Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/qTCcuwhMp8feYNyykBzjxyigIoA.roa
File: qTCcuwhMp8feYNyykBzjxyigIoA.roa (raw, json)
Hash identifier: NLp226VcE6qm3BNP/DDvR71v40yU2lMBK+FYBOlXQdo=
Subject key identifier: A9:30:9C:BB:08:4C:A7:C7:DE:60:DC:B2:90:1C:E3:C7:28:A0:22:80
Certificate issuer: /CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Certificate serial: 0187E640B16BB281DE34FDEE4F498B251E95
Authority key identifier: 33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/qTCcuwhMp8feYNyykBzjxyigIoA.roa
Signing time: Thu 04 May 2023 10:13:32 +0000
ROA not before: Thu 04 May 2023 10:13:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5392
IP address blocks: 195.36.0.0/18 maxlen: 18
2a00:1988::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e6:40:b1:6b:b2:81:de:34:fd:ee:4f:49:8b:25:1e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b1b31396083ce9ed51e462898e294ed8215ae7
Validity
Not Before: May 4 10:13:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9309cbb084ca7c7de60dcb2901ce3c728a02280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:4b:38:e4:bc:7c:2e:83:be:ab:6c:d8:f9:
4b:10:85:2d:fd:ac:36:f5:d9:22:d9:4a:1b:76:5c:
b8:ab:14:35:a8:16:e9:7e:0e:58:e8:67:89:99:3e:
02:06:c7:b4:e7:da:f2:d5:01:09:a1:9c:d0:18:36:
88:02:22:94:5f:c0:8b:fd:7a:a1:a4:7c:ef:ed:0d:
a2:b7:1c:64:ea:8e:07:e1:ee:a0:89:0e:98:cb:b3:
2d:f7:ec:0c:06:84:3c:14:9d:e3:fe:38:8d:5f:c2:
33:ec:63:07:55:d2:0e:c3:c7:3e:b9:03:b2:a3:a3:
0b:5f:73:df:83:92:24:00:66:4b:af:d6:78:66:fb:
25:16:97:30:2b:29:61:b1:5f:3a:10:d0:d4:55:0f:
5e:64:c4:14:56:94:2c:66:80:d8:dc:45:e6:cd:70:
ae:24:39:d1:6a:f9:09:ee:09:26:f0:35:cb:ba:59:
8f:55:76:b8:67:f2:05:31:e7:e4:32:9f:1c:01:8b:
b8:e8:6d:8f:0a:d4:39:38:7a:47:bc:f4:24:4b:b4:
6c:c0:48:29:87:70:9a:d9:ef:f6:d1:20:12:8c:18:
78:15:27:ee:84:d3:bf:db:2d:92:68:d9:3b:01:da:
f7:e1:88:ea:b7:c3:96:6e:67:58:26:b7:8e:04:74:
55:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:30:9C:BB:08:4C:A7:C7:DE:60:DC:B2:90:1C:E3:C7:28:A0:22:80
X509v3 Authority Key Identifier:
keyid:33:B1:B3:13:96:08:3C:E9:ED:51:E4:62:89:8E:29:4E:D8:21:5A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7GzE5YIPOntUeRiiY4pTtghWuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/qTCcuwhMp8feYNyykBzjxyigIoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/1cc1fa-28dd-44d4-98a0-33e61bd912ea/1/M7GzE5YIPOntUeRiiY4pTtghWuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.36.0.0/18
IPv6:
2a00:1988::/32
