Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGU4981WVAz4Vli33KLn9Q2qYq8.roa
File: qGU4981WVAz4Vli33KLn9Q2qYq8.roa (raw, json)
Hash identifier: y1hkUM6X0Pc/trEDbl7WQ0JlWnzag/Stab6fEEw/Q0g=
Subject key identifier: A8:65:38:F7:CD:56:54:0C:F8:56:58:B7:DC:A2:E7:F5:0D:AA:62:AF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B0A22072D8C1B7AD3727830BDC6081758
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGU4981WVAz4Vli33KLn9Q2qYq8.roa
Signing time: Sat 07 Oct 2023 12:34:44 +0000
ROA not before: Sat 07 Oct 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 212.192.246.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Oct 2023 04:53:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0a:22:07:2d:8c:1b:7a:d3:72:78:30:bd:c6:08:17:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 7 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a86538f7cd56540cf85658b7dca2e7f50daa62af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:66:74:71:cf:8b:e0:47:5c:13:6f:8d:34:83:
87:3c:48:c4:00:ce:11:3c:e6:9b:7f:0a:8c:af:81:
36:79:19:6f:81:c8:a2:48:93:48:05:c8:fb:b2:98:
4d:b1:99:41:dc:f7:0c:8e:da:a1:81:c2:ac:45:24:
d2:25:82:a6:79:8f:60:12:91:93:89:f7:95:7d:f3:
28:db:ff:eb:5b:2c:f2:10:e2:d3:50:27:c3:20:55:
9a:cc:e4:8a:9f:c1:71:ed:26:27:79:1b:c9:99:1e:
7d:69:7d:5f:b4:1b:e1:87:e6:cb:df:4c:25:8f:c0:
02:e9:03:cf:04:57:b5:c6:91:37:43:2d:be:03:b6:
bc:ba:19:f3:ea:18:79:ee:16:82:1e:c6:9a:cd:fb:
ef:fb:9d:1b:1d:74:12:39:e0:11:42:0f:68:38:31:
a7:94:90:26:80:4d:62:0c:d3:66:e5:79:2f:45:b4:
36:7c:77:44:48:2f:34:52:0e:1b:b2:8d:63:90:36:
a8:e3:1c:4e:48:31:8b:14:23:40:e3:bb:a4:e9:30:
a7:06:88:13:c3:a9:4e:a8:85:e5:24:1d:40:4a:10:
62:93:23:2b:ac:44:ac:67:35:73:08:69:b6:85:17:
59:85:18:6a:da:a3:5c:1d:c0:0e:90:77:70:fe:26:
d4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:65:38:F7:CD:56:54:0C:F8:56:58:B7:DC:A2:E7:F5:0D:AA:62:AF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/qGU4981WVAz4Vli33KLn9Q2qYq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
16:40:30:68:e1:1b:2f:bd:7e:83:c6:26:68:c6:69:94:76:ed:
d7:3c:11:5f:67:13:73:9b:ae:ce:97:5c:b2:e1:98:61:32:b8:
33:9f:d2:1d:81:2f:a7:b3:27:41:13:a5:99:6a:88:89:94:0f:
6f:c3:dc:2a:2e:8b:7f:5e:0e:36:c5:fa:73:cd:74:43:12:2b:
75:f7:e3:7c:d0:b7:67:ba:55:9a:c6:0a:53:29:e6:a4:d3:14:
22:44:2a:1b:cb:da:c7:b5:66:f9:15:da:0f:85:13:eb:9b:6b:
15:a0:a0:06:79:76:18:de:83:11:a2:b5:16:7d:23:24:58:cf:
03:97:b1:7a:f7:28:82:a0:cc:12:1a:98:53:16:d2:ab:c1:99:
ea:39:55:7d:42:b3:3d:d3:72:54:65:96:c9:4e:2b:8f:82:86:
b2:03:23:43:5b:bc:27:69:cf:e2:65:16:e2:95:40:58:88:9a:
53:e9:19:1f:18:ae:a0:28:c5:99:bb:9c:64:d9:fb:42:5b:84:
53:85:2e:1e:e5:b3:21:52:01:f0:cd:6a:d3:02:79:73:73:05:
50:58:e4:d2:1f:38:95:a8:01:34:88:4f:91:03:f8:e9:1c:b8:
b8:96:68:b2:79:cf:73:c3:79:e2:92:8d:09:9c:41:15:16:6f:
37:7f:6b:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYsKIgctjBt603J4ML3GCBdYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA3MTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODY1MzhmN2NkNTY1NDBjZjg1NjU4YjdkY2EyZTdmNTBkYWE2MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GZ0cc+L4EdcE2+NNIOHPEjEAM4R
POabfwqMr4E2eRlvgciiSJNIBcj7sphNsZlB3PcMjtqhgcKsRSTSJYKmeY9gEpGT
ifeVffMo2//rWyzyEOLTUCfDIFWazOSKn8Fx7SYneRvJmR59aX1ftBvhh+bL30wl
j8AC6QPPBFe1xpE3Qy2+A7a8uhnz6hh57haCHsaazfvv+50bHXQSOeARQg9oODGn
lJAmgE1iDNNm5XkvRbQ2fHdESC80Ug4bso1jkDao4xxOSDGLFCNA47uk6TCnBogT
w6lOqIXlJB1AShBikyMrrESsZzVzCGm2hRdZhRhq2qNcHcAOkHdw/ibU+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKhlOPfNVlQM+FZYt9yi5/UNqmKvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvcUdVNDk4MVdWQXo0VmxpMzNLTG45UTJxWXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4U/AwQA
1MD2MA0GCSqGSIb3DQEBCwUAA4IBAQAWQDBo4RsvvX6DxiZoxmmUdu3XPBFfZxNz
m67Ol1yy4ZhhMrgzn9IdgS+nsydBE6WZaoiJlA9vw9wqLot/Xg42xfpzzXRDEit1
9+N80LdnulWaxgpTKeak0xQiRCoby9rHtWb5FdoPhRPrm2sVoKAGeXYY3oMRorUW
fSMkWM8Dl7F69yiCoMwSGphTFtKrwZnqOVV9QrM903JUZZbJTiuPgoayAyNDW7wn
ac/iZRbilUBYiJpT6RkfGK6gKMWZu5xk2ftCW4RThS4e5bMhUgHwzWrTAnlzcwVQ
WOTSHziVqAE0iE+RA/jpHLi4lmiyec9zw3niko0JnEEVFm83f2v6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org