Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/QenpfgN1G6Wh8vjAeQkvohwKTTg.roa
File: QenpfgN1G6Wh8vjAeQkvohwKTTg.roa (raw, json)
Hash identifier: e7yRW9L07xIew/RH/MMj+MAl87M6yBRyE5OUTnmY7a8=
Subject key identifier: 41:E9:E9:7E:03:75:1B:A5:A1:F2:F8:C0:79:09:2F:A2:1C:0A:4D:38
Certificate issuer: /CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Certificate serial: 01856F66FF9774363714B4796DD5A3E32F5E
Authority key identifier: DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/QenpfgN1G6Wh8vjAeQkvohwKTTg.roa
Signing time: Sun 01 Jan 2023 22:14:59 +0000
ROA not before: Sun 01 Jan 2023 22:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 194.15.103.0/24 maxlen: 24
194.15.100.0/24 maxlen: 24
194.15.101.0/24 maxlen: 24
194.15.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:ff:97:74:36:37:14:b4:79:6d:d5:a3:e3:2f:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcdcb02b61e3a15eac373b992e0e1a6545f61e52
Validity
Not Before: Jan 1 22:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41e9e97e03751ba5a1f2f8c079092fa21c0a4d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:42:a4:23:51:21:ba:63:25:e0:19:5e:12:
b8:40:da:fb:ed:7a:d2:3f:ef:87:9d:8b:c5:da:49:
ae:41:23:1d:cf:2a:3f:f5:4d:bf:e6:2c:6d:18:05:
8e:55:fa:b2:00:cf:8c:72:84:48:98:04:37:c3:60:
39:d4:d3:8c:bd:f9:b6:5f:d0:74:a6:a4:f2:f1:9d:
3e:1a:ad:16:fc:10:4f:2f:9f:9f:b8:eb:21:6d:40:
fc:8d:1c:a4:09:28:62:f5:d8:cd:0c:b6:48:fd:47:
ee:0f:c2:4c:b2:9f:6a:ee:c7:1c:75:52:c2:e4:cb:
c8:d2:00:7a:19:00:22:78:28:73:bc:09:e7:36:87:
06:19:a3:67:72:0a:49:4b:99:f1:77:99:db:1d:fa:
9f:82:5a:1e:d9:68:66:39:15:93:7b:5d:97:22:55:
c8:75:ce:f3:38:36:6e:f6:57:80:ff:2a:21:63:a4:
6f:5e:54:53:37:a2:ae:14:ea:58:9c:6b:54:5f:8d:
df:20:3b:f4:5d:5f:02:01:6e:b2:a2:74:d8:0f:fb:
b5:06:90:f4:43:31:e0:93:3f:c3:79:0d:49:16:55:
8f:04:fb:50:3a:b6:89:25:eb:8f:1a:f1:02:7f:9b:
45:e3:93:1c:b7:87:53:63:26:ee:e9:66:b9:09:79:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:E9:E9:7E:03:75:1B:A5:A1:F2:F8:C0:79:09:2F:A2:1C:0A:4D:38
X509v3 Authority Key Identifier:
keyid:DC:DC:B0:2B:61:E3:A1:5E:AC:37:3B:99:2E:0E:1A:65:45:F6:1E:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3NywK2HjoV6sNzuZLg4aZUX2HlI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/QenpfgN1G6Wh8vjAeQkvohwKTTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/2b4823-4262-47d3-9b80-66758479863e/1/3NywK2HjoV6sNzuZLg4aZUX2HlI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:bf:f6:8e:44:ef:ac:8c:84:cc:e2:9b:31:74:4d:73:a5:e8:
