Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/Q8hWqiDr4iFzvK4rzv-0LE2FnIk.roa
File: Q8hWqiDr4iFzvK4rzv-0LE2FnIk.roa (raw, json)
Hash identifier: mCpgFJSuP/twfPsuemGgeJILLvBGl/Qp4dKzOi3xmak=
Subject key identifier: 43:C8:56:AA:20:EB:E2:21:73:BC:AE:2B:CE:FF:B4:2C:4D:85:9C:89
Certificate issuer: /CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
Certificate serial: 018CC42503F852D185BC2D23A33EA5A67DFF
Authority key identifier: A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/Q8hWqiDr4iFzvK4rzv-0LE2FnIk.roa
Signing time: Mon 01 Jan 2024 08:30:09 +0000
ROA not before: Mon 01 Jan 2024 08:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12935
IP address blocks: 185.173.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 May 2024 10:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:03:f8:52:d1:85:bc:2d:23:a3:3e:a5:a6:7d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a01746cf6bbdc8bd5666f306811bdffd216b1aa6
Validity
Not Before: Jan 1 08:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43c856aa20ebe22173bcae2bceffb42c4d859c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8f:fb:bd:01:5d:a4:48:d0:da:4d:01:30:7c:
cb:5f:21:e7:d5:d9:e1:af:0f:70:25:de:48:72:d0:
92:87:56:95:0a:e1:87:95:28:5e:c9:1f:97:28:35:
59:46:6b:5a:85:43:36:47:67:76:84:fa:35:ee:38:
1c:7d:9b:73:53:d8:a5:e3:9c:76:5b:bb:96:7b:e9:
c7:d7:b0:45:d8:7c:f8:96:ad:84:a9:d2:3f:10:f2:
99:96:0c:09:f8:d6:97:c9:5a:67:f9:04:bc:68:2b:
09:62:85:1d:58:20:44:95:e6:ca:8e:26:17:b3:24:
d3:51:51:c7:da:a6:ba:e5:17:cd:30:2a:da:f4:92:
a3:60:54:8f:77:e0:e4:43:f9:3a:03:8b:1b:75:76:
37:18:ef:2d:d6:3c:19:fa:ae:87:78:2a:cd:bb:3f:
b3:70:03:8d:14:ab:1d:74:0d:14:af:71:fb:72:61:
c7:77:1f:7a:de:ca:8d:10:01:ee:7d:c9:ae:ed:3a:
f2:e4:b5:cd:d4:ba:b0:77:a9:ae:74:09:49:14:5b:
aa:f7:e0:f1:8c:05:6b:42:29:6a:73:01:c9:e9:55:
71:85:bb:1d:93:cc:ce:08:a5:70:39:2b:fa:e2:1b:
9d:27:f6:4e:c8:a9:f4:46:1f:b7:7c:0a:18:29:e0:
08:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C8:56:AA:20:EB:E2:21:73:BC:AE:2B:CE:FF:B4:2C:4D:85:9C:89
X509v3 Authority Key Identifier:
keyid:A0:17:46:CF:6B:BD:C8:BD:56:66:F3:06:81:1B:DF:FD:21:6B:1A:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBdGz2u9yL1WZvMGgRvf_SFrGqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/Q8hWqiDr4iFzvK4rzv-0LE2FnIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a764ce-12ae-41b5-81b6-02aba5d1b3a4/1/oBdGz2u9yL1WZvMGgRvf_SFrGqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:2a:a5:4e:81:23:36:d0:7f:e9:d0:05:27:e3:08:69:05:70:
