Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/rqUVgXD1ZF3nOH1DWmwysBJgmTg.roa
File: rqUVgXD1ZF3nOH1DWmwysBJgmTg.roa (raw, json)
Hash identifier: PpAcOubTWwcy5ylO6Xau/uQhAjgzHWG5qRl6G1zHXAY=
Subject key identifier: AE:A5:15:81:70:F5:64:5D:E7:38:7D:43:5A:6C:32:B0:12:60:99:38
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 0187DCAE9A86D4589736514A3613B0E79594
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/rqUVgXD1ZF3nOH1DWmwysBJgmTg.roa
Signing time: Tue 02 May 2023 13:37:22 +0000
ROA not before: Tue 02 May 2023 13:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41451
IP address blocks: 185.46.172.0/24 maxlen: 24
195.43.80.0/23 maxlen: 23
195.43.80.0/24 maxlen: 24
2a0c:f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:ae:9a:86:d4:58:97:36:51:4a:36:13:b0:e7:95:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: May 2 13:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea5158170f5645de7387d435a6c32b012609938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:14:1e:7c:56:df:56:ca:e3:d2:8b:fb:db:
3e:20:00:ae:cb:b9:90:f3:53:38:53:af:6d:55:0d:
45:b4:8f:f8:7c:7c:66:67:dc:e8:41:14:6a:fe:68:
73:1b:8d:7e:cb:9c:86:bc:1f:44:d0:bc:a8:0c:65:
4b:eb:9c:04:0a:e8:79:8b:4c:64:5b:98:46:fe:be:
14:71:a4:9c:93:fe:e6:88:17:11:c1:9c:3c:d3:34:
d9:0c:26:f2:8c:de:11:26:22:89:15:0c:ca:39:41:
20:78:17:50:b2:08:05:b3:e3:49:40:86:81:07:7e:
85:66:df:e4:89:61:79:b8:e0:7f:2b:70:90:06:59:
f9:61:4d:33:0a:5b:bb:11:93:26:35:6d:9e:31:43:
b1:0a:ff:18:30:92:64:bc:0d:ba:05:95:f2:5c:06:
f8:99:1a:b5:7a:e7:e4:3e:16:77:ff:24:e3:49:d2:
d1:d4:3b:33:a6:2a:64:3a:27:ae:11:e6:b2:cc:9e:
78:75:65:3b:ba:13:06:fd:70:d3:38:6b:89:de:18:
42:50:3f:4c:5c:54:00:51:4f:9b:f1:1c:71:a1:09:
d7:ab:ce:50:08:b0:10:e0:80:6b:3a:08:ac:9a:41:
bf:0a:87:52:de:8b:75:5f:cf:68:11:96:9a:f8:fa:
b9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A5:15:81:70:F5:64:5D:E7:38:7D:43:5A:6C:32:B0:12:60:99:38
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/rqUVgXD1ZF3nOH1DWmwysBJgmTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.172.0/24
195.43.80.0/23
IPv6:
2a0c:f40::/32
Signature Algorithm: sha256WithRSAEncryption
14:47:d8:17:8e:a6:93:56:03:17:c2:e6:8c:da:c4:89:7f:61:
7f:31:ef:e3:9b:27:44:6b:fd:6c:de:e3:6a:b8:45:c6:22:87:
75:3e:6d:7c:6d:d3:e2:0d:df:50:63:90:0b:54:f1:d8:69:76:
8b:40:44:8a:9c:b7:eb:09:fb:02:48:d7:b8:3c:07:a3:81:94:
94:8f:57:1c:5b:d0:80:26:c0:eb:2c:42:5b:f4:60:eb:cd:31:
1a:2b:8f:58:b9:fb:cb:f0:08:f7:b5:36:7d:19:90:51:3d:0a:
8d:b0:59:09:f3:ef:c2:18:02:60:6e:f9:6c:2b:6b:c1:c5:d7:
4d:35:66:82:f8:96:c2:19:e7:b3:59:a4:5e:1a:01:60:23:48:
c8:01:12:59:a3:3c:24:8d:ae:2d:db:81:33:c9:a3:00:ac:bb:
ce:d1:d9:70:42:f7:36:23:13:12:1b:f0:5b:7b:04:d9:db:ed:
e3:0e:08:0a:ce:89:d6:3c:9b:e3:97:de:05:78:db:3f:30:77:
5b:d3:1e:11:5c:cd:50:3a:05:bb:95:b2:f0:8b:bd:36:8d:e3:
27:38:54:64:e9:47:d0:5e:48:4f:13:5c:e6:d3:0c:a8:92:39:
02:09:52:d1:8a:a4:fd:f6:6e:2b:0d:29:1d:6b:74:30:f7:ba:
3a:59:c8:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYfcrpqG1FiXNlFKNhOw55WUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjMwNTAyMTMzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE1MTU4MTcwZjU2NDVkZTczODdkNDM1YTZjMzJiMDEyNjA5OTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+8UHnxW31bK49KL+9s+IACuy7mQ
81M4U69tVQ1FtI/4fHxmZ9zoQRRq/mhzG41+y5yGvB9E0LyoDGVL65wECuh5i0xk
W5hG/r4UcaSck/7miBcRwZw80zTZDCbyjN4RJiKJFQzKOUEgeBdQsggFs+NJQIaB
B36FZt/kiWF5uOB/K3CQBln5YU0zClu7EZMmNW2eMUOxCv8YMJJkvA26BZXyXAb4
mRq1eufkPhZ3/yTjSdLR1DszpipkOieuEeayzJ54dWU7uhMG/XDTOGuJ3hhCUD9M
XFQAUU+b8RxxoQnXq85QCLAQ4IBrOgismkG/CodS3ot1X89oEZaa+Pq5VwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK6lFYFw9WRd5zh9Q1psMrASYJk4MB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvcnFVVmdYRDFaRjNuT0gxRFdtd3lzQkpnbVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuS6sAwQB
wytQMA0EAgACMAcDBQAqDA9AMA0GCSqGSIb3DQEBCwUAA4IBAQAUR9gXjqaTVgMX
wuaM2sSJf2F/Me/jmydEa/1s3uNquEXGIod1Pm18bdPiDd9QY5ALVPHYaXaLQESK
nLfrCfsCSNe4PAejgZSUj1ccW9CAJsDrLEJb9GDrzTEaK49YufvL8Aj3tTZ9GZBR
PQqNsFkJ8+/CGAJgbvlsK2vBxddNNWaC+JbCGeezWaReGgFgI0jIARJZozwkja4t
24EzyaMArLvO0dlwQvc2IxMSG/BbewTZ2+3jDggKzonWPJvjl94FeNs/MHdb0x4R
XM1QOgW7lbLwi702jeMnOFRk6UfQXkhPE1zm0wyokjkCCVLRiqT99m4rDSkda3Qw
97o6Wcgw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:53 2024 by rpki-client on console-ams.rpki-client.org