Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa
File: 1-QGKlT-71TfHSlbtYkmMONMIdKA.roa (raw, json)
Hash identifier: QHsMlAAmeX2ZbIeqK+98Du+ifoIfMxGHAIiv19w2CnI=
Subject key identifier: F9:01:8A:95:3F:BB:D5:37:C7:4A:56:ED:62:49:8C:38:D3:08:74:A0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0185F3C53D270C5E08276C3A7F85BEE75E53
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa
Signing time: Fri 27 Jan 2023 15:07:47 +0000
ROA not before: Fri 27 Jan 2023 15:07:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47418
IP address blocks: 193.233.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:c5:3d:27:0c:5e:08:27:6c:3a:7f:85:be:e7:5e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 27 15:07:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9018a953fbbd537c74a56ed62498c38d30874a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4d:21:fa:fa:53:85:f5:89:7b:bc:b8:f4:ae:
bd:50:52:4e:6c:ae:b7:8a:16:ea:65:14:6c:b9:52:
66:51:6d:22:9b:67:82:e3:8d:0b:4d:1e:94:8c:75:
60:4d:9b:6d:5b:4c:76:50:eb:3e:e5:48:63:55:26:
42:29:ab:75:2e:71:31:9d:18:a4:4e:4d:7e:89:d5:
c4:a6:dd:9c:97:33:34:00:6f:09:4a:e4:a6:9e:0b:
49:05:5b:28:57:e7:59:2d:c7:b1:c4:70:34:ba:98:
e5:85:af:1f:d7:a9:9b:1e:6e:ae:3d:aa:3a:a5:ab:
a0:93:fc:41:d4:13:50:61:01:aa:a2:af:4e:57:d5:
34:cc:e7:a5:16:9e:d0:ab:45:ef:6d:6f:e4:3e:b5:
88:0c:3c:6c:e6:6a:53:3d:0f:1e:3c:47:70:17:15:
22:0d:7d:4e:41:e7:7f:fe:5f:f0:d9:2e:8c:e3:0f:
fd:11:bd:62:0e:bb:d1:c6:e9:c2:56:29:d8:c0:e6:
37:fa:ad:c2:45:dd:ae:1b:fa:15:62:3d:1e:96:24:
97:90:75:a8:5c:35:37:9e:2b:3f:a7:34:6f:58:b5:
eb:8b:13:93:36:6c:df:56:a2:30:07:ff:7d:d1:40:
5a:ab:ca:71:15:4b:f3:14:5f:8c:a3:80:e6:3e:9c:
22:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:01:8A:95:3F:BB:D5:37:C7:4A:56:ED:62:49:8C:38:D3:08:74:A0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/1-QGKlT-71TfHSlbtYkmMONMIdKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.242.0/24
Signature Algorithm: sha256WithRSAEncryption
35:82:2f:3c:e0:74:ec:41:18:ad:cc:16:ab:db:11:1d:8d:5f:
0b:64:94:11:65:a8:cf:65:f4:ed:50:33:fa:5c:fd:2f:f2:d0:
a0:0c:bc:82:86:f9:05:95:aa:bf:69:0d:0c:0d:6f:a4:25:cf:
80:75:b2:49:aa:3f:8b:9c:82:9c:27:06:a1:39:82:18:0e:ad:
a9:a9:9f:f1:9f:5a:74:25:41:5e:d3:13:c8:d8:93:5a:c6:69:
29:1d:90:ef:52:41:57:0a:fa:0e:1a:7c:ef:26:3e:3b:1b:b0:
bc:9c:60:fc:b0:8d:34:44:fd:f4:3c:76:82:76:93:d1:8a:b2:
f9:15:fd:3f:d9:d7:9e:9a:b9:3f:59:dc:15:76:8b:fb:3d:03:
b6:10:59:c5:45:c7:17:75:a2:e9:2c:6d:9e:f7:44:76:17:8b:
71:df:22:49:45:32:5a:84:e4:e7:72:a2:4c:35:65:76:1f:ef:
e2:07:ac:cb:27:79:ac:c7:4a:eb:24:12:dd:69:57:1f:d7:8d:
6d:65:81:51:64:d1:b3:a4:ce:81:a0:4d:b1:f7:c2:d8:12:7c:
1b:33:6c:72:17:86:03:45:22:d6:c0:ae:f0:85:ec:e2:8c:38:
e2:08:54:02:87:5f:cb:24:e8:8a:43:52:bf:4c:51:7a:1b:82:
b1:76:59:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYXzxT0nDF4IJ2w6f4W+515TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTI3MTUwNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTAxOGE5NTNmYmJkNTM3Yzc0YTU2ZWQ2MjQ5OGMzOGQzMDg3NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkU0h+vpThfWJe7y49K69UFJObK63
ihbqZRRsuVJmUW0im2eC440LTR6UjHVgTZttW0x2UOs+5UhjVSZCKat1LnExnRik
Tk1+idXEpt2clzM0AG8JSuSmngtJBVsoV+dZLcexxHA0upjlha8f16mbHm6uPao6
paugk/xB1BNQYQGqoq9OV9U0zOelFp7Qq0XvbW/kPrWIDDxs5mpTPQ8ePEdwFxUi
DX1OQed//l/w2S6M4w/9Eb1iDrvRxunCVinYwOY3+q3CRd2uG/oVYj0eliSXkHWo
XDU3nis/pzRvWLXrixOTNmzfVqIwB/990UBaq8pxFUvzFF+Mo4DmPpwiGQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkBipU/u9U3x0pW7WJJjDjTCHSgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMS1RR0tsVC03MVRmSFNsYnRZa21NT05NSWRLQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGMvYWM1OGVhLWM0NTktNDhjYS1iODJiLTRkZWM0ZGFmZWU0
OS8xL2h0Wkl2YnFXVkdHeDZNRWJuZFEyeGhPQ2h6dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHp8jAN
BgkqhkiG9w0BAQsFAAOCAQEANYIvPOB07EEYrcwWq9sRHY1fC2SUEWWoz2X07VAz
+lz9L/LQoAy8gob5BZWqv2kNDA1vpCXPgHWySao/i5yCnCcGoTmCGA6tqamf8Z9a
dCVBXtMTyNiTWsZpKR2Q71JBVwr6Dhp87yY+OxuwvJxg/LCNNET99Dx2gnaT0Yqy
+RX9P9nXnpq5P1ncFXaL+z0DthBZxUXHF3Wi6SxtnvdEdheLcd8iSUUyWoTk53Ki
TDVldh/v4gesyyd5rMdK6yQS3WlXH9eNbWWBUWTRs6TOgaBNsffC2BJ8GzNscheG
A0Ui1sCu8IXs4ow44ghUAodfyyToikNSv0xRehuCsXZZaw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:37 2023 by rpki-client on console-fra.rpki-client.org