Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qCUXpK7ntavs4lSPYsXmF6CyNCI.roa
File: qCUXpK7ntavs4lSPYsXmF6CyNCI.roa (raw, json)
Hash identifier: dsT/JefxZDoIyKAzvMEaHACpVo2hIMgxQKoJRMtYvz8=
Subject key identifier: A8:25:17:A4:AE:E7:B5:AB:EC:E2:54:8F:62:C5:E6:17:A0:B2:34:22
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81D1500168058748F21F1E2193EED0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qCUXpK7ntavs4lSPYsXmF6CyNCI.roa
Signing time: Sun 01 Jan 2023 13:25:02 +0000
ROA not before: Sun 01 Jan 2023 13:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 81.161.238.0/23 maxlen: 24
193.168.196.0/22 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jan 2023 10:15:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:d1:50:01:68:05:87:48:f2:1f:1e:21:93:ee:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a82517a4aee7b5abece2548f62c5e617a0b23422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e7:dd:03:0b:dd:0d:7b:f4:2b:94:c5:e5:05:
60:2e:c4:6c:9e:a1:1c:35:a5:2a:cb:3d:64:d1:6c:
70:27:95:04:fb:83:07:cd:10:7e:54:91:e8:60:13:
94:6e:cf:86:97:52:78:39:96:a2:00:5d:6f:66:3c:
f3:6c:0f:f1:b3:49:92:84:de:00:24:95:ff:ca:c5:
18:e0:9d:3b:ad:82:95:e0:7b:20:f6:db:9d:3c:4c:
9a:ae:29:fe:b5:2a:84:55:82:a1:5b:73:8f:19:0a:
7f:e4:4a:a6:72:f6:f9:f4:f3:b0:49:5c:f1:37:15:
4c:a2:d1:d8:78:7f:c3:fa:b0:ae:ed:a5:34:85:ed:
03:63:bc:7c:64:50:09:dd:82:0e:af:93:fe:0b:e7:
5f:fd:02:ab:af:7d:77:2e:06:db:76:57:02:9d:48:
ad:cf:f7:a2:31:95:5a:e1:eb:47:87:86:a3:27:cd:
cd:54:d7:c6:59:77:ec:27:b5:11:bb:33:03:1c:a1:
20:80:5a:d3:e0:f4:6b:ac:3f:a3:1b:c3:ec:f5:8e:
e4:4d:04:f6:93:fb:09:a5:a4:3d:5e:36:d1:fd:46:
a5:f5:f5:70:9d:9d:06:86:25:1d:07:28:73:0c:50:
a0:fa:34:e2:b1:12:dc:0d:7b:4e:7d:2d:61:b3:d7:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:25:17:A4:AE:E7:B5:AB:EC:E2:54:8F:62:C5:E6:17:A0:B2:34:22
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qCUXpK7ntavs4lSPYsXmF6CyNCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
88.218.76.0/22
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:a2:95:85:27:bf:75:52:71:bc:9f:ed:6c:e2:e1:87:a0:37:
82:a7:b5:41:3d:b2:fe:c9:dd:ef:b9:00:66:69:cc:60:d1:ad:
d3:70:8a:9b:d0:53:76:54:5d:28:bb:58:28:4b:ae:23:24:cc:
8d:8e:66:77:30:01:07:6c:23:68:2d:7c:6b:17:9c:e8:54:a8:
6a:6c:ac:17:dd:05:9c:40:e8:ea:cc:b9:9e:80:2f:2c:87:5a:
17:5a:a8:9f:05:f4:61:29:1b:32:04:84:c6:25:86:ca:64:ee:
9b:4f:22:e2:7f:42:bb:43:b1:02:20:9d:cf:0c:4b:d6:99:3d:
c7:9d:26:77:f3:df:d4:6d:d0:75:73:e0:6c:ad:f8:65:71:4e:
85:93:e6:b4:22:31:dd:93:ff:52:b8:bf:c6:13:14:96:6c:26:
15:4d:60:fb:ae:0f:b4:e5:82:af:e1:20:5a:f0:ae:a2:0e:24:
71:76:e4:1c:6c:03:1e:aa:ee:4a:b1:9b:76:4f:9c:21:9d:a1:
70:dc:c3:ca:5a:80:3b:c9:86:6f:f7:71:64:b9:f7:bb:4d:41:
d6:bd:54:e3:25:ca:8b:cf:7d:b3:d1:3a:6a:5b:b6:18:a8:8d:
c8:7f:11:fa:29:ac:4d:66:40:07:30:32:25:15:ef:4f:c9:60:
e0:be:bf:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgdFQAWgFh0jyHx4hk+7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI1MTdhNGFlZTdiNWFiZWNlMjU0OGY2MmM1ZTYxN2EwYjIzNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+fdAwvdDXv0K5TF5QVgLsRsnqEc
NaUqyz1k0WxwJ5UE+4MHzRB+VJHoYBOUbs+Gl1J4OZaiAF1vZjzzbA/xs0mShN4A
JJX/ysUY4J07rYKV4Hsg9tudPEyarin+tSqEVYKhW3OPGQp/5Eqmcvb59POwSVzx
NxVMotHYeH/D+rCu7aU0he0DY7x8ZFAJ3YIOr5P+C+df/QKrr313LgbbdlcCnUit
z/eiMZVa4etHh4ajJ83NVNfGWXfsJ7URuzMDHKEggFrT4PRrrD+jG8Ps9Y7kTQT2
k/sJpaQ9XjbR/Ual9fVwnZ0GhiUdByhzDFCg+jTisRLcDXtOfS1hs9cMfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKglF6Su57Wr7OJUj2LF5hegsjQiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcUNVWHBLN250YXZzNGxTUFlzWG1GNkN5TkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUaHuAwQC
WNpMAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQAOopWFJ791UnG8n+1s4uGHoDeC
p7VBPbL+yd3vuQBmacxg0a3TcIqb0FN2VF0ou1goS64jJMyNjmZ3MAEHbCNoLXxr
F5zoVKhqbKwX3QWcQOjqzLmegC8sh1oXWqifBfRhKRsyBITGJYbKZO6bTyLif0K7
Q7ECIJ3PDEvWmT3HnSZ389/UbdB1c+BsrfhlcU6Fk+a0IjHdk/9SuL/GExSWbCYV
TWD7rg+05YKv4SBa8K6iDiRxduQcbAMequ5KsZt2T5whnaFw3MPKWoA7yYZv93Fk
ufe7TUHWvVTjJcqLz32z0TpqW7YYqI3IfxH6KaxNZkAHMDIlFe9PyWDgvr87
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org