Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qCgMdAWs9SoBuAPv8fRrUyULQ4s.roa
File: qCgMdAWs9SoBuAPv8fRrUyULQ4s.roa (raw, json)
Hash identifier: 8ESIEe1At70xQPpRw4As2oakWFYrOHUhqcuHTMdi+Vs=
Subject key identifier: A8:28:0C:74:05:AC:F5:2A:01:B8:03:EF:F1:F4:6B:53:25:0B:43:8B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187C212773689927F53E52A0636C2CFC48A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qCgMdAWs9SoBuAPv8fRrUyULQ4s.roa
Signing time: Thu 27 Apr 2023 09:36:42 +0000
ROA not before: Thu 27 Apr 2023 09:36:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 194.58.38.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c2:12:77:36:89:92:7f:53:e5:2a:06:36:c2:cf:c4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 27 09:36:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8280c7405acf52a01b803eff1f46b53250b438b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:2c:18:f6:ec:fc:8b:1a:34:01:41:9f:a4:
bc:d4:fb:77:b8:f1:89:4c:7c:86:4d:ee:ab:c3:27:
e5:1e:6b:0d:cf:31:ae:83:98:eb:81:69:a9:ff:92:
39:4a:5f:f0:0a:13:0b:e3:08:fb:4a:3c:53:f0:df:
7c:55:23:14:ce:3d:56:53:16:fc:e7:05:f7:38:8c:
8e:e0:c7:62:04:34:25:4b:99:ad:ef:81:eb:05:10:
c4:0f:80:a4:86:34:73:f4:c8:22:52:81:b2:4a:67:
71:8e:40:b0:80:b6:1a:a4:8c:c1:a0:a0:c4:81:67:
b8:10:7e:f0:0f:62:b3:8f:9e:e4:76:2e:3d:17:f0:
03:30:01:7f:15:45:56:9c:ab:89:91:44:db:a2:15:
6d:f8:96:14:e3:1c:04:eb:2d:87:b1:2c:e4:82:1e:
8b:ae:6b:70:e1:ab:14:b1:0a:cb:68:c6:22:7c:35:
4c:c0:19:92:80:04:80:72:90:5b:01:b0:dd:c1:74:
b1:f6:c1:94:ff:6d:d9:9b:24:3e:76:81:fa:c0:34:
29:04:92:66:f8:0c:4d:b0:e8:f2:82:d1:1b:ea:df:
16:6b:0a:ca:cc:fe:77:f8:cf:d4:95:ef:66:4e:1f:
47:21:5b:15:d0:5d:bb:83:82:31:31:73:3a:a5:74:
d9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:28:0C:74:05:AC:F5:2A:01:B8:03:EF:F1:F4:6B:53:25:0B:43:8B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qCgMdAWs9SoBuAPv8fRrUyULQ4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.38.0/24
194.58.67.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:50:76:d3:61:00:2b:36:b7:33:6f:1f:fa:15:30:3b:d2:44:
ee:e6:fa:be:f7:78:be:6d:a3:66:85:52:de:48:c0:97:2f:19:
2d:13:24:e5:81:32:56:c5:e1:70:95:49:09:ce:75:e2:a6:4b:
27:7e:f3:56:f4:7a:ff:b8:22:5d:9c:47:43:3d:ca:24:04:b4:
6c:74:15:95:b0:25:fe:15:1e:94:6b:e7:c6:38:5e:f9:7b:78:
b2:7f:1e:9d:d5:1b:79:e8:57:dd:cf:99:4f:94:18:57:59:9b:
0d:df:6f:e2:d1:4b:35:e5:5c:4b:ce:a0:ee:03:b9:21:5a:6b:
08:f9:42:22:25:1d:34:81:13:cc:cd:15:ca:29:10:45:4f:7f:
b8:4b:1a:50:43:97:4f:7e:91:5e:81:37:c9:1c:25:90:05:6f:
c0:c7:7d:3f:39:12:ad:47:01:8d:86:52:ea:0d:d7:5f:d4:80:
21:67:81:12:31:eb:5a:fa:41:ee:8f:d1:28:04:77:e2:32:61:
1a:31:ba:74:18:c3:25:28:81:07:19:43:87:36:71:17:a9:65:
fc:78:c5:3a:fe:5d:e6:93:44:c6:6e:49:6a:35:e3:24:bb:1a:
ad:c3:cd:36:f3:7f:db:1f:2d:63:d9:3e:6b:fc:9f:b4:ae:d4:
c8:f1:d1:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYfCEnc2iZJ/U+UqBjbCz8SKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDI3MDkzNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI4MGM3NDA1YWNmNTJhMDFiODAzZWZmMWY0NmI1MzI1MGI0MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszYsGPbs/IsaNAFBn6S81Pt3uPGJ
THyGTe6rwyflHmsNzzGug5jrgWmp/5I5Sl/wChML4wj7SjxT8N98VSMUzj1WUxb8
5wX3OIyO4MdiBDQlS5mt74HrBRDED4CkhjRz9MgiUoGySmdxjkCwgLYapIzBoKDE
gWe4EH7wD2Kzj57kdi49F/ADMAF/FUVWnKuJkUTbohVt+JYU4xwE6y2HsSzkgh6L
rmtw4asUsQrLaMYifDVMwBmSgASAcpBbAbDdwXSx9sGU/23ZmyQ+doH6wDQpBJJm
+AxNsOjygtEb6t8WawrKzP53+M/Ule9mTh9HIVsV0F27g4IxMXM6pXTZ6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKgoDHQFrPUqAbgD7/H0a1MlC0OLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcUNnTWRBV3M5U29CdUFQdjhmUnJVeVVMUTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjomAwQA
wjpDMA0GCSqGSIb3DQEBCwUAA4IBAQBLUHbTYQArNrczbx/6FTA70kTu5vq+93i+
baNmhVLeSMCXLxktEyTlgTJWxeFwlUkJznXipksnfvNW9Hr/uCJdnEdDPcokBLRs
dBWVsCX+FR6Ua+fGOF75e3iyfx6d1Rt56Ffdz5lPlBhXWZsN32/i0Us15VxLzqDu
A7khWmsI+UIiJR00gRPMzRXKKRBFT3+4SxpQQ5dPfpFegTfJHCWQBW/Ax30/ORKt
RwGNhlLqDddf1IAhZ4ESMeta+kHuj9EoBHfiMmEaMbp0GMMlKIEHGUOHNnEXqWX8
eMU6/l3mk0TGbklqNeMkuxqtw80283/bHy1j2T5r/J+0rtTI8dGT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:12 2023 by rpki-client on console-fra.rpki-client.org