c8:52:c0:c9:a5:09:96:d3:f3:8f:b9:bf:f0:93:5a:17:32:75:
de:20:67:09:e3:c6:37:5e:1c:df:12:dc:fe:c7:5a:81:a4:3b:
a7:58:9e:0f:d9:14:be:29:64:f0:49:1c:02:96:b9:1f:0c:d0:
a6:3b:af:5d:29:0b:6c:fe:2e:7d:8a:6f:40:d4:3c:45:14:82:
7b:c7:54:7b:83:3f:74:f9:ab:76:da:10:ef:f5:5f:4a:15:2c:
7d:6e:35:37:a0:bc:f3:16:76:61:d7:d7:91:5b:41:c1:05:c4:
bf:3b:26:c9:92:43:92:f0:43:8f:ee:f6:d3:5b:04:c0:05:1c:
0d:98:40:f0:64:b9:3e:ff:16:9b:99:3e:1a:9c:5e:52:37:a3:
0b:1a:35:3a:8f:58:7b:14:0e:a0:ea:9d:ec:27:da:37:22:31:
dc:aa:f6:87:c1:2b:95:6b:95:bc:a9:19:2f:c2:3c:06:ff:d9:
63:34:3d:ad:f1:41:ac:ec:68:24:4e:63:fb:7b:6b:4f:b8:07:
77:72:8f:c8:be:1e:5e:97:60:2d:d7:6c:38:b7:f8:c7:06:11:
28:bc:6a:88:b6:01:24:fa:90:20:9c:85:28:03:7f:46:8e:04:
3c:2d:d7:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJQP4UtGFvC0joz6lpn3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMTc0NmNmNmJiZGM4YmQ1NjY2ZjMwNjgxMWJkZmZkMjE2
YjFhYTYwHhcNMjQwMTAxMDgzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2M4NTZhYTIwZWJlMjIxNzNiY2FlMmJjZWZmYjQyYzRkODU5Yzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhY/7vQFdpEjQ2k0BMHzLXyHn1dnh
rw9wJd5IctCSh1aVCuGHlSheyR+XKDVZRmtahUM2R2d2hPo17jgcfZtzU9il45x2
W7uWe+nH17BF2Hz4lq2EqdI/EPKZlgwJ+NaXyVpn+QS8aCsJYoUdWCBElebKjiYX
syTTUVHH2qa65RfNMCra9JKjYFSPd+DkQ/k6A4sbdXY3GO8t1jwZ+q6HeCrNuz+z
cAONFKsddA0Ur3H7cmHHdx963sqNEAHufcmu7Try5LXN1Lqwd6mudAlJFFuq9+Dx
jAVrQilqcwHJ6VVxhbsdk8zOCKVwOSv64hudJ/ZOyKn0Rh+3fAoYKeAIswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPIVqog6+Ihc7yuK87/tCxNhZyJMB8GA1UdIwQY
MBaAFKAXRs9rvci9VmbzBoEb3/0haxqmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYt
MDJhYmE1ZDFiM2E0LzEvUThoV3FpRHI0aUZ6dks0cnp2LTBMRTJGbklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNzY0Y2UtMTJhZS00MWI1LTgxYjYtMDJhYmE1ZDFiM2E0
LzEvb0JkR3oydTl5TDFXWnZNR2dSdmZfU0ZyR3FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua0EMA0G
CSqGSIb3DQEBCwUAA4IBAQA6KqVOgSM20H/p0AUn4whpBXDIUsDJpQmW0/OPub/w
k1oXMnXeIGcJ48Y3XhzfEtz+x1qBpDunWJ4P2RS+KWTwSRwClrkfDNCmO69dKQts
/i59im9A1DxFFIJ7x1R7gz90+at22hDv9V9KFSx9bjU3oLzzFnZh19eRW0HBBcS/
OybJkkOS8EOP7vbTWwTABRwNmEDwZLk+/xabmT4anF5SN6MLGjU6j1h7FA6g6p3s
J9o3IjHcqvaHwSuVa5W8qRkvwjwG/9ljND2t8UGs7GgkTmP7e2tPuAd3co/Ivh5e
l2At12w4t/jHBhEovGqItgEk+pAgnIUoA39GjgQ8Ldf4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org