Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L_QctbYACChS-UEFlmCioTWtXTw.roa
File: L_QctbYACChS-UEFlmCioTWtXTw.roa (raw, json)
Hash identifier: zE/g6yEHuRa/1bHphO0RwXtWkFxX+ZhqhImnOcC8ITA=
Subject key identifier: 2F:F4:1C:B5:B6:00:08:28:52:F9:41:05:96:60:A2:A1:35:AD:5D:3C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018A889525AC01A6B92A7F5E80330CBBE444
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L_QctbYACChS-UEFlmCioTWtXTw.roa
Signing time: Tue 12 Sep 2023 08:49:50 +0000
ROA not before: Tue 12 Sep 2023 08:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200709
IP address blocks: 85.254.72.0/24 maxlen: 24
2a02:610:fffa::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:95:25:ac:01:a6:b9:2a:7f:5e:80:33:0c:bb:e4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 12 08:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ff41cb5b600082852f941059660a2a135ad5d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:45:0d:74:73:dc:45:d2:95:a0:02:f2:36:
09:f0:41:81:93:bd:5d:c7:ec:81:76:ab:c8:78:4a:
1a:34:bd:2f:93:43:27:59:9e:ea:7f:a7:b4:d3:62:
a8:e4:1c:d9:ef:52:d1:a7:38:c1:1c:0e:db:08:25:
ab:d2:b7:5a:b7:d0:53:03:4a:ab:f5:4e:15:39:dc:
39:cd:6a:30:10:38:22:86:6f:1d:ef:fb:12:96:d5:
f1:f8:ef:2b:27:4e:89:6d:16:e3:67:c3:27:80:ae:
ca:54:3b:ef:c3:87:9c:90:7e:79:19:36:fe:de:64:
62:c7:8b:a7:38:3f:73:1a:4a:d9:64:7c:b5:cd:e7:
68:df:dc:30:19:d2:a3:7a:31:d3:0c:7c:e6:e2:19:
fb:6f:9e:ec:84:d1:aa:31:89:e5:ae:59:37:d7:8e:
48:5a:7d:a5:8f:94:9d:2a:dc:3f:cb:9f:3a:46:ed:
5e:15:0f:dd:f7:02:c4:8b:3e:44:89:4e:4f:37:4a:
c4:01:d2:52:dd:21:e5:df:8f:0e:23:ab:c3:44:4b:
4c:e3:b7:6d:67:47:64:b4:ea:21:84:6a:57:92:ff:
86:f4:84:d6:d2:2b:90:03:f0:d9:5e:70:c0:36:58:
b2:13:08:01:10:38:00:f6:d2:46:f2:2c:ef:2a:73:
d9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F4:1C:B5:B6:00:08:28:52:F9:41:05:96:60:A2:A1:35:AD:5D:3C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/L_QctbYACChS-UEFlmCioTWtXTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.72.0/24
IPv6:
2a02:610:fffa::/48
Signature Algorithm: sha256WithRSAEncryption
89:c7:62:de:6e:37:a4:8b:ca:3b:c2:b9:b6:98:8f:a7:cd:01:
03:d0:a3:c4:dc:5e:f6:78:53:c2:13:9c:4b:bb:b6:c7:d3:42:
9d:3f:61:f2:b1:e5:b3:d0:35:15:c4:fb:2d:24:e4:9d:fe:23:
3c:21:30:e0:fb:6d:e3:be:d0:db:b1:3d:4b:5b:bb:f8:cc:4a:
26:b8:d4:bb:07:06:4a:58:4d:bf:2a:d5:e0:db:9c:37:64:1e:
15:26:0b:a4:b5:11:5b:dc:12:3b:5a:89:6e:c9:60:54:60:28:
9a:66:6e:2e:67:1d:0d:0b:60:51:30:8d:3c:62:f4:c1:fb:0b:
cd:53:29:03:eb:69:9c:e5:e1:6e:6a:f8:7a:64:ba:98:bb:b7:
88:a5:65:f4:b1:1f:9d:bc:b2:84:48:20:63:69:58:e2:ae:52:
ef:bc:3c:e5:24:bf:28:eb:92:50:94:42:66:87:6b:58:04:a0:
c2:c1:a6:bc:77:cd:8f:b5:72:15:32:28:30:8b:5f:0f:d6:9d:
35:35:4b:54:10:ed:19:34:b8:51:38:bc:9b:36:ad:e6:2b:97:
35:fc:1c:b6:0c:d9:7e:94:1b:74:98:f1:df:9f:01:24:68:e9:
67:61:2e:8a:a1:ec:c2:1c:49:42:8b:a8:e7:62:6c:45:e8:d7:
3f:02:e8:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqIlSWsAaa5Kn9egDMMu+REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwOTEyMDg0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY0MWNiNWI2MDAwODI4NTJmOTQxMDU5NjYwYTJhMTM1YWQ1ZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr49FDXRz3EXSlaAC8jYJ8EGBk71d
x+yBdqvIeEoaNL0vk0MnWZ7qf6e002Ko5BzZ71LRpzjBHA7bCCWr0rdat9BTA0qr
9U4VOdw5zWowEDgihm8d7/sSltXx+O8rJ06JbRbjZ8MngK7KVDvvw4eckH55GTb+
3mRix4unOD9zGkrZZHy1zedo39wwGdKjejHTDHzm4hn7b57shNGqMYnlrlk3145I
Wn2lj5SdKtw/y586Ru1eFQ/d9wLEiz5EiU5PN0rEAdJS3SHl348OI6vDREtM47dt
Z0dktOohhGpXkv+G9ITW0iuQA/DZXnDANliyEwgBEDgA9tJG8izvKnPZmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC/0HLW2AAgoUvlBBZZgoqE1rV08MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTF9RY3RiWUFDQ2hTLVVFRmxtQ2lvVFd0WFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVf5IMA8E
AgACMAkDBwAqAgYQ//owDQYJKoZIhvcNAQELBQADggEBAInHYt5uN6SLyjvCubaY
j6fNAQPQo8TcXvZ4U8ITnEu7tsfTQp0/YfKx5bPQNRXE+y0k5J3+IzwhMOD7beO+
0NuxPUtbu/jMSia41LsHBkpYTb8q1eDbnDdkHhUmC6S1EVvcEjtaiW7JYFRgKJpm
bi5nHQ0LYFEwjTxi9MH7C81TKQPraZzl4W5q+Hpkupi7t4ilZfSxH528soRIIGNp
WOKuUu+8POUkvyjrklCUQmaHa1gEoMLBprx3zY+1chUyKDCLXw/WnTU1S1QQ7Rk0
uFE4vJs2reYrlzX8HLYM2X6UG3SY8d+fASRo6WdhLoqh7MIcSUKLqOdibEXo1z8C
6Ak=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org