Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/_qWJcN7zSFnUbqaanxIfuCvEph0.roa
File: _qWJcN7zSFnUbqaanxIfuCvEph0.roa (raw, json)
Hash identifier: egz/44p8llyGxjdzLQQf85YTRbyCKkzTZNVCuAiVMYo=
Subject key identifier: FE:A5:89:70:DE:F3:48:59:D4:6E:A6:9A:9F:12:1F:B8:2B:C4:A6:1D
Certificate issuer: /CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Certificate serial: 01856F38FFE8BAEF0A0A760EA4E30E4BECF3
Authority key identifier: A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/_qWJcN7zSFnUbqaanxIfuCvEph0.roa
Signing time: Sun 01 Jan 2023 21:24:44 +0000
ROA not before: Sun 01 Jan 2023 21:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20811
IP address blocks: 185.141.84.0/22 maxlen: 24
2a0b:aa00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:38:ff:e8:ba:ef:0a:0a:76:0e:a4:e3:0e:4b:ec:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e049d00ba8421e4c45a948492945c78fd9e16d
Validity
Not Before: Jan 1 21:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fea58970def34859d46ea69a9f121fb82bc4a61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:09:f3:ab:93:5c:68:4b:2a:00:2d:c1:12:d7:
dd:4e:35:d6:75:10:93:69:95:cb:33:88:30:7c:5d:
dd:5f:42:63:4f:0b:19:00:c8:d8:86:85:79:5d:fb:
5c:15:0c:66:f8:a4:9c:ca:c8:30:f2:f2:e4:bd:b4:
d4:44:7a:2c:43:14:51:a0:19:0c:09:e3:d4:34:5a:
ad:e0:fa:74:d8:f7:d1:2a:e7:3c:c7:3a:17:dc:c3:
28:a7:fa:8b:02:1c:d5:c1:fc:1f:b6:c0:55:c3:41:
07:b9:c2:21:c7:3b:80:85:ba:17:7e:8a:a1:b2:1a:
45:74:c3:9a:ab:cb:b6:f0:34:b3:77:fa:1e:49:e2:
f2:ec:e0:ac:a1:cf:47:89:8d:02:80:41:c6:73:60:
bb:eb:c1:54:35:c0:11:05:e5:c2:b1:9b:c4:5a:f4:
b8:a7:a3:34:49:44:6a:bf:02:5b:78:04:e3:4e:6b:
67:6a:17:66:07:ee:d5:2c:01:44:8c:b9:1b:16:ba:
c5:dd:65:3b:28:fb:e1:62:b9:5c:a5:6c:ef:d0:c7:
a3:4f:41:ea:ee:f6:74:53:6f:21:ee:63:bf:f1:95:
74:0e:d6:0b:96:73:08:9a:c2:84:e2:fd:8d:36:b7:
05:9e:42:84:29:56:9d:b5:7e:06:19:27:77:f1:86:
58:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A5:89:70:DE:F3:48:59:D4:6E:A6:9A:9F:12:1F:B8:2B:C4:A6:1D
X509v3 Authority Key Identifier:
keyid:A0:E0:49:D0:0B:A8:42:1E:4C:45:A9:48:49:29:45:C7:8F:D9:E1:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOBJ0AuoQh5MRalISSlFx4_Z4W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/_qWJcN7zSFnUbqaanxIfuCvEph0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/4560e9-7173-429c-b6f1-5f4a15cb9054/1/oOBJ0AuoQh5MRalISSlFx4_Z4W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.84.0/22
IPv6:
2a0b:aa00::/29
