Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9d43cb-841c-40f2-9d9f-75f47f07c4e3/1/1-QZP3YGNopZNO0ZncYQN09XRf9E.roa
File: 1-QZP3YGNopZNO0ZncYQN09XRf9E.roa (raw, json)
Hash identifier: XcXB3CQb+pp3Kdsl8jqVyDlFVcAa/OpGtjrdC4Cf1G4=
Subject key identifier: F9:06:4F:DD:81:8D:A2:96:4D:3B:46:67:71:84:0D:D3:D5:D1:7F:D1
Certificate issuer: /CN=5270786f17c41bd01626f72db239f208b5189bb0
Certificate serial: 01856E78D5D83BC8E64B9CA5EEB4FBAB9096
Authority key identifier: 52:70:78:6F:17:C4:1B:D0:16:26:F7:2D:B2:39:F2:08:B5:18:9B:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnB4bxfEG9AWJvctsjnyCLUYm7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9d43cb-841c-40f2-9d9f-75f47f07c4e3/1/1-QZP3YGNopZNO0ZncYQN09XRf9E.roa
Signing time: Sun 01 Jan 2023 17:54:50 +0000
ROA not before: Sun 01 Jan 2023 17:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34814
IP address blocks: 193.0.204.0/22 maxlen: 24
195.191.58.0/23 maxlen: 24
193.46.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:d5:d8:3b:c8:e6:4b:9c:a5:ee:b4:fb:ab:90:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5270786f17c41bd01626f72db239f208b5189bb0
Validity
Not Before: Jan 1 17:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9064fdd818da2964d3b466771840dd3d5d17fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1b:19:0d:e5:2c:bf:20:82:cd:d7:61:5a:37:
5a:ee:d9:88:73:f7:7b:14:d3:b9:ec:d8:84:47:85:
1d:28:83:54:9e:a0:2f:b3:38:fa:c1:e1:c4:5f:ba:
77:14:06:54:22:fb:8e:c8:5e:1f:94:a6:b3:0d:4d:
d0:cf:8a:02:57:eb:2a:44:47:57:ec:29:ae:f5:39:
a2:d1:0d:7c:41:22:a0:fa:ca:aa:d6:5b:1e:e5:42:
72:09:2c:af:6f:e3:8d:5f:42:85:84:f7:d7:b4:10:
46:77:e6:95:70:0a:54:6c:8c:0e:4e:0e:6a:08:d5:
f7:4c:79:7d:9f:a3:bc:2e:6a:ed:ea:91:5c:cc:ae:
8f:d8:e5:54:77:d4:d4:85:94:5e:7e:ce:8c:14:40:
cf:09:65:5f:61:19:7f:98:05:78:a6:da:79:ee:d2:
3d:fd:6a:aa:dd:bf:7c:0f:f1:c2:0b:23:64:61:bc:
26:b4:65:51:3b:b2:b7:47:46:4c:bc:c4:3f:ea:29:
52:a7:f7:ed:66:8b:3e:6d:1a:44:86:80:32:68:3c:
47:5e:ac:81:07:85:9b:6b:eb:11:89:20:26:35:bc:
e2:55:ba:b0:e5:47:1b:e1:76:42:76:eb:02:7d:ff:
80:e7:88:80:bf:be:c8:71:93:20:1f:61:b7:e0:9b:
38:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:06:4F:DD:81:8D:A2:96:4D:3B:46:67:71:84:0D:D3:D5:D1:7F:D1
X509v3 Authority Key Identifier:
keyid:52:70:78:6F:17:C4:1B:D0:16:26:F7:2D:B2:39:F2:08:B5:18:9B:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnB4bxfEG9AWJvctsjnyCLUYm7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9d43cb-841c-40f2-9d9f-75f47f07c4e3/1/1-QZP3YGNopZNO0ZncYQN09XRf9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9d43cb-841c-40f2-9d9f-75f47f07c4e3/1/UnB4bxfEG9AWJvctsjnyCLUYm7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.204.0/22
