Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/qhzzK-BOorb3J2PwxVO6jPjulGI.roa
File: qhzzK-BOorb3J2PwxVO6jPjulGI.roa (raw, json)
Hash identifier: DBbpLSWZdY7Zm+CfP3+Hie/DbVImOziU8/5ytg+h2YM=
Subject key identifier: AA:1C:F3:2B:E0:4E:A2:B6:F7:27:63:F0:C5:53:BA:8C:F8:EE:94:62
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 018570FBA982D156757D532B65BFE9BDC687
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/qhzzK-BOorb3J2PwxVO6jPjulGI.roa
Signing time: Mon 02 Jan 2023 05:36:59 +0000
ROA not before: Mon 02 Jan 2023 05:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 95.170.12.0/22 maxlen: 22
95.170.16.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a9:82:d1:56:75:7d:53:2b:65:bf:e9:bd:c6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Jan 2 05:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa1cf32be04ea2b6f72763f0c553ba8cf8ee9462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:23:23:85:f3:77:8e:f6:77:f3:48:24:b9:
42:d7:59:79:f8:6f:30:6e:a8:57:ab:12:24:eb:72:
74:94:27:22:80:eb:be:04:ec:90:f4:36:c8:a2:db:
7b:4c:c0:ed:b5:40:4e:a8:3d:ff:29:c3:cb:bd:da:
c9:72:b2:38:f5:14:55:a7:fb:ef:13:99:9f:b3:d4:
c6:f7:0b:e0:10:b4:43:88:c7:36:db:03:9c:77:be:
9c:87:b2:fb:2e:00:4b:bd:b3:9d:3a:19:6a:6c:72:
b1:49:f2:09:23:c8:cc:65:3a:ae:c3:7e:98:29:e4:
60:84:bf:39:99:40:d0:24:62:59:af:6b:5e:1d:ad:
95:f0:eb:19:28:19:cf:c8:38:f8:bf:b6:c6:fb:d2:
91:d5:2b:88:aa:40:10:5d:4f:86:13:e7:48:14:a3:
90:c5:ca:58:0e:91:60:2e:a7:ea:c6:e6:a3:c6:e9:
89:57:d4:bc:9c:15:35:11:2d:2d:1c:13:69:0d:e8:
5a:81:55:68:96:82:d1:74:75:57:32:e7:54:6f:24:
67:27:15:22:7e:b3:50:28:8f:2b:5b:de:87:84:41:
10:fe:f6:39:17:d6:3f:0e:2b:df:d9:d6:1b:61:79:
d5:f6:9e:f2:4e:ed:54:17:e9:70:bc:ba:c9:83:72:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1C:F3:2B:E0:4E:A2:B6:F7:27:63:F0:C5:53:BA:8C:F8:EE:94:62
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/qhzzK-BOorb3J2PwxVO6jPjulGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.12.0-95.170.31.255
Signature Algorithm: sha256WithRSAEncryption
0a:a8:fd:b6:88:9b:37:da:38:21:57:d0:e8:c3:bd:ec:43:71:
64:29:0c:42:ca:16:5a:8a:2d:2d:6f:0d:a2:b1:8f:74:0b:34:
4c:ba:0c:1c:1b:48:45:a6:ac:7b:e7:3a:9f:29:2b:f3:99:56:
1a:65:96:8d:da:ef:21:d0:be:6f:c2:0c:d6:83:e2:7a:75:d0:
68:9e:a4:b7:5e:c7:b9:fb:34:93:f3:b3:9a:01:01:0d:d9:15:
35:70:9f:61:f4:9b:d6:2e:fd:eb:e3:27:a3:a8:55:98:35:20:
c5:da:6f:b0:0b:1a:69:ce:4d:8c:bd:d3:5a:85:f7:8a:d6:8c:
da:75:49:6a:26:5e:b3:db:f2:3c:9c:bd:4f:f4:dd:a1:5e:84:
1a:6f:08:ae:57:77:ff:01:c4:62:07:10:a0:30:b6:56:dd:1f:
9f:98:9a:80:8a:35:75:b2:af:ba:d4:ef:b8:06:ca:ab:16:47:
51:af:1f:0b:1d:65:b9:11:83:5e:0f:13:33:4a:ab:a4:c7:42:
db:ef:d2:d6:72:1a:43:73:33:86:27:70:12:b4:2b:ba:07:8a:
54:83:96:3f:dd:9b:e8:30:19:8f:81:ef:71:d2:10:8d:cd:fc:
f4:94:65:c4:48:07:14:b7:7d:6e:67:a6:08:83:59:a3:6c:f6:
db:f2:31:ca
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVw+6mC0VZ1fVMrZb/pvcaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjMwMTAyMDUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFjZjMyYmUwNGVhMmI2ZjcyNzYzZjBjNTUzYmE4Y2Y4ZWU5NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu94jI4Xzd472d/NIJLlC11l5+G8w
bqhXqxIk63J0lCcigOu+BOyQ9DbIott7TMDttUBOqD3/KcPLvdrJcrI49RRVp/vv
E5mfs9TG9wvgELRDiMc22wOcd76ch7L7LgBLvbOdOhlqbHKxSfIJI8jMZTquw36Y
KeRghL85mUDQJGJZr2teHa2V8OsZKBnPyDj4v7bG+9KR1SuIqkAQXU+GE+dIFKOQ
xcpYDpFgLqfqxuajxumJV9S8nBU1ES0tHBNpDehagVVoloLRdHVXMudUbyRnJxUi
frNQKI8rW96HhEEQ/vY5F9Y/Divf2dYbYXnV9p7yTu1UF+lwvLrJg3K5wQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKoc8yvgTqK29ydj8MVTuoz47pRiMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvcWh6ekstQk9vcmIzSjJQd3hWTzZqUGp1bEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJfqgwD
BAVfqgAwDQYJKoZIhvcNAQELBQADggEBAAqo/baImzfaOCFX0OjDvexDcWQpDELK
FlqKLS1vDaKxj3QLNEy6DBwbSEWmrHvnOp8pK/OZVhpllo3a7yHQvm/CDNaD4np1
0GiepLdex7n7NJPzs5oBAQ3ZFTVwn2H0m9Yu/evjJ6OoVZg1IMXab7ALGmnOTYy9
01qF94rWjNp1SWomXrPb8jycvU/03aFehBpvCK5Xd/8BxGIHEKAwtlbdH5+YmoCK
NXWyr7rU77gGyqsWR1GvHwsdZbkRg14PEzNKq6THQtvv0tZyGkNzM4YncBK0K7oH
ilSDlj/dm+gwGY+B73HSEI3N/PSUZcRIBxS3fW5npgiDWaNs9tvyMco=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:44 2024 by rpki-client on console-fra.rpki-client.org