89:28:28:50:1b:82:6e:f8:21:4e:54:6c:e8:55:9a:2e:06:54:
44:f0:ba:13:9d:dc:ac:f6:ee:28:cf:ed:8a:bc:b0:fb:7e:57:
21:47:45:37:fd:38:08:27:f8:82:c6:3b:38:31:62:29:15:4a:
90:f4:2a:bf:89:45:99:cf:40:6f:21:8c:a1:b1:70:34:63:9f:
1a:c1:9c:3d:47:ac:b4:41:76:1c:5c:33:b7:89:14:85:8b:fc:
43:93:c5:16:94:22:b9:ab:56:e0:ff:88:cd:f4:a7:03:51:f6:
c6:f2:00:9b:61:3c:40:1e:53:12:1d:a9:66:7b:0d:a5:eb:ba:
97:5f:82:87:5b:e8:53:79:a9:de:cb:01:a2:ba:b6:15:ce:21:
26:ef:dd:47:e4:14:cf:bc:aa:d5:9f:87:83:71:4d:4e:e4:e0:
01:41:b7:34:33:a7:fa:89:ab:94:a8:6a:f5:da:8b:ff:67:ce:
19:c6:dc:da:d1:41:01:0d:f3:0c:cf:27:b5:8d:c1:2c:13:c3:
c3:89:12:cc:db:88:71:26:db:7d:d4:a7:7f:4e:9c:9d:b0:1f:
cb:07:dd:9e:f5:9c:ff:f3:d9:50:0e:43:1f:e9:3f:b3:4a:b9:
34:dd:ce:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZv+XdDY3FLR5bdWj4y9eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZGNiMDJiNjFlM2ExNWVhYzM3M2I5OTJlMGUxYTY1NDVm
NjFlNTIwHhcNMjMwMTAxMjIxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWU5ZTk3ZTAzNzUxYmE1YTFmMmY4YzA3OTA5MmZhMjFjMGE0ZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv9CpCNRIbpjJeAZXhK4QNr77XrS
P++HnYvF2kmuQSMdzyo/9U2/5ixtGAWOVfqyAM+McoRImAQ3w2A51NOMvfm2X9B0
pqTy8Z0+Gq0W/BBPL5+fuOshbUD8jRykCShi9djNDLZI/UfuD8JMsp9q7sccdVLC
5MvI0gB6GQAieChzvAnnNocGGaNncgpJS5nxd5nbHfqfgloe2WhmORWTe12XIlXI
dc7zODZu9leA/yohY6RvXlRTN6KuFOpYnGtUX43fIDv0XV8CAW6yonTYD/u1BpD0
QzHgkz/DeQ1JFlWPBPtQOraJJeuPGvECf5tF45Mct4dTYybu6Wa5CXkr+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEHp6X4DdRulofL4wHkJL6IcCk04MB8GA1UdIwQY
MBaAFNzcsCth46FerDc7mS4OGmVF9h5SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAt
NjY3NTg0Nzk4NjNlLzEvUWVucGZnTjFHNldoOHZqQWVRa3ZvaHdLVFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8yYjQ4MjMtNDI2Mi00N2QzLTliODAtNjY3NTg0Nzk4NjNl
LzEvM055d0sySGpvVjZzTnp1WkxnNGFaVVgySGxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwg9kMA0G
CSqGSIb3DQEBCwUAA4IBAQCkv/aORO+sjITM4psxdE1zpeiJKChQG4Ju+CFOVGzo
VZouBlRE8LoTndys9u4oz+2KvLD7flchR0U3/TgIJ/iCxjs4MWIpFUqQ9Cq/iUWZ
z0BvIYyhsXA0Y58awZw9R6y0QXYcXDO3iRSFi/xDk8UWlCK5q1bg/4jN9KcDUfbG
8gCbYTxAHlMSHalmew2l67qXX4KHW+hTeaneywGiurYVziEm791H5BTPvKrVn4eD
cU1O5OABQbc0M6f6iauUqGr12ov/Z84Zxtza0UEBDfMMzye1jcEsE8PDiRLM24hx
Jtt91Kd/TpydsB/LB92e9Zz/89lQDkMf6T+zSrk03c4P
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:10 2023 by rpki-client on console-fra.rpki-client.org