f4:83:63:5c:80:2b:53:ad:a4:90:2f:
58:ef:4e:99:05:ad:4c:af:44:03:ea:ca:74:51:2d:
f9:f4:c5:51:72:c7:a2:f7:2e:6d:4c:cd:ef:2d:f7:
dc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1C:B7:80:75:C7:91:BC:D5:22:DC:61:74:30:FC:DD:1F:09:34:E9
X509v3 Authority Key Identifier:
keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/qBy3gHXHkbzVItxhdDD83R8JNOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.246.128.0/18
185.183.236.0/22
194.6.246.0/24
194.145.184.0/22
IPv6:
2a00:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
4d:3d:b7:cd:da:b3:51:6b:f8:c9:29:18:5d:52:c2:b6:b0:5d:
52:f3:64:36:b1:97:cc:2f:4a:5d:b0:35:a7:97:db:b8:d8:dd:
d1:b6:f2:e2:e7:25:30:30:f9:86:4d:90:39:37:a8:58:23:99:
f2:64:42:fd:8e:0f:cf:c3:32:20:ad:95:7a:86:23:4d:b9:25:
4c:1c:45:6c:4b:d4:6c:01:9f:45:bb:2e:99:6e:8b:7a:90:d0:
4a:68:49:2f:79:9c:51:32:90:4c:fa:8f:61:56:84:12:b7:7d:
53:bf:1e:53:b9:28:5e:b4:37:bc:01:a4:45:ec:17:d3:be:42:
67:21:22:80:2b:d4:96:56:b5:e6:21:59:92:7c:7f:8d:bb:12:
6a:eb:76:3e:3e:87:68:e8:4f:3b:45:4d:65:5d:11:e1:55:77:
95:b5:b5:90:f5:d5:90:49:0b:d8:4a:c6:4a:b7:14:22:cc:f7:
98:d3:4d:d0:56:ba:44:66:29:49:bc:68:d0:0b:67:d4:59:59:
8d:b5:95:ba:a2:3b:e9:e9:c4:b5:3a:5e:67:58:e1:11:22:59:
c6:44:69:7d:1e:04:01:e2:90:01:31:80:ad:97:73:c0:d6:fa:
99:de:9f:e7:2b:3b:64:24:9b:3e:8d:72:86:de:73:af:3a:52:
f3:f8:ea:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIcR9KvM/uYGfuJDjxROu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yjg3YjNiMDljY2I2OWE2ZGUyMDQ2OGU5MGVjYmIxOGY1
ZWNiYjYwHhcNMjQwMTAyMDQzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFjYjc4MDc1Yzc5MWJjZDUyMmRjNjE3NDMwZmNkZDFmMDkzNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8X0sY7Lq1wapetEJZf4VBkTxwzS
y2/XATuIEgJWmluTwgTt9+T2OIlwKi53J9nmEg2N2kPSjFIQQYTSBNtqCpX8lzCd
SDcERWAgOnZkVUYx+zxCaFoECxEQJOadBLHic5WRUmyCkiMdXE4gk+4f1YPccxTS
Jvdijt9vg0NwYr5VIK28m+iVVpNJbtaB4OWEVkRxrNW1867Dc4WZIakC0zQxfErQ
4t4bqfEqdvXxkZEgBxG0eKUwkL1zz+BPElFKgM4kxcQDVSjc2HJungeJC6PAyhT/
9INjXIArU62kkC9Y706ZBa1Mr0QD6sp0US359MVRcsei9y5tTM3vLffc2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKgct4B1x5G81SLcYXQw/N0fCTTpMB8GA1UdIwQY
MBaAFLm4ezsJzLaabeIEaOkOy7GPXsu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYt
M2I0Y2I5NzVhOWJjLzEvcUJ5M2dIWEhrYnpWSXR4aGRERDgzUjhKTk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYtM2I0Y2I5NzVhOWJj
LzEvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGXvaAAwQC
ubfsAwQAwgb2AwQCwpG4MA0EAgACMAcDBQAqABpAMA0GCSqGSIb3DQEBCwUAA4IB
AQBNPbfN2rNRa/jJKRhdUsK2sF1S82Q2sZfML0pdsDWnl9u42N3RtvLi5yUwMPmG
TZA5N6hYI5nyZEL9jg/PwzIgrZV6hiNNuSVMHEVsS9RsAZ9Fuy6Zbot6kNBKaEkv
eZxRMpBM+o9hVoQSt31Tvx5TuShetDe8AaRF7BfTvkJnISKAK9SWVrXmIVmSfH+N
uxJq63Y+Podo6E87RU1lXRHhVXeVtbWQ9dWQSQvYSsZKtxQizPeY003QVrpEZilJ
vGjQC2fUWVmNtZW6ojvp6cS1Ol5nWOERIlnGRGl9HgQB4pABMYCtl3PA1vqZ3p/n
KztkJJs+jXKG3nOvOlLz+Op0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:11 2024 by rpki-client on console-fra.rpki-client.org