Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qSJHM0YreMAGGJpxuyV0Yol5Mtc.roa
File: qSJHM0YreMAGGJpxuyV0Yol5Mtc.roa (raw, json)
Hash identifier: ip0lehuYsmozpiy7Y3yZV9amH1nowQ/6cBOh7sZnldM=
Subject key identifier: A9:22:47:33:46:2B:78:C0:06:18:9A:71:BB:25:74:62:89:79:32:D7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185738FD49442CB980F739653B1392135C3
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qSJHM0YreMAGGJpxuyV0Yol5Mtc.roa
Signing time: Mon 02 Jan 2023 17:38:03 +0000
ROA not before: Mon 02 Jan 2023 17:38:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 185.242.224.0/24 maxlen: 24
194.31.142.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:d4:94:42:cb:98:0f:73:96:53:b1:39:21:35:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 17:38:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9224733462b78c006189a71bb257462897932d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b3:31:35:d0:94:95:48:9f:11:c0:ab:2a:1a:
7a:54:2b:15:74:12:9b:b5:44:f3:f2:e9:31:c9:3c:
f2:d9:1d:dd:fa:2b:f4:36:54:54:8c:68:9c:26:28:
31:9e:ce:3b:56:b9:6f:9b:cf:0e:1f:00:8b:fd:8d:
26:c0:1e:ad:d5:c7:21:64:4d:bd:de:01:f9:54:07:
99:5a:50:ea:5e:cc:74:c4:43:29:7e:7f:ae:8c:3c:
e3:76:52:cd:35:9b:78:91:95:ac:98:32:26:ae:c4:
40:c6:76:49:de:84:74:65:35:f4:c9:33:df:68:84:
30:a5:b5:51:85:46:f4:ee:9d:bf:af:31:d6:d6:81:
bf:7a:07:1d:ab:a1:55:c3:74:c9:6f:b1:a3:b7:3c:
3f:c5:92:b0:20:13:39:c9:c5:0a:89:ff:2b:e6:2e:
66:c0:05:f1:e5:7d:50:d9:dc:a5:ed:00:f2:64:c8:
e4:22:bd:ea:44:7e:cd:b7:04:28:f1:40:b3:f1:e3:
9d:29:4e:04:e1:7e:cf:b1:6a:af:25:53:05:34:81:
96:16:f7:89:2b:ee:23:ba:b3:f2:c2:ea:ba:6c:44:
6c:3c:f2:f4:7b:a6:cf:e6:32:03:61:e7:85:2c:a2:
d2:aa:48:11:d3:3e:ec:fb:53:fe:54:28:45:3c:af:
49:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:22:47:33:46:2B:78:C0:06:18:9A:71:BB:25:74:62:89:79:32:D7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/qSJHM0YreMAGGJpxuyV0Yol5Mtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.224.0/24
194.31.142.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:dc:72:ec:8a:67:2e:02:35:a3:1b:42:bd:85:9f:9f:05:09:
64:c9:43:fb:f7:7c:90:ab:ff:4b:93:95:f1:d0:79:4b:ce:6f:
9e:7e:29:77:43:3d:45:3e:3d:60:5b:2b:55:1b:b5:56:26:4b:
0c:b3:70:bb:64:c2:bf:2c:62:cc:d9:43:eb:8d:13:55:e7:58:
4d:06:a5:33:45:e6:56:eb:bc:8d:00:cb:c5:ed:9f:1e:01:95:
df:6d:89:09:86:7d:f4:60:1b:38:ba:a1:b0:ad:25:a1:b0:cf:
97:62:db:b9:68:2f:9b:2b:7b:23:0f:96:25:b0:54:18:f2:a1:
ac:a1:6c:80:87:81:21:64:90:be:79:6a:84:dc:90:7b:ee:97:
c5:ba:f8:35:39:a1:c7:07:38:36:f1:1c:ef:32:00:c1:28:a5:
b4:6b:a0:22:56:54:f3:9b:4e:d3:24:22:45:30:da:9e:7c:79:
7f:1a:4d:72:64:b0:e3:91:62:c2:81:ba:83:5d:9f:e5:82:6d:
7c:41:49:b9:5b:ce:09:ae:81:fe:05:da:61:37:87:10:e6:e5:
cd:80:df:21:bc:a1:23:10:14:39:bc:ff:b3:1f:c9:3f:c6:87:
41:57:af:e4:6b:a3:f5:5f:7f:da:bd:99:ba:5c:a3:ed:19:3d:
9a:39:e9:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzj9SUQsuYD3OWU7E5ITXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIyNDczMzQ2MmI3OGMwMDYxODlhNzFiYjI1NzQ2Mjg5NzkzMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7MxNdCUlUifEcCrKhp6VCsVdBKb
tUTz8ukxyTzy2R3d+iv0NlRUjGicJigxns47Vrlvm88OHwCL/Y0mwB6t1cchZE29
3gH5VAeZWlDqXsx0xEMpfn+ujDzjdlLNNZt4kZWsmDImrsRAxnZJ3oR0ZTX0yTPf
aIQwpbVRhUb07p2/rzHW1oG/egcdq6FVw3TJb7Gjtzw/xZKwIBM5ycUKif8r5i5m
wAXx5X1Q2dyl7QDyZMjkIr3qRH7NtwQo8UCz8eOdKU4E4X7PsWqvJVMFNIGWFveJ
K+4jurPywuq6bERsPPL0e6bP5jIDYeeFLKLSqkgR0z7s+1P+VChFPK9J3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKkiRzNGK3jABhiacbsldGKJeTLXMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvcVNKSE0wWXJlTUFHR0pweHV5VjBZb2w1TXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufLgAwQA
wh+OMA0GCSqGSIb3DQEBCwUAA4IBAQDZ3HLsimcuAjWjG0K9hZ+fBQlkyUP793yQ
q/9Lk5Xx0HlLzm+efil3Qz1FPj1gWytVG7VWJksMs3C7ZMK/LGLM2UPrjRNV51hN
BqUzReZW67yNAMvF7Z8eAZXfbYkJhn30YBs4uqGwrSWhsM+XYtu5aC+bK3sjD5Yl
sFQY8qGsoWyAh4EhZJC+eWqE3JB77pfFuvg1OaHHBzg28RzvMgDBKKW0a6AiVlTz
m07TJCJFMNqefHl/Gk1yZLDjkWLCgbqDXZ/lgm18QUm5W84JroH+BdphN4cQ5uXN
gN8hvKEjEBQ5vP+zH8k/xodBV6/ka6P1X3/avZm6XKPtGT2aOelA
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:21 2024 by rpki-client on console-fra.rpki-client.org