Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qF1YUvb1QBSrmX8UvdF32EpcBNA.roa
File: qF1YUvb1QBSrmX8UvdF32EpcBNA.roa (raw, json)
Hash identifier: +Q4lqbThcos+evVBp/qH2T5u1Km4cm+xbhbW7ql+jYw=
Subject key identifier: A8:5D:58:52:F6:F5:40:14:AB:99:7F:14:BD:D1:77:D8:4A:5C:04:D0
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280C0CE3796FF35D5BCA359EA76300
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qF1YUvb1QBSrmX8UvdF32EpcBNA.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28917
IP address blocks: 82.194.244.0/22 maxlen: 22
89.188.164.0/22 maxlen: 22
89.188.176.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0c:0c:e3:79:6f:f3:5d:5b:ca:35:9e:a7:63:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a85d5852f6f54014ab997f14bdd177d84a5c04d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f3:39:b1:17:ea:53:60:59:44:bd:65:6f:54:
f9:d0:af:68:30:b8:17:35:53:81:3c:17:16:4d:49:
b2:f8:4e:4e:de:68:7e:f7:af:8f:cc:13:2e:c3:2a:
44:e6:f4:f6:68:b6:57:79:b2:f0:61:68:d8:b3:d4:
2b:29:7d:c8:af:95:5b:e6:8b:dd:37:de:29:70:eb:
85:4e:fc:db:39:62:9a:f9:41:39:b8:cb:9c:39:7e:
2f:93:ea:68:eb:ed:36:22:27:b5:54:23:c2:30:17:
82:d4:dd:67:ad:b7:bc:72:bf:de:3a:10:71:db:b0:
2c:1f:df:b5:d1:0d:10:fb:81:4e:65:e1:00:13:a8:
bb:8c:9e:02:fd:52:2a:ec:3b:91:0a:18:dd:7c:3e:
54:11:b6:52:20:17:37:bb:3c:12:72:ba:85:b4:9d:
6f:c8:02:66:7c:c8:a0:15:ac:2a:c6:0b:b9:27:02:
44:ef:ea:7e:ba:54:5d:71:74:46:a1:ad:a3:ca:70:
de:75:e7:45:0c:b3:93:79:27:e2:cd:e8:ab:7c:c5:
67:b0:eb:26:5d:81:f0:a6:89:32:09:2f:95:73:38:
88:22:04:03:fd:37:05:61:7b:8a:70:14:d7:6f:62:
2b:55:4c:36:16:8d:e3:d8:e1:09:5a:29:1d:8a:7f:
e9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5D:58:52:F6:F5:40:14:AB:99:7F:14:BD:D1:77:D8:4A:5C:04:D0
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/qF1YUvb1QBSrmX8UvdF32EpcBNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.244.0/22
89.188.164.0/22
89.188.176.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:0f:a3:f0:a4:e8:8e:07:fc:cf:bf:7f:09:42:69:14:af:62:
03:ec:95:93:e0:59:65:e5:7c:19:a4:6b:17:12:d9:97:e5:42:
9c:0c:7d:b2:c2:f3:15:42:9f:94:a4:8d:19:c2:3f:33:44:ff:
dc:bd:d6:87:6c:66:6b:a4:e0:c7:0e:93:e5:b9:43:ff:52:fb:
bc:c7:8a:3d:32:6d:69:75:7c:5e:92:1f:d6:36:73:15:7c:88:
1f:f8:60:46:cd:ad:a8:3c:58:d1:e7:a8:f9:9b:a0:e1:07:3f:
ad:60:d8:db:1c:4f:4f:c7:e6:c7:0e:27:80:e6:56:d2:fb:57:
a2:2c:ba:99:01:71:16:e0:12:13:c9:ec:93:9a:c1:7c:b8:21:
cb:a4:f5:5c:8d:e0:c4:10:7a:e5:d9:d6:40:e6:53:83:15:31:
70:83:dd:79:69:e1:2c:c2:24:74:27:2f:99:00:34:cc:a7:dc:
24:6c:ad:b9:7d:0a:3a:ea:f4:65:bf:9c:be:b1:30:c3:f1:4a:
0f:74:d4:64:93:9a:d9:98:f7:5d:92:c4:ae:6c:9b:60:82:00:
05:ff:1f:7b:67:8b:9d:49:79:df:5f:8f:ab:75:7e:dc:d2:f6:
31:65:5d:e6:68:96:2b:56:f8:e3:dd:5b:db:f1:52:23:03:1d:
a2:60:51:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyKAwM43lv811byjWep2MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODVkNTg1MmY2ZjU0MDE0YWI5OTdmMTRiZGQxNzdkODRhNWMwNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPM5sRfqU2BZRL1lb1T50K9oMLgX
NVOBPBcWTUmy+E5O3mh+96+PzBMuwypE5vT2aLZXebLwYWjYs9QrKX3Ir5Vb5ovd
N94pcOuFTvzbOWKa+UE5uMucOX4vk+po6+02Iie1VCPCMBeC1N1nrbe8cr/eOhBx
27AsH9+10Q0Q+4FOZeEAE6i7jJ4C/VIq7DuRChjdfD5UEbZSIBc3uzwScrqFtJ1v
yAJmfMigFawqxgu5JwJE7+p+ulRdcXRGoa2jynDededFDLOTeSfizeirfMVnsOsm
XYHwpokyCS+VcziIIgQD/TcFYXuKcBTXb2IrVUw2Fo3j2OEJWikdin/pVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKhdWFL29UAUq5l/FL3Rd9hKXATQMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvcUYxWVV2YjFRQlNybVg4VXZkRjMyRXBjQk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUsL0AwQC
WbykAwQCWbywMA0GCSqGSIb3DQEBCwUAA4IBAQCcD6PwpOiOB/zPv38JQmkUr2ID
7JWT4Fll5XwZpGsXEtmX5UKcDH2ywvMVQp+UpI0Zwj8zRP/cvdaHbGZrpODHDpPl
uUP/Uvu8x4o9Mm1pdXxekh/WNnMVfIgf+GBGza2oPFjR56j5m6DhBz+tYNjbHE9P
x+bHDieA5lbS+1eiLLqZAXEW4BITyeyTmsF8uCHLpPVcjeDEEHrl2dZA5lODFTFw
g915aeEswiR0Jy+ZADTMp9wkbK25fQo66vRlv5y+sTDD8UoPdNRkk5rZmPddksSu
bJtgggAF/x97Z4udSXnfX4+rdX7c0vYxZV3maJYrVvjj3Vvb8VIjAx2iYFHH
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:26 2024 by rpki-client on console-fra.rpki-client.org