Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/q2TCh-uLnkxxN31glgEMxzwQspw.roa
File: q2TCh-uLnkxxN31glgEMxzwQspw.roa (raw, json)
Hash identifier: gCRx0+snmNB5etY8QxJZWypIaDzyHp6cQ4zNuephR5I=
Subject key identifier: AB:64:C2:87:EB:8B:9E:4C:71:37:7D:60:96:01:0C:C7:3C:10:B2:9C
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 0185735890059907F9B22E1DE5D47EE12C49
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/q2TCh-uLnkxxN31glgEMxzwQspw.roa
Signing time: Mon 02 Jan 2023 16:37:41 +0000
ROA not before: Mon 02 Jan 2023 16:37:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39346
IP address blocks: 85.204.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:58:90:05:99:07:f9:b2:2e:1d:e5:d4:7e:e1:2c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 16:37:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab64c287eb8b9e4c71377d6096010cc73c10b29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:06:e7:28:59:90:d0:a5:32:74:dc:30:6e:
cb:0f:d7:bd:85:f1:cf:11:93:f9:1e:f7:c1:8f:a3:
61:ae:8a:5c:84:b6:7e:b7:78:17:38:11:f7:a2:b5:
75:c7:bd:87:68:ee:10:3f:71:ce:30:b2:06:80:07:
e2:43:21:41:d5:ac:12:db:b5:83:74:11:67:6d:a8:
c1:ae:13:fc:e7:bd:ff:b5:d1:b6:a4:74:df:ed:c6:
46:70:f8:d9:f1:e4:80:a2:ce:d9:40:6d:f4:2f:27:
0c:45:64:f9:bd:8f:c6:06:c8:98:35:c9:82:46:ac:
01:8f:2c:fa:32:6f:58:25:94:b8:d6:f5:fe:3c:67:
21:90:5f:1a:b9:d1:fc:50:4a:17:d2:0c:af:70:e1:
bc:e6:2a:23:4d:67:ec:73:e5:6b:2c:5c:b8:58:7a:
89:bb:e1:ad:8b:15:71:ec:f8:2f:f0:b2:2f:39:63:
ac:85:c9:4f:2e:80:8e:a3:b4:7c:b8:c3:63:c4:b2:
f0:62:24:32:f4:44:8f:3c:d5:99:ad:b0:e5:0f:69:
3e:f7:00:80:64:85:64:d4:94:a4:d2:6b:f7:c0:f4:
80:d4:91:a3:86:a5:22:dc:e8:27:60:15:04:34:f7:
b6:3b:12:f5:de:76:fb:6e:f8:e0:f7:57:24:70:f8:
6b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:64:C2:87:EB:8B:9E:4C:71:37:7D:60:96:01:0C:C7:3C:10:B2:9C
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/q2TCh-uLnkxxN31glgEMxzwQspw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.139.0/24
Signature Algorithm: sha256WithRSAEncryption
85:55:e6:55:25:af:f3:f8:26:ff:93:7f:1c:7b:b7:3b:64:0f:
1a:84:c1:51:6f:34:ec:9c:63:88:56:cf:e6:f7:04:7d:71:ac:
f9:5f:1e:1d:60:ca:7a:ec:99:76:c9:a7:f0:d6:0b:91:23:1c:
04:ec:9f:46:81:24:78:9e:20:fc:d3:39:03:45:88:03:74:b3:
63:00:df:29:af:27:ef:99:65:17:5b:16:91:4e:80:84:66:54:
8b:6f:d6:aa:7b:e3:47:9a:aa:4b:ca:2b:bb:cd:87:19:40:9e:
a0:40:42:cf:50:d5:7c:94:19:fe:b0:b9:09:c8:ac:59:4b:9a:
31:c4:ef:9b:58:8e:b2:a6:36:af:be:c9:38:10:d9:58:f8:b9:
1e:96:75:67:83:04:25:bf:e3:d7:be:12:e9:a3:25:e1:d8:8a:
04:d6:33:4c:08:57:7d:aa:62:16:20:70:83:67:07:1e:52:ec:
3e:73:ff:39:02:80:e5:0a:70:a3:26:44:ef:fc:cd:ac:b0:b4:
9c:b1:2d:f6:36:4b:ee:8e:28:71:1a:87:9d:9a:15:71:a2:b4:
43:04:6a:8c:1d:d6:37:5d:03:d8:41:06:89:72:ca:a7:9a:ce:
c2:f2:b4:ea:59:86:f6:c1:31:c3:ea:54:3f:02:3d:cc:29:5a:
ae:73:d9:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzWJAFmQf5si4d5dR+4SxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjMwMTAyMTYzNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjY0YzI4N2ViOGI5ZTRjNzEzNzdkNjA5NjAxMGNjNzNjMTBiMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBoG5yhZkNClMnTcMG7LD9e9hfHP
EZP5HvfBj6NhropchLZ+t3gXOBH3orV1x72HaO4QP3HOMLIGgAfiQyFB1awS27WD
dBFnbajBrhP8573/tdG2pHTf7cZGcPjZ8eSAos7ZQG30LycMRWT5vY/GBsiYNcmC
RqwBjyz6Mm9YJZS41vX+PGchkF8audH8UEoX0gyvcOG85iojTWfsc+VrLFy4WHqJ
u+GtixVx7Pgv8LIvOWOshclPLoCOo7R8uMNjxLLwYiQy9ESPPNWZrbDlD2k+9wCA
ZIVk1JSk0mv3wPSA1JGjhqUi3OgnYBUENPe2OxL13nb7bvjg91ckcPhrHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtkwofri55McTd9YJYBDMc8ELKcMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvcTJUQ2gtdUxua3h4TjMxZ2xnRU14endRc3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcyLMA0G
CSqGSIb3DQEBCwUAA4IBAQCFVeZVJa/z+Cb/k38ce7c7ZA8ahMFRbzTsnGOIVs/m
9wR9caz5Xx4dYMp67Jl2yafw1guRIxwE7J9GgSR4niD80zkDRYgDdLNjAN8pryfv
mWUXWxaRToCEZlSLb9aqe+NHmqpLyiu7zYcZQJ6gQELPUNV8lBn+sLkJyKxZS5ox
xO+bWI6ypjavvsk4ENlY+LkelnVngwQlv+PXvhLpoyXh2IoE1jNMCFd9qmIWIHCD
ZwceUuw+c/85AoDlCnCjJkTv/M2ssLScsS32NkvujihxGoedmhVxorRDBGqMHdY3
XQPYQQaJcsqnms7C8rTqWYb2wTHD6lQ/Aj3MKVquc9mI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:40 2024 by rpki-client on console-ams.rpki-client.org