Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4q_I9ttOsjgIROzTI8MNlnQZNHU.roa
File: 4q_I9ttOsjgIROzTI8MNlnQZNHU.roa (raw, json)
Hash identifier: VGlxXlOMSVpIM9wLJgIGpvVVsxyOIeZWCgbDhYomT7Y=
Subject key identifier: E2:AF:C8:F6:DB:4E:B2:38:08:44:EC:D3:23:C3:0D:96:74:19:34:75
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F023D7E916412FA8ADF5784D2059E70
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4q_I9ttOsjgIROzTI8MNlnQZNHU.roa
Signing time: Sun 01 Jan 2023 20:24:55 +0000
ROA not before: Sun 01 Jan 2023 20:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 159.148.246.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.80.0/22 maxlen: 22
85.254.104.0/21 maxlen: 21
85.254.112.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:3d:7e:91:64:12:fa:8a:df:57:84:d2:05:9e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2afc8f6db4eb2380844ecd323c30d9674193475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:a5:28:1d:07:ba:46:30:0b:0e:66:ff:8e:
1f:9e:da:cc:e9:e6:6b:bf:0c:7d:91:8f:14:e9:30:
b5:30:b6:f3:9b:a7:1a:fc:cc:82:e1:8c:b4:84:b2:
07:84:94:3f:34:66:23:20:17:b7:58:03:a1:2b:93:
9e:88:9b:6e:15:81:24:28:76:7a:dd:11:d6:dd:e4:
91:0a:e2:da:00:c4:a9:f2:18:86:f2:b2:57:73:ea:
1e:42:81:16:54:8b:e0:a6:e8:3a:8d:22:b2:b1:04:
7e:97:b0:b2:7a:d3:88:14:a6:e2:48:8a:97:a6:fc:
6e:fe:a9:3f:af:96:f6:15:c4:81:6f:66:73:bf:27:
48:8f:40:d9:f2:73:09:2d:6a:ca:63:89:0f:d7:4e:
da:fd:b4:c8:bd:63:ad:18:ef:69:47:05:29:b8:8f:
df:bb:29:1c:60:a2:3f:ca:41:70:23:6d:b9:01:fc:
16:2b:02:f3:53:60:c4:de:40:88:2f:d1:52:1d:68:
c6:d2:ce:23:37:f9:8c:ab:e7:a9:42:ba:32:4a:f9:
ea:82:8e:77:4f:00:d7:be:1c:d0:33:b5:a2:a2:6c:
97:ec:73:2d:2e:a0:4e:de:df:77:41:c9:90:33:29:
f7:16:46:36:e2:6e:e4:8d:60:91:38:93:4e:25:d3:
56:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AF:C8:F6:DB:4E:B2:38:08:44:EC:D3:23:C3:0D:96:74:19:34:75
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/4q_I9ttOsjgIROzTI8MNlnQZNHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.76.0-85.254.83.255
85.254.104.0-85.254.119.255
85.254.178.0-85.254.181.255
159.148.246.0/23
Signature Algorithm: sha256WithRSAEncryption
97:67:ba:b0:23:68:af:8a:0f:6d:1b:87:ad:2a:57:0e:19:95:
f0:1d:f2:4b:74:43:81:62:fd:24:c2:51:9b:d3:1f:72:60:84:
e1:87:48:dc:7e:c3:9b:8a:d3:d8:93:b5:5f:63:e5:88:e5:51:
15:37:15:9e:7c:8e:92:bb:0e:79:a5:99:da:55:b2:61:e9:9f:
46:8d:17:8e:29:9d:04:61:ed:09:af:28:61:e7:b8:0c:c5:3e:
e6:24:b6:1f:38:86:73:43:2b:7c:56:d2:c2:cf:87:e8:9f:72:
5a:2f:36:fa:cf:ea:d6:1a:21:83:4c:66:7a:b3:b3:02:35:78:
bf:48:6d:82:ae:45:9b:79:e8:f1:59:5d:f3:3e:0c:42:5c:f6:
aa:70:9f:20:03:6f:73:c3:d9:16:86:d4:0f:7b:0a:2b:c2:a5:
f1:37:0f:5c:cc:26:c8:9e:0f:67:20:48:6a:92:21:2a:07:3e:
cf:bf:6e:4e:13:33:54:01:a8:98:f5:10:2b:e9:c9:77:9c:33:
2c:96:c4:dd:85:a0:c8:c9:67:8b:dc:28:c6:3d:bc:26:d3:0c:
f2:f7:cd:51:8b:58:f8:75:a1:7f:62:50:a3:92:bd:a2:b0:c5:
db:49:90:8d:36:b5:55:9c:b5:df:92:fb:da:33:a4:6c:e1:fd:
88:f6:fb:f4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVvAj1+kWQS+orfV4TSBZ5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmFmYzhmNmRiNGViMjM4MDg0NGVjZDMyM2MzMGQ5Njc0MTkzNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLSlKB0HukYwCw5m/44fntrM6eZr
vwx9kY8U6TC1MLbzm6ca/MyC4Yy0hLIHhJQ/NGYjIBe3WAOhK5OeiJtuFYEkKHZ6
3RHW3eSRCuLaAMSp8hiG8rJXc+oeQoEWVIvgpug6jSKysQR+l7CyetOIFKbiSIqX
pvxu/qk/r5b2FcSBb2ZzvydIj0DZ8nMJLWrKY4kP107a/bTIvWOtGO9pRwUpuI/f
uykcYKI/ykFwI225AfwWKwLzU2DE3kCIL9FSHWjG0s4jN/mMq+epQroySvnqgo53
TwDXvhzQM7WiomyX7HMtLqBO3t93QcmQMyn3FkY24m7kjWCROJNOJdNW9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOKvyPbbTrI4CETs0yPDDZZ0GTR1MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNHFfSTl0dE9zamdJUk96VEk4TU5sblFaTkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAJV/kwD
BAJV/lAwDAMEA1X+aAMEA1X+cDAMAwQBVf6yAwQBVf60AwQBn5T2MA0GCSqGSIb3
DQEBCwUAA4IBAQCXZ7qwI2ivig9tG4etKlcOGZXwHfJLdEOBYv0kwlGb0x9yYITh
h0jcfsObitPYk7VfY+WI5VEVNxWefI6Suw55pZnaVbJh6Z9GjReOKZ0EYe0Jryhh
57gMxT7mJLYfOIZzQyt8VtLCz4fon3JaLzb6z+rWGiGDTGZ6s7MCNXi/SG2CrkWb
eejxWV3zPgxCXPaqcJ8gA29zw9kWhtQPeworwqXxNw9czCbIng9nIEhqkiEqBz7P
v25OEzNUAaiY9RAr6cl3nDMslsTdhaDIyWeL3CjGPbwm0wzy981Ri1j4daF/YlCj
kr2isMXbSZCNNrVVnLXfkvvaM6Rs4f2I9vv0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org