Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A2I3QyC3py4MMUV8tGalcrhAeig.roa
File: A2I3QyC3py4MMUV8tGalcrhAeig.roa (raw, json)
Hash identifier: 2zKhSq8dOOWuJhPSqOWBQE3z1VrxK4amcDgUGbGR7z8=
Subject key identifier: 03:62:37:43:20:B7:A7:2E:0C:31:45:7C:B4:66:A5:72:B8:40:7A:28
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E8144ACA9E638BF613B854669E17B3117
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A2I3QyC3py4MMUV8tGalcrhAeig.roa
Signing time: Wed 27 Mar 2024 18:55:45 +0000
ROA not before: Wed 27 Mar 2024 18:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34549
IP address blocks: 85.254.76.0/22 maxlen: 22
85.254.80.0/22 maxlen: 22
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Apr 2024 12:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:44:ac:a9:e6:38:bf:61:3b:85:46:69:e1:7b:31:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 27 18:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0362374320b7a72e0c31457cb466a572b8407a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:17:3d:3c:d7:c5:db:d6:0f:b4:31:0d:11:f5:
f2:56:57:e9:2e:8f:72:a2:20:29:f2:6b:5f:5b:67:
78:ee:a6:61:a8:d2:79:2f:6a:ef:98:bb:67:44:ec:
16:b2:91:90:e0:c7:02:2e:8c:8f:c2:eb:94:e9:12:
cc:fe:d3:9c:cd:38:9f:55:39:6c:db:c0:e8:ff:b5:
25:4f:e5:18:84:b0:ef:77:e1:ad:d0:af:9a:15:4d:
f8:a3:1b:d0:67:96:ca:35:20:6e:e0:c0:58:42:47:
02:6a:c0:85:b2:f3:a6:fb:9a:7a:fc:ea:a3:7a:af:
af:56:65:2e:5a:77:32:c1:80:18:e8:44:b3:21:8b:
0a:39:1c:92:2d:9f:e5:c5:56:08:5f:84:a3:92:06:
dd:b9:c0:c9:5c:d6:c3:7d:77:71:ab:bc:f6:97:be:
41:1a:f4:00:6e:b7:50:38:d4:28:fe:62:bf:dd:f7:
7a:ab:16:74:11:56:60:9d:09:8a:e5:58:54:05:e6:
32:c2:ef:2d:dc:fa:1f:f1:8a:a5:66:46:4c:75:c3:
c4:6d:39:8f:df:2b:6e:55:45:c1:fb:2c:f3:02:4e:
31:1e:72:5f:3e:42:a2:49:96:c3:1c:4e:b4:12:97:
9f:d1:61:10:9d:8f:a4:9e:7d:1d:8b:0e:c0:8b:f5:
b2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:62:37:43:20:B7:A7:2E:0C:31:45:7C:B4:66:A5:72:B8:40:7A:28
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/A2I3QyC3py4MMUV8tGalcrhAeig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.76.0-85.254.83.255
85.254.178.0-85.254.181.255
Signature Algorithm: sha256WithRSAEncryption
67:2e:2b:ae:2e:5f:17:b9:31:b6:f8:e7:fc:a3:01:6f:ca:00:
88:70:81:06:4a:22:f8:cb:c1:88:f8:1b:b9:33:d9:f6:51:a1:
28:38:94:28:30:d9:fc:33:ce:98:5b:66:74:3b:d4:f2:54:97:
f4:8f:d4:b5:f3:47:cb:99:70:bb:2a:a6:63:2c:d3:ed:50:a4:
ba:e6:89:26:f8:d7:a3:b4:16:2a:4b:ba:08:15:f9:6d:3a:07:
bc:57:67:d5:45:1c:fb:57:26:ef:0b:d7:bb:f0:78:3b:dd:f8:
76:32:10:30:9b:59:ce:16:9e:0f:6d:5a:43:55:b9:b6:3d:07:
d1:56:ff:43:7a:3d:84:fb:b8:25:f2:e1:fc:03:79:f2:c3:5f:
47:5f:90:43:e1:09:66:74:95:ba:8a:a9:e9:6d:08:d5:8d:c5:
c4:f0:1e:b3:f1:40:a3:f2:34:70:94:93:d8:e2:23:9f:b8:c0:
88:43:d8:62:3f:a7:b8:51:ff:bb:bc:ac:1e:1d:70:4b:d1:fa:
4d:0c:d7:1e:71:c4:cf:f5:82:8a:15:cc:2c:cd:37:6f:1c:81:
f6:57:8e:00:06:b8:66:93:db:e4:f9:5f:28:24:a9:b1:b1:34:
ff:82:85:01:9d:18:a8:1a:67:fe:c6:94:3c:80:3d:f6:31:7e:
90:9f:6e:6e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY6BRKyp5ji/YTuFRmnhezEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI3MTg1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzYyMzc0MzIwYjdhNzJlMGMzMTQ1N2NiNDY2YTU3MmI4NDA3YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xc9PNfF29YPtDENEfXyVlfpLo9y
oiAp8mtfW2d47qZhqNJ5L2rvmLtnROwWspGQ4McCLoyPwuuU6RLM/tOczTifVTls
28Do/7UlT+UYhLDvd+Gt0K+aFU34oxvQZ5bKNSBu4MBYQkcCasCFsvOm+5p6/Oqj
eq+vVmUuWncywYAY6ESzIYsKORySLZ/lxVYIX4SjkgbducDJXNbDfXdxq7z2l75B
GvQAbrdQONQo/mK/3fd6qxZ0EVZgnQmK5VhUBeYywu8t3Pof8YqlZkZMdcPEbTmP
3ytuVUXB+yzzAk4xHnJfPkKiSZbDHE60Epef0WEQnY+knn0diw7Ai/WyRwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFANiN0Mgt6cuDDFFfLRmpXK4QHooMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQTJJM1F5QzNweTRNTVVWOHRHYWxjcmhBZWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAJV/kwD
BAJV/lAwDAMEAVX+sgMEAVX+tDANBgkqhkiG9w0BAQsFAAOCAQEAZy4rri5fF7kx
tvjn/KMBb8oAiHCBBkoi+MvBiPgbuTPZ9lGhKDiUKDDZ/DPOmFtmdDvU8lSX9I/U
tfNHy5lwuyqmYyzT7VCkuuaJJvjXo7QWKku6CBX5bToHvFdn1UUc+1cm7wvXu/B4
O934djIQMJtZzhaeD21aQ1W5tj0H0Vb/Q3o9hPu4JfLh/AN58sNfR1+QQ+EJZnSV
uoqp6W0I1Y3FxPAes/FAo/I0cJST2OIjn7jAiEPYYj+nuFH/u7ysHh1wS9H6TQzX
HnHEz/WCihXMLM03bxyB9leOAAa4ZpPb5PlfKCSpsbE0/4KFAZ0YqBpn/saUPIA9
9jF+kJ9ubg==
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:38:54 2024 by rpki-client on console-ams.rpki-client.org