Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qd62UYnAJ57dCAT1K7JZ6AuFxZA.roa
File: qd62UYnAJ57dCAT1K7JZ6AuFxZA.roa (raw, json)
Hash identifier: qSCtDBmjwoSaozpyo3q17qEmK0gcYA/16IHtNz4oFeg=
Subject key identifier: A9:DE:B6:51:89:C0:27:9E:DD:08:04:F5:2B:B2:59:E8:0B:85:C5:90
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0185700283C0AAEC54B05A4F78A8C2EB475A
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qd62UYnAJ57dCAT1K7JZ6AuFxZA.roa
Signing time: Mon 02 Jan 2023 01:04:51 +0000
ROA not before: Mon 02 Jan 2023 01:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57877
IP address blocks: 185.76.216.0/22 maxlen: 22
195.135.12.0/23 maxlen: 23
195.135.48.0/24 maxlen: 24
195.135.48.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
2a05:5cc0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:83:c0:aa:ec:54:b0:5a:4f:78:a8:c2:eb:47:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 2 01:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9deb65189c0279edd0804f52bb259e80b85c590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:79:16:71:51:ca:da:9e:8b:7b:2b:26:4f:85:
10:ae:84:5e:09:0e:88:46:e6:94:9d:8d:de:40:47:
80:dc:6d:8e:12:61:4f:b8:ff:58:7d:f8:42:89:58:
d8:cc:b8:2c:61:93:e1:d7:65:86:99:c8:fb:a3:09:
9e:c7:76:d7:f6:ed:dd:c6:70:eb:22:cd:b4:7e:59:
73:dd:ac:d2:2d:21:1e:b6:e1:b2:4f:86:e6:a8:61:
b5:4a:4b:05:d6:a9:db:14:86:26:50:1f:f4:94:cc:
d3:fe:38:56:61:35:f5:87:55:c4:68:7a:a0:85:9c:
f7:ed:96:53:fe:62:a1:c5:98:44:df:ff:3f:11:31:
76:4d:4b:5e:0d:83:b9:20:14:e3:46:35:ee:00:84:
81:50:33:ac:07:aa:02:53:a6:52:62:61:49:fe:e9:
ad:4f:73:7e:9d:62:48:98:50:ba:80:ed:4b:a9:77:
30:df:73:ea:80:bf:29:5a:93:7b:dc:32:a6:9d:3e:
23:22:ed:9d:78:9a:d1:a6:01:68:2b:0d:26:de:2f:
e1:a9:74:cc:ed:b3:df:a6:48:6e:3f:df:20:9b:e3:
83:a3:43:53:07:01:4f:eb:f8:c4:be:82:c5:2c:32:
72:97:d5:db:5d:d4:c5:e0:41:6c:fb:3d:fc:57:53:
c7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DE:B6:51:89:C0:27:9E:DD:08:04:F5:2B:B2:59:E8:0B:85:C5:90
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/qd62UYnAJ57dCAT1K7JZ6AuFxZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.120.0/21
185.76.216.0/22
195.135.12.0/23
195.135.48.0/20
IPv6:
2a05:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
07:14:ab:69:14:7e:9a:0c:7a:3c:e2:9c:a7:f0:35:69:a4:19:
bd:c3:35:17:4a:93:04:84:7f:10:d0:97:3b:48:57:09:c1:a2:
ba:55:70:ac:c3:33:e7:d3:24:12:c9:e6:48:da:2f:3c:36:54:
65:87:69:26:90:83:e3:91:fe:13:05:71:24:84:6b:27:6b:22:
92:bf:22:1f:77:81:e0:83:4a:5f:99:1b:fa:a7:7d:0f:3c:de:
d5:11:b5:5e:0e:2a:8c:90:77:0c:cb:d1:cb:29:2d:93:27:03:
1f:ab:88:9e:b4:3d:fd:91:e8:ec:73:2b:56:f9:d1:c3:35:7d:
60:6d:c6:e0:fc:b2:0c:c5:3d:5b:54:bd:f3:00:35:a8:98:09:
95:06:66:b9:00:7c:bd:9a:cd:e2:0a:01:96:67:46:5b:e2:38:
d3:e9:25:1b:a8:53:fe:43:2f:c6:f6:1b:32:ec:3c:35:a1:a0:
4a:c8:37:92:93:85:65:f5:f5:68:30:c1:72:e4:5c:3c:00:a4:
5a:ee:15:92:3d:8a:bf:75:38:8f:9f:84:a7:bd:98:2b:c1:87:
00:b4:f6:63:95:e9:20:18:14:91:50:fd:06:39:ca:2d:dd:6b:
d9:cb:23:fc:74:c8:75:f6:82:02:79:8d:ca:0f:03:8b:82:36:
12:50:62:47
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwAoPAquxUsFpPeKjC60daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRlYjY1MTg5YzAyNzllZGQwODA0ZjUyYmIyNTllODBiODVjNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnkWcVHK2p6LeysmT4UQroReCQ6I
RuaUnY3eQEeA3G2OEmFPuP9YffhCiVjYzLgsYZPh12WGmcj7owmex3bX9u3dxnDr
Is20fllz3azSLSEetuGyT4bmqGG1SksF1qnbFIYmUB/0lMzT/jhWYTX1h1XEaHqg
hZz37ZZT/mKhxZhE3/8/ETF2TUteDYO5IBTjRjXuAISBUDOsB6oCU6ZSYmFJ/umt
T3N+nWJImFC6gO1LqXcw33PqgL8pWpN73DKmnT4jIu2deJrRpgFoKw0m3i/hqXTM
7bPfpkhuP98gm+ODo0NTBwFP6/jEvoLFLDJyl9XbXdTF4EFs+z38V1PH+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKnetlGJwCee3QgE9SuyWegLhcWQMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvcWQ2MlVZbkFKNTdkQ0FUMUs3Slo2QXVGeFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJYt4AwQC
uUzYAwQBw4cMAwQEw4cwMA0EAgACMAcDBQMqBVzAMA0GCSqGSIb3DQEBCwUAA4IB
AQAHFKtpFH6aDHo84pyn8DVppBm9wzUXSpMEhH8Q0Jc7SFcJwaK6VXCswzPn0yQS
yeZI2i88NlRlh2kmkIPjkf4TBXEkhGsnayKSvyIfd4Hgg0pfmRv6p30PPN7VEbVe
DiqMkHcMy9HLKS2TJwMfq4ietD39kejscytW+dHDNX1gbcbg/LIMxT1bVL3zADWo
mAmVBma5AHy9ms3iCgGWZ0Zb4jjT6SUbqFP+Qy/G9hsy7Dw1oaBKyDeSk4Vl9fVo
MMFy5Fw8AKRa7hWSPYq/dTiPn4SnvZgrwYcAtPZjlekgGBSRUP0GOcot3WvZyyP8
dMh19oICeY3KDwOLgjYSUGJH
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:46 2024 by rpki-client on console-ams.rpki-client.org