Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/idSqjouhXbG_uifIgP7xZXuppKQ.roa
File: idSqjouhXbG_uifIgP7xZXuppKQ.roa (raw, json)
Hash identifier: n5VWjSAW067P2OvMeH0e3kgI/DUuEIFDzFXQy7rnAUk=
Subject key identifier: 89:D4:AA:8E:8B:A1:5D:B1:BF:BA:27:C8:80:FE:F1:65:7B:A9:A4:A4
Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Certificate serial: 018BF16C7F8EA162978E7EA450210AF10EF5
Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/idSqjouhXbG_uifIgP7xZXuppKQ.roa
Signing time: Tue 21 Nov 2023 10:28:21 +0000
ROA not before: Tue 21 Nov 2023 10:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 213.158.90.0/23 maxlen: 24
213.158.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:6c:7f:8e:a1:62:97:8e:7e:a4:50:21:0a:f1:0e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Validity
Not Before: Nov 21 10:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89d4aa8e8ba15db1bfba27c880fef1657ba9a4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a4:e1:86:3a:35:59:6e:ad:22:65:94:c4:5d:
70:1a:24:ac:82:d0:b5:36:2a:c1:28:51:d0:2d:a4:
d2:90:77:40:f4:12:73:2a:af:0a:32:d3:5c:11:f5:
bf:d9:90:16:03:b6:d7:16:03:6e:d6:3b:96:cd:b3:
14:6e:3c:18:ee:aa:53:0b:a7:0f:f6:02:c0:9f:e2:
d1:07:91:78:91:67:ae:33:2f:23:40:80:56:bf:f5:
0c:0f:3e:16:ef:6e:30:9d:b6:62:bd:02:c5:c2:eb:
11:0c:57:2d:1a:36:d2:fd:a4:54:e3:fa:33:6e:73:
39:6d:20:25:8e:1f:1b:08:90:df:80:9c:6a:15:40:
f6:b4:71:d8:3f:d3:82:b6:c2:e0:99:6e:fe:b3:f1:
ea:05:ee:7f:a5:c9:f3:b0:95:f6:80:18:c5:5d:21:
72:39:d5:dd:32:e6:70:cb:ec:23:7f:e1:8e:2a:dd:
18:75:ec:7e:97:ca:35:d0:30:b3:61:c4:fb:4f:88:
ab:85:ce:9e:75:31:ab:c4:41:db:07:59:18:9e:66:
31:4a:2d:66:18:6c:f7:96:af:1a:0f:b6:a4:a4:f6:
04:13:96:b4:9b:3a:24:66:9c:f8:b0:05:8d:85:f9:
a2:ee:c9:86:ac:53:0a:a9:17:8f:55:5b:f2:25:41:
29:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D4:AA:8E:8B:A1:5D:B1:BF:BA:27:C8:80:FE:F1:65:7B:A9:A4:A4
X509v3 Authority Key Identifier:
keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/idSqjouhXbG_uifIgP7xZXuppKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.90.0-213.158.95.255
Signature Algorithm: sha256WithRSAEncryption
87:5b:99:af:26:98:87:53:19:6e:71:e6:f0:aa:db:1d:e1:9f:
68:df:7c:cb:e4:70:15:e8:b7:f5:4d:80:88:09:57:a4:01:b4:
16:e6:55:b7:85:d8:89:28:88:0e:ce:e8:3d:c8:ce:db:8b:51:
d0:11:4c:be:94:d3:17:d2:2e:8a:25:21:24:5f:ed:80:fa:c2:
82:3d:38:36:93:a7:c2:8a:88:ad:11:77:b9:4d:5c:9a:94:16:
a6:da:ad:3e:ee:15:08:9c:ef:39:e3:84:78:34:24:9f:8a:c2:
27:00:9e:de:50:0c:7c:99:24:b9:0d:53:07:64:57:e0:bb:10:
24:5c:bc:31:5e:a7:b4:5f:3a:54:1d:c2:e3:53:39:8b:f5:f8:
fc:12:2b:3f:b8:71:1a:54:29:4b:b5:cf:65:3b:66:da:4a:15:
50:6f:6a:a2:aa:55:e5:0e:22:e7:cb:ad:00:b3:62:b8:8b:25:
ca:8f:f2:8a:c2:81:cd:fc:a6:69:09:26:7e:49:ec:56:0b:a9:
3c:0c:ed:4d:15:c4:e0:d2:32:77:39:42:9c:87:d8:02:d2:25:
e7:a3:1a:2b:9c:6b:5e:f3:53:94:31:9c:e8:c0:fa:16:ab:83:
d0:32:7b:5b:a1:b4:66:83:22:0a:0c:86:21:72:d3:3f:62:37:
21:c4:09:43
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYvxbH+OoWKXjn6kUCEK8Q71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm
Y2FhOWYwHhcNMjMxMTIxMTAyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ0YWE4ZThiYTE1ZGIxYmZiYTI3Yzg4MGZlZjE2NTdiYTlhNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaThhjo1WW6tImWUxF1wGiSsgtC1
NirBKFHQLaTSkHdA9BJzKq8KMtNcEfW/2ZAWA7bXFgNu1juWzbMUbjwY7qpTC6cP
9gLAn+LRB5F4kWeuMy8jQIBWv/UMDz4W724wnbZivQLFwusRDFctGjbS/aRU4/oz
bnM5bSAljh8bCJDfgJxqFUD2tHHYP9OCtsLgmW7+s/HqBe5/pcnzsJX2gBjFXSFy
OdXdMuZwy+wjf+GOKt0Ydex+l8o10DCzYcT7T4irhc6edTGrxEHbB1kYnmYxSi1m
GGz3lq8aD7akpPYEE5a0mzokZpz4sAWNhfmi7smGrFMKqRePVVvyJUEp2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFInUqo6LoV2xv7onyID+8WV7qaSkMB8GA1UdIwQY
MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt
YmM1YjY5MTQ0NTg3LzEvaWRTcWpvdWhYYkdfdWlmSWdQN3haWHVwcEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3
LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHVnloD
BAXVnkAwDQYJKoZIhvcNAQELBQADggEBAIdbma8mmIdTGW5x5vCq2x3hn2jffMvk
cBXot/VNgIgJV6QBtBbmVbeF2IkoiA7O6D3IztuLUdARTL6U0xfSLoolISRf7YD6
woI9ODaTp8KKiK0Rd7lNXJqUFqbarT7uFQic7znjhHg0JJ+KwicAnt5QDHyZJLkN
UwdkV+C7ECRcvDFep7RfOlQdwuNTOYv1+PwSKz+4cRpUKUu1z2U7ZtpKFVBvaqKq
VeUOIufLrQCzYriLJcqP8orCgc38pmkJJn5J7FYLqTwM7U0VxODSMnc5QpyH2ALS
JeejGiuca17zU5QxnOjA+harg9Aye1uhtGaDIgoMhiFy0z9iNyHECUM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:33 2024 by rpki-client on console-ams.rpki-client.org