Signature Algorithm: sha256WithRSAEncryption
27:f2:93:15:ae:e9:36:6d:0f:01:06:74:08:d5:6d:f1:7e:0d:
f6:44:66:0b:fc:8c:aa:f5:05:e0:84:2e:34:8d:5e:67:c9:c3:
28:55:e1:a0:e1:09:ab:ac:e1:cd:02:b5:b3:d8:cd:bd:b3:fb:
2b:b1:da:a2:d5:43:81:3b:ed:45:02:b0:39:e5:aa:c4:76:bd:
8e:c6:c5:44:c6:25:e9:92:2e:65:2b:d8:08:82:70:76:60:7a:
ed:62:dd:1d:83:d1:23:97:c2:94:52:ac:0a:4b:f2:fe:c1:01:
71:f2:12:2f:13:42:24:e6:fa:ae:45:f5:0d:3e:8e:95:2a:db:
eb:91:57:2b:de:ba:d9:a8:75:36:ee:34:f4:bc:0a:99:20:4c:
b2:28:de:be:49:7c:ad:e5:4a:33:bf:d3:9c:77:b2:9a:d4:7e:
e9:99:7f:8a:89:c2:d3:c8:52:0b:44:eb:c7:1a:48:6d:0c:b1:
95:5d:b6:38:55:91:c8:0d:8c:78:b7:f5:bd:ee:e9:10:c8:bd:
bf:6d:d6:19:f6:71:87:30:e1:77:f4:c4:6b:74:2a:2e:a3:cb:
8e:c6:d6:bb:ec:cd:4e:18:2f:0d:12:1f:33:cf:7b:cc:83:ae:
35:9a:a0:47:ed:6f:b1:05:d5:66:3c:c1:d2:61:99:3d:1e:59:
96:85:a4:be
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOP/ouu8KCnYOpOMOS+zzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTA0OWQwMGJhODQyMWU0YzQ1YTk0ODQ5Mjk0NWM3OGZk
OWUxNmQwHhcNMjMwMTAxMjEyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWE1ODk3MGRlZjM0ODU5ZDQ2ZWE2OWE5ZjEyMWZiODJiYzRhNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQnzq5NcaEsqAC3BEtfdTjXWdRCT
aZXLM4gwfF3dX0JjTwsZAMjYhoV5XftcFQxm+KScysgw8vLkvbTURHosQxRRoBkM
CePUNFqt4Pp02PfRKuc8xzoX3MMop/qLAhzVwfwftsBVw0EHucIhxzuAhboXfoqh
shpFdMOaq8u28DSzd/oeSeLy7OCsoc9HiY0CgEHGc2C768FUNcARBeXCsZvEWvS4
p6M0SURqvwJbeATjTmtnahdmB+7VLAFEjLkbFrrF3WU7KPvhYrlcpWzv0MejT0Hq
7vZ0U28h7mO/8ZV0DtYLlnMImsKE4v2NNrcFnkKEKVadtX4GGSd38YZYKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP6liXDe80hZ1G6mmp8SH7grxKYdMB8GA1UdIwQY
MBaAFKDgSdALqEIeTEWpSEkpRceP2eFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEt
NWY0YTE1Y2I5MDU0LzEvX3FXSmNON3pTRm5VYnFhYW54SWZ1Q3ZFcGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTYwZTktNzE3My00MjljLWI2ZjEtNWY0YTE1Y2I5MDU0
LzEvb09CSjBBdW9RaDVNUmFsSVNTbEZ4NF9aNFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY1UMA0E
AgACMAcDBQMqC6oAMA0GCSqGSIb3DQEBCwUAA4IBAQAn8pMVruk2bQ8BBnQI1W3x
fg32RGYL/Iyq9QXghC40jV5nycMoVeGg4QmrrOHNArWz2M29s/srsdqi1UOBO+1F
ArA55arEdr2OxsVExiXpki5lK9gIgnB2YHrtYt0dg9Ejl8KUUqwKS/L+wQFx8hIv
E0Ik5vquRfUNPo6VKtvrkVcr3rrZqHU27jT0vAqZIEyyKN6+SXyt5Uozv9Ocd7Ka
1H7pmX+KicLTyFILROvHGkhtDLGVXbY4VZHIDYx4t/W97ukQyL2/bdYZ9nGHMOF3
9MRrdCouo8uOxta77M1OGC8NEh8zz3vMg641mqBH7W+xBdVmPMHSYZk9HlmWhaS+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:30 2024 by rpki-client on console-fra.rpki-client.org