193.46.201.0/24
195.191.58.0/23
Signature Algorithm: sha256WithRSAEncryption
c9:56:df:cc:87:b7:2a:2f:74:15:0d:c2:30:90:2f:cd:b7:bb:
fe:8e:a4:e1:61:59:1d:7c:17:d0:16:4d:78:de:d8:8d:9e:e9:
46:29:a0:d5:8f:7f:75:af:da:a7:a7:84:35:bf:fd:06:5c:cf:
c5:63:7e:b8:7b:b2:30:b3:7d:cf:90:ed:50:6f:47:4f:48:2a:
91:27:c6:c9:7f:07:89:cd:5e:44:d9:0c:95:29:ab:5c:94:69:
ed:1c:bb:26:9c:2b:09:29:a6:75:73:a7:f7:25:47:81:66:52:
cd:2e:94:fb:6e:d4:53:01:95:7a:83:ab:8d:bc:f3:de:70:f4:
9d:70:3a:74:ec:a4:70:95:53:9b:ab:79:5e:b5:85:71:24:0d:
93:ad:79:41:be:65:06:82:9f:d6:a5:2e:89:14:6d:e8:1c:a5:
82:5d:fb:95:1d:21:07:86:2b:b4:e6:83:66:b0:9c:06:37:b5:
3e:1c:01:73:5b:29:c9:27:c4:9c:61:97:a7:53:12:e6:37:3b:
0a:c8:e6:56:5a:d1:52:e8:72:97:89:1b:d2:b2:1a:5a:06:63:
26:ea:7a:77:1e:59:b6:2a:4b:c8:98:43:b5:6b:46:91:12:40:
86:b2:d4:b9:09:eb:08:89:a9:ed:01:55:27:cc:3b:2a:da:ac:
c8:01:c9:b3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVueNXYO8jmS5yl7rT7q5CWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNzA3ODZmMTdjNDFiZDAxNjI2ZjcyZGIyMzlmMjA4YjUx
ODliYjAwHhcNMjMwMTAxMTc1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA2NGZkZDgxOGRhMjk2NGQzYjQ2Njc3MTg0MGRkM2Q1ZDE3ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxsZDeUsvyCCzddhWjda7tmIc/d7
FNO57NiER4UdKINUnqAvszj6weHEX7p3FAZUIvuOyF4flKazDU3Qz4oCV+sqREdX
7Cmu9Tmi0Q18QSKg+sqq1lse5UJyCSyvb+ONX0KFhPfXtBBGd+aVcApUbIwOTg5q
CNX3THl9n6O8Lmrt6pFczK6P2OVUd9TUhZRefs6MFEDPCWVfYRl/mAV4ptp57tI9
/Wqq3b98D/HCCyNkYbwmtGVRO7K3R0ZMvMQ/6ilSp/ftZos+bRpEhoAyaDxHXqyB
B4Wba+sRiSAmNbziVbqw5Ucb4XZCdusCff+A54iAv77IcZMgH2G34Js4UwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPkGT92BjaKWTTtGZ3GEDdPV0X/RMB8GA1UdIwQY
MBaAFFJweG8XxBvQFib3LbI58gi1GJuwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5CNGJ4ZkVHOUFXSnZjdHNqbnlDTFVZbTdBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85ZDQzY2ItODQxYy00MGYyLTlkOWYt
NzVmNDdmMDdjNGUzLzEvMS1RWlAzWUdOb3BaTk8wWm5jWVFOMDlYUmY5RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvOWQ0M2NiLTg0MWMtNDBmMi05ZDlmLTc1ZjQ3ZjA3YzRl
My8xL1VuQjRieGZFRzlBV0p2Y3Rzam55Q0xVWW03QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAsEAzAME
AMEuyQMEAcO/OjANBgkqhkiG9w0BAQsFAAOCAQEAyVbfzIe3Ki90FQ3CMJAvzbe7
/o6k4WFZHXwX0BZNeN7YjZ7pRimg1Y9/da/ap6eENb/9BlzPxWN+uHuyMLN9z5Dt
UG9HT0gqkSfGyX8Hic1eRNkMlSmrXJRp7Ry7JpwrCSmmdXOn9yVHgWZSzS6U+27U
UwGVeoOrjbzz3nD0nXA6dOykcJVTm6t5XrWFcSQNk615Qb5lBoKf1qUuiRRt6Byl
gl37lR0hB4YrtOaDZrCcBje1PhwBc1spySfEnGGXp1MS5jc7CsjmVlrRUuhyl4kb
0rIaWgZjJup6dx5ZtipLyJhDtWtGkRJAhrLUuQnrCImp7QFVJ8w7KtqsyAHJsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:00 2024 by rpki-client on console-fra.rpki-client.org