Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/qL2K1M_Ld-Jn6gS4hR_1iZlWHsw.roa
File: qL2K1M_Ld-Jn6gS4hR_1iZlWHsw.roa (raw, json)
Hash identifier: vkrU1EojTz8eNYXiBOF3GbHVhc2OGP33QtFT0s0XoQ0=
Subject key identifier: A8:BD:8A:D4:CF:CB:77:E2:67:EA:04:B8:85:1F:F5:89:99:56:1E:CC
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01856B40CC6978E5BC73280C990E81FCA0FE
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/qL2K1M_Ld-Jn6gS4hR_1iZlWHsw.roa
Signing time: Sun 01 Jan 2023 02:54:46 +0000
ROA not before: Sun 01 Jan 2023 02:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207944
IP address blocks: 77.225.29.0/24 maxlen: 24
212.145.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:cc:69:78:e5:bc:73:28:0c:99:0e:81:fc:a0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 1 02:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8bd8ad4cfcb77e267ea04b8851ff58999561ecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:d5:e5:63:d5:c4:d0:d8:20:b6:f5:2e:49:
3e:46:1e:69:75:db:c4:fe:0e:e3:72:d1:f7:65:24:
28:2c:d5:c6:a6:38:be:27:78:79:bf:46:1a:e9:86:
65:25:3a:96:e7:b6:04:a2:70:3c:98:cb:a0:30:0d:
bc:16:11:6e:4c:86:b9:f7:d7:0a:7f:55:dd:92:16:
3a:be:c3:c1:d1:22:c4:1a:3a:53:68:09:d7:1a:6f:
1d:80:95:53:34:b4:43:f2:df:f0:d4:7c:85:5d:2b:
c9:e0:52:79:b8:7a:6d:c0:6c:d9:17:60:45:6f:70:
0c:2f:63:25:2a:03:b1:fa:4e:43:66:8b:9e:6e:9e:
38:22:35:a5:d0:74:f4:78:1a:a2:f0:d6:49:34:bb:
0b:e6:bd:e3:ed:60:8d:4b:14:c3:d2:aa:0e:10:70:
1c:17:f6:b7:aa:10:fa:f0:16:c0:db:39:8c:4f:31:
89:b6:f7:59:9a:f1:d5:00:d1:f5:8f:85:9b:b3:55:
02:54:bb:ee:7d:f3:0c:9c:e6:d8:2d:4a:2e:08:47:
5e:45:ee:3d:47:1c:b8:d8:10:df:b0:d0:8f:bb:ed:
6a:36:fe:85:d0:81:03:a5:8d:cb:c3:25:1a:13:01:
3d:0f:f3:e7:8c:34:14:6b:4e:12:eb:9b:13:e4:44:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BD:8A:D4:CF:CB:77:E2:67:EA:04:B8:85:1F:F5:89:99:56:1E:CC
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/qL2K1M_Ld-Jn6gS4hR_1iZlWHsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.225.29.0/24
212.145.199.0/24
Signature Algorithm: sha256WithRSAEncryption
04:48:61:e9:62:f3:a1:13:39:ab:64:b7:9c:6f:c5:b4:b3:82:
a4:47:a0:ff:04:e6:35:01:95:44:6b:12:e4:d3:64:83:4f:aa:
95:51:9a:6c:64:87:c4:77:d2:54:91:41:18:74:a3:70:9e:d8:
3f:f7:9b:c4:d8:9e:b5:bf:5b:aa:62:2a:90:6a:a8:21:3d:0f:
a2:a6:2d:98:5b:ce:95:41:18:e5:70:ca:36:8e:ca:2b:14:ec:
3a:16:36:38:3e:ae:37:46:32:14:d7:ac:46:8e:e5:b6:75:08:
4d:87:05:a7:a2:dd:2a:21:78:6c:27:b3:09:18:34:69:1b:46:
4c:09:a1:39:b6:dc:3b:0f:87:bb:59:73:60:d5:5c:61:73:c1:
b0:4f:4b:97:28:09:0a:9a:31:f5:f9:8c:1e:df:cd:f3:13:65:
cc:ce:97:ac:b2:b4:08:1e:92:ed:cc:29:16:fe:07:73:70:b1:
f8:ca:b5:b9:b9:2f:1c:bf:d2:e7:9e:ba:b9:3e:2e:dc:6d:06:
84:b8:11:e1:0d:f1:4d:50:04:a4:2f:72:48:a7:2a:b5:a1:05:
aa:c1:6a:1d:7c:2c:e9:1c:a2:b2:ac:b4:d4:07:da:80:29:6b:
1f:42:db:24:b9:be:38:6b:38:13:85:e6:75:0c:fe:5c:13:62:
c6:0d:4f:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrQMxpeOW8cygMmQ6B/KD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjMwMTAxMDI1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJkOGFkNGNmY2I3N2UyNjdlYTA0Yjg4NTFmZjU4OTk5NTYxZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlnV5WPVxNDYILb1Lkk+Rh5pddvE
/g7jctH3ZSQoLNXGpji+J3h5v0Ya6YZlJTqW57YEonA8mMugMA28FhFuTIa599cK
f1XdkhY6vsPB0SLEGjpTaAnXGm8dgJVTNLRD8t/w1HyFXSvJ4FJ5uHptwGzZF2BF
b3AML2MlKgOx+k5DZouebp44IjWl0HT0eBqi8NZJNLsL5r3j7WCNSxTD0qoOEHAc
F/a3qhD68BbA2zmMTzGJtvdZmvHVANH1j4Wbs1UCVLvuffMMnObYLUouCEdeRe49
Rxy42BDfsNCPu+1qNv6F0IEDpY3LwyUaEwE9D/PnjDQUa04S65sT5ETkAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKi9itTPy3fiZ+oEuIUf9YmZVh7MMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvcUwySzFNX0xkLUpuNmdTNGhSXzFpWmxXSHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATeEdAwQA
1JHHMA0GCSqGSIb3DQEBCwUAA4IBAQAESGHpYvOhEzmrZLecb8W0s4KkR6D/BOY1
AZVEaxLk02SDT6qVUZpsZIfEd9JUkUEYdKNwntg/95vE2J61v1uqYiqQaqghPQ+i
pi2YW86VQRjlcMo2jsorFOw6FjY4Pq43RjIU16xGjuW2dQhNhwWnot0qIXhsJ7MJ
GDRpG0ZMCaE5ttw7D4e7WXNg1Vxhc8GwT0uXKAkKmjH1+Ywe383zE2XMzpessrQI
HpLtzCkW/gdzcLH4yrW5uS8cv9Lnnrq5Pi7cbQaEuBHhDfFNUASkL3JIpyq1oQWq
wWodfCzpHKKyrLTUB9qAKWsfQtskub44azgTheZ1DP5cE2LGDU/f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:01 2024 by rpki-client on console-fra.rpki-client.org