Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qYhcayoFDG5xoeEj799Lhxp1XmY.roa
File: qYhcayoFDG5xoeEj799Lhxp1XmY.roa (raw, json)
Hash identifier: iow3lmDMf98coD7hh1JJ1NeNQYRGhv24DgNfCQGUd2o=
Subject key identifier: A9:88:5C:6B:2A:05:0C:6E:71:A1:E1:23:EF:DF:4B:87:1A:75:5E:66
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 018572470BD4537496EB151F75CBFD0186DF
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qYhcayoFDG5xoeEj799Lhxp1XmY.roa
Signing time: Mon 02 Jan 2023 11:38:56 +0000
ROA not before: Mon 02 Jan 2023 11:38:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50509
IP address blocks: 5.188.236.0/23 maxlen: 23
146.185.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:47:0b:d4:53:74:96:eb:15:1f:75:cb:fd:01:86:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jan 2 11:38:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9885c6b2a050c6e71a1e123efdf4b871a755e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:98:09:60:e4:61:3a:bb:20:96:86:7f:a3:c2:
53:c1:34:41:50:08:3c:21:8f:0c:85:d1:7e:aa:3a:
97:c1:62:17:44:7e:f9:e0:df:34:0c:c0:83:c7:cf:
8f:6c:f8:f5:1d:9a:78:70:03:f2:ec:e5:74:1a:8b:
92:48:42:57:97:2e:81:2b:ff:ea:db:9c:d7:c2:b9:
69:95:89:eb:f7:7e:d5:9b:2e:49:5b:3b:a8:c0:93:
20:00:00:b5:3f:2f:7c:8a:3b:84:f4:81:25:da:be:
7f:38:b4:f0:24:cb:5c:86:28:a6:ec:49:6f:46:a9:
af:12:ab:d3:7c:25:47:48:f9:b3:70:b2:9f:a4:69:
82:e7:5e:d7:1c:a0:18:6c:4e:df:e4:48:a9:ff:64:
ba:4b:b8:90:04:d9:7e:27:39:db:62:db:d0:7a:60:
7f:2a:d4:b9:b1:ca:d6:63:de:62:c6:11:5c:ed:f7:
45:86:a4:30:37:af:71:24:26:c5:ff:c3:8c:12:8a:
bf:a6:13:32:ff:9b:d1:33:3a:b0:a9:a7:68:1e:6a:
59:9b:30:34:1f:0a:0d:54:2d:dc:0b:6b:07:ec:9e:
10:68:cf:05:2f:62:b3:03:d5:02:17:57:fa:e2:c6:
52:d8:9f:39:02:a4:4f:85:db:f0:40:a6:48:4b:a2:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:88:5C:6B:2A:05:0C:6E:71:A1:E1:23:EF:DF:4B:87:1A:75:5E:66
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/qYhcayoFDG5xoeEj799Lhxp1XmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.236.0/23
146.185.222.0/24
Signature Algorithm: sha256WithRSAEncryption
40:e9:9a:ab:c3:51:12:c2:0f:97:43:87:e9:4e:09:fe:02:26:
83:7e:e3:01:20:88:b5:8e:f9:8d:5d:66:89:d0:be:c3:79:bd:
0a:5c:23:df:d5:e5:2a:cb:23:d8:59:e2:04:d1:e3:13:3d:b2:
ee:a2:07:d8:d2:9f:4b:a1:8b:23:b5:62:7c:59:d6:f8:63:2e:
a0:b2:ce:43:b4:dc:68:61:81:15:6c:c9:e8:5e:96:ac:ac:d8:
b8:38:66:04:18:e7:d3:07:c7:e9:43:df:03:2d:b6:6a:d7:65:
0b:98:87:e4:94:b8:2b:a8:bf:55:d3:88:a1:10:0d:dc:a3:d2:
b1:ad:02:7e:02:2b:c7:23:08:c6:54:79:ab:5d:b7:be:c2:d0:
6a:c0:74:52:62:d0:08:37:57:cc:62:93:79:be:21:99:dc:d1:
3e:4d:51:b0:f0:4e:94:14:e6:76:9b:8c:5d:c1:0f:c3:ba:b4:
94:b8:71:71:2b:a5:4a:79:c9:d9:90:6a:7d:e3:ce:9d:b5:93:
90:14:49:e9:08:3c:19:50:73:04:08:25:aa:7d:64:f8:a3:32:
6a:01:e9:f7:9d:79:4d:a7:31:31:b9:08:67:18:2f:87:f4:a0:
a5:ef:8c:0a:71:50:5e:df:1a:cd:b5:30:b6:33:df:a8:3a:01:
20:ac:39:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyRwvUU3SW6xUfdcv9AYbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTAyMTEzODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTg4NWM2YjJhMDUwYzZlNzFhMWUxMjNlZmRmNGI4NzFhNzU1ZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJgJYORhOrsgloZ/o8JTwTRBUAg8
IY8MhdF+qjqXwWIXRH754N80DMCDx8+PbPj1HZp4cAPy7OV0GouSSEJXly6BK//q
25zXwrlplYnr937Vmy5JWzuowJMgAAC1Py98ijuE9IEl2r5/OLTwJMtchiim7Elv
RqmvEqvTfCVHSPmzcLKfpGmC517XHKAYbE7f5Eip/2S6S7iQBNl+JznbYtvQemB/
KtS5scrWY95ixhFc7fdFhqQwN69xJCbF/8OMEoq/phMy/5vRMzqwqadoHmpZmzA0
HwoNVC3cC2sH7J4QaM8FL2KzA9UCF1f64sZS2J85AqRPhdvwQKZIS6LtrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKmIXGsqBQxucaHhI+/fS4cadV5mMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvcVloY2F5b0ZERzV4b2VFajc5OUxoeHAxWG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbzsAwQA
krneMA0GCSqGSIb3DQEBCwUAA4IBAQBA6Zqrw1ESwg+XQ4fpTgn+AiaDfuMBIIi1
jvmNXWaJ0L7Deb0KXCPf1eUqyyPYWeIE0eMTPbLuogfY0p9LoYsjtWJ8Wdb4Yy6g
ss5DtNxoYYEVbMnoXpasrNi4OGYEGOfTB8fpQ98DLbZq12ULmIfklLgrqL9V04ih
EA3co9KxrQJ+AivHIwjGVHmrXbe+wtBqwHRSYtAIN1fMYpN5viGZ3NE+TVGw8E6U
FOZ2m4xdwQ/DurSUuHFxK6VKecnZkGp9486dtZOQFEnpCDwZUHMECCWqfWT4ozJq
Aen3nXlNpzExuQhnGC+H9KCl74wKcVBe3xrNtTC2M9+oOgEgrDkW
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:47 2024 by rpki-client on console-ams.rpki-client.org