Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QqD0eHcDb4k1PuV5GV9WIptR-yw.roa
File: QqD0eHcDb4k1PuV5GV9WIptR-yw.roa (raw, json)
Hash identifier: 2Qx4Jj8RjKfUzNBfsrKYwh+GmjCbbp9U3ZqxzNwNJEY=
Subject key identifier: 42:A0:F4:78:77:03:6F:89:35:3E:E5:79:19:5F:56:22:9B:51:FB:2C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7BF2DE324F302CBECB388D9128F1C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QqD0eHcDb4k1PuV5GV9WIptR-yw.roa
Signing time: Mon 02 Jan 2023 08:44:56 +0000
ROA not before: Mon 02 Jan 2023 08:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209896
IP address blocks: 95.214.152.0/22 maxlen: 22
45.86.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:bf:2d:e3:24:f3:02:cb:ec:b3:88:d9:12:8f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a0f47877036f89353ee579195f56229b51fb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c3:65:ef:b8:9e:8b:77:f9:f0:61:5a:81:04:
14:98:df:49:dc:d0:6f:8a:13:fe:75:84:0f:6b:d1:
61:aa:8f:f3:ff:1a:f2:7e:c4:71:6a:5d:01:98:42:
94:bc:b9:d9:9d:64:ac:e8:7e:1d:ad:1d:a0:c1:d6:
a6:fa:5c:ef:c2:ee:df:22:9a:85:17:be:75:68:06:
ff:bc:0a:34:81:91:0f:5a:3c:a6:23:35:a9:fc:19:
39:1b:a7:19:eb:fa:de:20:50:e4:be:9b:1b:74:ed:
07:d8:cf:62:72:f7:a1:65:47:5a:a7:b4:fc:2e:18:
4f:ab:27:00:e2:cd:00:70:04:41:fd:99:49:7e:d3:
5c:e7:b4:c8:18:a7:aa:1f:f9:f1:19:37:90:f7:be:
6c:bf:6b:0d:13:3d:be:d1:26:77:2c:79:0b:1b:72:
71:3a:a1:ba:16:83:68:07:99:66:7c:2d:45:5e:4e:
50:f6:8c:2a:2d:18:cd:24:0d:13:88:4d:ea:88:14:
c9:37:26:d1:56:0c:dd:0f:37:ca:46:40:75:3f:21:
0a:45:4c:49:d2:bf:1b:bb:7c:f3:31:20:1a:56:86:
75:3b:b8:26:96:20:bc:18:46:a2:fa:f6:f6:ed:21:
1a:47:6e:7b:39:60:18:e0:18:3b:23:cc:c8:87:f8:
d0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A0:F4:78:77:03:6F:89:35:3E:E5:79:19:5F:56:22:9B:51:FB:2C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/QqD0eHcDb4k1PuV5GV9WIptR-yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.20.0/22
95.214.152.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:6e:59:11:e8:55:fa:32:7a:8b:3a:65:4b:94:de:82:66:74:
ff:7e:60:b6:b5:ff:6e:1c:41:05:00:5a:9e:c4:44:97:c4:34:
3e:3f:e0:34:ea:7f:20:b5:92:7e:dd:11:6d:97:66:e5:9b:ce:
67:72:bc:c5:2a:45:7b:4e:47:3c:51:1c:5d:f4:e2:8d:1b:3d:
9b:33:5b:5c:55:c0:2b:44:9a:c3:be:3e:03:9b:aa:23:ad:06:
a2:4d:09:c4:24:fd:3a:b4:e4:2d:1c:87:ba:8a:c7:3a:4b:6a:
d1:b4:16:da:3f:40:79:bb:57:50:98:db:34:f7:b4:da:c0:25:
e6:fa:a6:40:ba:1a:ea:29:29:45:73:f7:b3:04:1b:22:f9:7a:
0a:04:fb:07:cf:ba:1e:3a:3c:c7:78:3d:cc:cb:35:82:3e:52:
ba:03:37:f3:52:9d:9c:42:05:40:15:47:d3:a0:11:77:7f:b6:
00:23:9b:13:d2:44:5c:c2:a2:13:56:2a:bf:b7:5d:18:a0:d2:
a0:e3:69:a4:b4:8f:c6:3e:5e:38:8c:f6:1e:d6:82:9d:8e:52:
18:2e:d5:28:0e:30:ba:a0:8f:a8:6d:fa:b4:95:18:22:8c:9b:
66:37:c1:49:34:e7:bf:f8:d2:88:8e:00:47:65:dc:82:84:57:
92:48:22:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp78t4yTzAsvss4jZEo8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmEwZjQ3ODc3MDM2Zjg5MzUzZWU1NzkxOTVmNTYyMjliNTFmYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8Nl77iei3f58GFagQQUmN9J3NBv
ihP+dYQPa9Fhqo/z/xryfsRxal0BmEKUvLnZnWSs6H4drR2gwdam+lzvwu7fIpqF
F751aAb/vAo0gZEPWjymIzWp/Bk5G6cZ6/reIFDkvpsbdO0H2M9icvehZUdap7T8
LhhPqycA4s0AcARB/ZlJftNc57TIGKeqH/nxGTeQ975sv2sNEz2+0SZ3LHkLG3Jx
OqG6FoNoB5lmfC1FXk5Q9owqLRjNJA0TiE3qiBTJNybRVgzdDzfKRkB1PyEKRUxJ
0r8bu3zzMSAaVoZ1O7gmliC8GEai+vb27SEaR257OWAY4Bg7I8zIh/jQ3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEKg9Hh3A2+JNT7leRlfViKbUfssMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvUXFEMGVIY0RiNGsxUHVWNUdWOVdJcHRSLXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVYUAwQC
X9aYMA0GCSqGSIb3DQEBCwUAA4IBAQBLblkR6FX6MnqLOmVLlN6CZnT/fmC2tf9u
HEEFAFqexESXxDQ+P+A06n8gtZJ+3RFtl2blm85ncrzFKkV7Tkc8URxd9OKNGz2b
M1tcVcArRJrDvj4Dm6ojrQaiTQnEJP06tOQtHIe6isc6S2rRtBbaP0B5u1dQmNs0
97TawCXm+qZAuhrqKSlFc/ezBBsi+XoKBPsHz7oeOjzHeD3MyzWCPlK6AzfzUp2c
QgVAFUfToBF3f7YAI5sT0kRcwqITViq/t10YoNKg42mktI/GPl44jPYe1oKdjlIY
LtUoDjC6oI+obfq0lRgijJtmN8FJNOe/+NKIjgBHZdyChFeSSCJB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org