Signature Algorithm: sha256WithRSAEncryption
02:26:4d:a6:a8:2a:dd:fc:df:e1:4a:61:b8:35:89:c9:9b:d5:
5c:53:81:9c:3b:79:b0:b2:a7:c0:e4:d3:b0:38:30:9f:2e:cd:
40:5d:8c:5e:c4:20:d9:18:4d:3c:e7:47:ab:6e:3a:40:e4:f2:
64:59:ee:50:61:80:43:7a:86:5a:db:be:ae:b8:56:7f:c4:31:
15:11:f4:5a:dc:f8:22:8b:44:6d:57:7b:73:92:f1:1a:8c:01:
5d:64:dd:6c:1f:9a:94:58:f5:95:bb:da:e9:57:f8:eb:b1:93:
b2:bb:36:ff:34:8e:17:c8:e2:92:69:ab:93:c9:e4:78:a3:e4:
5d:ad:a5:df:88:a7:91:dc:d1:a5:3b:2c:a0:64:cb:b3:2f:b4:
87:0a:a2:2c:8d:fc:ee:0c:60:50:fa:73:00:7e:b2:dc:65:ec:
80:79:92:35:f1:c6:28:d8:c2:4a:44:67:0f:97:03:b8:0b:a9:
8f:6d:8d:ae:d9:b2:52:bf:93:b1:c0:97:f8:ba:ee:7b:1c:28:
e7:d0:f7:bd:21:9f:7a:d2:55:23:48:e8:40:e6:7b:30:cf:a7:
a2:ab:72:a3:72:40:20:2d:a2:f6:6b:5f:8c:3d:b9:e1:8c:19:
4c:11:ad:e5:80:88:dc:d6:57:03:15:4c:99:b3:d2:06:b1:12:
7c:15:64:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfmQLFrsoHeNP3uT0mLJR6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjFiMzEzOTYwODNjZTllZDUxZTQ2Mjg5OGUyOTRlZDgy
MTVhZTcwHhcNMjMwNTA0MTAxMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTMwOWNiYjA4NGNhN2M3ZGU2MGRjYjI5MDFjZTNjNzI4YTAyMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmZLOOS8fC6Dvqts2PlLEIUt/aw2
9dki2Uobdly4qxQ1qBbpfg5Y6GeJmT4CBse059ry1QEJoZzQGDaIAiKUX8CL/Xqh
pHzv7Q2itxxk6o4H4e6giQ6Yy7Mt9+wMBoQ8FJ3j/jiNX8Iz7GMHVdIOw8c+uQOy
o6MLX3Pfg5IkAGZLr9Z4ZvslFpcwKylhsV86ENDUVQ9eZMQUVpQsZoDY3EXmzXCu
JDnRavkJ7gkm8DXLulmPVXa4Z/IFMefkMp8cAYu46G2PCtQ5OHpHvPQkS7RswEgp
h3Ca2e/20SASjBh4FSfuhNO/2y2SaNk7Adr34Yjqt8OWbmdYJreOBHRV6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKkwnLsITKfH3mDcspAc48cooCKAMB8GA1UdIwQY
MBaAFDOxsxOWCDzp7VHkYomOKU7YIVrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAt
MzNlNjFiZDkxMmVhLzEvcVRDY3V3aE1wOGZlWU55eWtCemp4eWlnSW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8xY2MxZmEtMjhkZC00NGQ0LTk4YTAtMzNlNjFiZDkxMmVh
LzEvTTdHekU1WUlQT250VWVSaWlZNHBUdGdoV3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGwyQAMA0E
AgACMAcDBQAqABmIMA0GCSqGSIb3DQEBCwUAA4IBAQACJk2mqCrd/N/hSmG4NYnJ
m9VcU4GcO3mwsqfA5NOwODCfLs1AXYxexCDZGE0850erbjpA5PJkWe5QYYBDeoZa
276uuFZ/xDEVEfRa3Pgii0RtV3tzkvEajAFdZN1sH5qUWPWVu9rpV/jrsZOyuzb/
NI4XyOKSaauTyeR4o+RdraXfiKeR3NGlOyygZMuzL7SHCqIsjfzuDGBQ+nMAfrLc
ZeyAeZI18cYo2MJKRGcPlwO4C6mPbY2u2bJSv5OxwJf4uu57HCjn0Pe9IZ960lUj
SOhA5nswz6eiq3KjckAgLaL2a1+MPbnhjBlMEa3lgIjc1lcDFUyZs9IGsRJ8FWTj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:31 2024 by rpki-client on console-fra.rpki-client.org