Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qdX3LZru9-73-AIwUGgBTd5rVnI.roa
File: qdX3LZru9-73-AIwUGgBTd5rVnI.roa (raw, json)
Hash identifier: uzaIKBBYWZheW97pyTj+bL0a4BlAL5mkR6VCEz4qg0g=
Subject key identifier: A9:D5:F7:2D:9A:EE:F7:EE:F7:F8:02:30:50:68:01:4D:DE:6B:56:72
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CC56E1C90CE8E7586C442F8B7A6174B05
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qdX3LZru9-73-AIwUGgBTd5rVnI.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 195.242.243.0/24 maxlen: 24
185.81.181.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
93.114.61.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:90:ce:8e:75:86:c4:42:f8:b7:a6:17:4b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9d5f72d9aeef7eef7f802305068014dde6b5672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2b:28:07:d9:96:0a:70:0a:d4:4a:eb:67:00:
46:36:0b:8c:d8:74:88:61:f4:59:9b:de:4a:f6:98:
c4:65:e1:9c:7a:88:b7:dc:6c:e6:f8:22:56:b3:4b:
fb:01:c9:74:57:90:40:e2:6c:18:81:29:00:91:06:
0f:39:f6:a2:4c:13:22:72:bd:89:0b:60:ee:d8:19:
7d:2b:9b:2c:b8:aa:27:2d:ea:3b:fe:70:b0:ba:03:
a0:7a:04:e8:49:a9:21:d9:5d:e8:a4:e1:e4:c7:36:
a4:76:a3:6a:85:01:38:59:87:88:90:c4:5c:ce:b4:
30:99:01:e3:32:27:e9:f1:61:5a:7e:20:a2:22:d0:
fe:3a:99:15:bb:02:96:d9:1e:f3:8a:da:08:27:e8:
29:13:8d:d5:73:59:06:c1:a4:cc:46:0d:09:63:62:
62:59:b4:17:ce:1d:3a:62:76:99:95:29:f0:36:78:
3f:9b:df:fc:e0:93:96:8e:84:92:65:a1:67:81:9f:
7e:86:e3:09:fd:14:cf:a0:e5:d6:9f:bd:36:c8:34:
9a:4d:3a:53:05:97:e6:a1:19:a6:ef:41:aa:b0:41:
ab:db:c8:09:d8:de:23:53:09:b3:f8:1b:43:b6:53:
28:26:80:24:c8:84:0d:f8:c1:3c:92:1e:f3:58:bf:
01:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D5:F7:2D:9A:EE:F7:EE:F7:F8:02:30:50:68:01:4D:DE:6B:56:72
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/qdX3LZru9-73-AIwUGgBTd5rVnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.61.0/24
185.81.180.0/23
195.242.243.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:89:8d:1a:10:a4:74:80:2c:ae:c7:e7:a1:e1:42:17:58:f8:
e7:8f:fe:62:6e:3c:28:28:eb:c0:b1:7d:d4:92:0a:79:a5:06:
52:fa:a8:d4:16:92:a6:c5:c5:29:54:c5:db:6a:89:b9:38:90:
41:21:e9:75:96:41:2b:ee:68:f0:a7:cb:d9:13:66:8c:fc:4d:
37:2e:59:68:cf:14:91:c7:52:12:48:6a:b0:8a:c6:48:1c:e2:
f7:f1:d8:d0:50:39:ec:b2:d4:9a:61:73:d3:f5:0e:3b:4b:5e:
b5:0e:f6:55:1a:14:c6:5b:38:58:eb:39:e5:b6:49:f4:3c:ab:
50:7d:c7:5a:96:9d:0f:16:ff:0c:9f:73:dd:ac:7b:12:37:de:
05:17:88:1a:05:50:08:90:65:c2:fb:07:64:54:ec:5c:49:5e:
75:78:22:78:ef:96:47:3e:65:56:d0:c9:e2:33:f7:e8:54:6d:
ca:8f:bd:66:91:97:c0:53:75:b2:c9:4d:da:60:60:b7:42:9d:
d0:ea:13:ba:de:3d:b0:29:cf:2e:f0:50:71:3a:34:ea:e3:91:
2e:58:84:0d:43:51:c2:18:6d:e3:96:96:07:91:f8:2b:c0:63:
e0:c5:b4:6d:ad:66:73:80:3d:67:dc:a5:e6:8a:83:4d:91:bc:
74:96:82:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbhyQzo51hsRC+LemF0sFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ1ZjcyZDlhZWVmN2VlZjdmODAyMzA1MDY4MDE0ZGRlNmI1NjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCsoB9mWCnAK1ErrZwBGNguM2HSI
YfRZm95K9pjEZeGceoi33Gzm+CJWs0v7Acl0V5BA4mwYgSkAkQYPOfaiTBMicr2J
C2Du2Bl9K5ssuKonLeo7/nCwugOgegToSakh2V3opOHkxzakdqNqhQE4WYeIkMRc
zrQwmQHjMifp8WFafiCiItD+OpkVuwKW2R7zitoIJ+gpE43Vc1kGwaTMRg0JY2Ji
WbQXzh06YnaZlSnwNng/m9/84JOWjoSSZaFngZ9+huMJ/RTPoOXWn702yDSaTTpT
BZfmoRmm70GqsEGr28gJ2N4jUwmz+BtDtlMoJoAkyIQN+ME8kh7zWL8BkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKnV9y2a7vfu9/gCMFBoAU3ea1ZyMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvcWRYM0xacnU5LTczLUFJd1VHZ0JUZDVyVm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXI9AwQB
uVG0AwQAw/LzMA0GCSqGSIb3DQEBCwUAA4IBAQAdiY0aEKR0gCyux+eh4UIXWPjn
j/5ibjwoKOvAsX3Ukgp5pQZS+qjUFpKmxcUpVMXbaom5OJBBIel1lkEr7mjwp8vZ
E2aM/E03LllozxSRx1ISSGqwisZIHOL38djQUDnsstSaYXPT9Q47S161DvZVGhTG
WzhY6znltkn0PKtQfcdalp0PFv8Mn3PdrHsSN94FF4gaBVAIkGXC+wdkVOxcSV51
eCJ475ZHPmVW0MniM/foVG3Kj71mkZfAU3WyyU3aYGC3Qp3Q6hO63j2wKc8u8FBx
OjTq45EuWIQNQ1HCGG3jlpYHkfgrwGPgxbRtrWZzgD1n3KXmioNNkbx0loIF
-----END CERTIFICATE-----
Generated at Tue Jan 2 20:23:38 2024 by rpki-client on console-fra.rpki-client.org