Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/cQnnqDfB7RDmilAXZI7Vbvhv2bk.roa
File: cQnnqDfB7RDmilAXZI7Vbvhv2bk.roa (raw, json)
Hash identifier: u6DRBmFmfk9eZVt+hUhqZnMVLKe35zVOaF/ipXfrp1o=
Subject key identifier: 71:09:E7:A8:37:C1:ED:10:E6:8A:50:17:64:8E:D5:6E:F8:6F:D9:B9
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 018572836D58232E69BC524C514D5FB9BF8C
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/cQnnqDfB7RDmilAXZI7Vbvhv2bk.roa
Signing time: Mon 02 Jan 2023 12:44:53 +0000
ROA not before: Mon 02 Jan 2023 12:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39558
IP address blocks: 195.244.4.0/23 maxlen: 23
91.221.132.0/24 maxlen: 24
91.221.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:83:6d:58:23:2e:69:bc:52:4c:51:4d:5f:b9:bf:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Jan 2 12:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7109e7a837c1ed10e68a5017648ed56ef86fd9b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:da:56:84:36:52:ef:d4:2c:45:b9:db:7b:8f:
da:e7:cb:05:4b:b5:9e:1b:1f:d2:6d:16:f3:a2:00:
08:45:51:d5:07:f4:c4:00:98:d1:ca:d7:10:a0:bd:
f1:cb:03:e4:1a:57:c3:71:58:82:cb:2c:7c:61:d9:
27:40:90:3b:ae:ea:8c:2e:e5:60:6b:fb:eb:8f:68:
dc:5d:35:11:1c:53:36:a5:50:cf:a1:7e:38:be:e0:
a9:dd:bd:bf:50:d1:61:c6:fd:c0:43:ca:02:d4:e5:
2e:4f:a3:3f:cf:da:de:80:e3:f3:65:1e:b0:fa:53:
26:7f:7c:dd:78:37:56:90:f3:70:51:62:95:d0:cc:
74:c4:b7:e9:1a:f8:37:04:7a:d1:2c:a8:8e:ee:dd:
d6:ba:72:f6:7a:9b:93:cf:d3:bd:bf:51:c4:4f:57:
0c:d2:06:28:95:4b:52:fb:0a:ce:2e:b9:30:17:0b:
37:1f:fd:44:eb:f8:ef:71:09:b2:45:ff:01:6c:e2:
f3:2d:4c:62:a1:da:1e:be:a2:fa:90:22:7b:e1:f6:
93:c6:a9:c8:23:0f:cf:cc:d3:c9:99:95:52:4f:58:
83:c7:e9:17:82:55:57:73:40:cd:71:a0:21:a8:e4:
66:ee:3d:ef:5a:e1:3c:95:de:2f:71:e7:88:53:05:
6a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:09:E7:A8:37:C1:ED:10:E6:8A:50:17:64:8E:D5:6E:F8:6F:D9:B9
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/cQnnqDfB7RDmilAXZI7Vbvhv2bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.132.0/23
195.244.4.0/23
Signature Algorithm: sha256WithRSAEncryption
81:35:ef:d3:31:cf:cf:66:01:32:85:86:a5:91:e8:d1:34:c4:
ed:60:6f:fd:4b:c8:18:aa:69:77:33:a7:4a:bb:1e:0e:1d:55:
1a:bf:70:97:88:2b:07:51:69:6a:42:ff:4d:76:7c:7b:ea:a4:
6f:69:2d:8f:f5:c4:36:94:3e:1e:01:6e:e8:f4:7a:5c:14:3e:
35:ee:dc:59:94:b9:0d:b4:47:ec:1d:8b:18:fd:a2:75:c0:40:
3a:b3:ec:56:4b:f5:23:2f:32:69:0b:79:af:01:89:c2:1e:07:
e4:b4:37:86:07:27:c2:f1:1e:87:8e:fb:0d:b4:f1:98:70:e5:
d1:96:72:f0:58:63:28:5f:53:84:98:28:24:de:2b:a3:c1:76:
be:6a:2b:dd:1f:ed:7e:e4:cb:16:bd:81:9a:4e:fb:05:fa:91:
eb:ab:d9:4d:d8:1f:0c:30:b7:a5:b5:6f:80:48:80:42:12:16:
34:bc:c0:a4:44:a9:a3:c1:1e:2c:9c:df:74:37:79:dc:93:12:
a7:51:a0:c1:77:81:9b:6b:d1:86:21:61:47:5e:54:09:99:0b:
a6:7a:9c:b7:3f:d1:e0:58:fb:58:09:89:4a:c1:86:94:11:dc:
df:cc:1c:22:1d:91:3d:17:c2:27:e2:eb:c2:6f:da:5a:bd:9e:
4e:d3:3a:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyg21YIy5pvFJMUU1fub+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjMwMTAyMTI0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA5ZTdhODM3YzFlZDEwZTY4YTUwMTc2NDhlZDU2ZWY4NmZkOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltpWhDZS79QsRbnbe4/a58sFS7We
Gx/SbRbzogAIRVHVB/TEAJjRytcQoL3xywPkGlfDcViCyyx8YdknQJA7ruqMLuVg
a/vrj2jcXTURHFM2pVDPoX44vuCp3b2/UNFhxv3AQ8oC1OUuT6M/z9regOPzZR6w
+lMmf3zdeDdWkPNwUWKV0Mx0xLfpGvg3BHrRLKiO7t3WunL2epuTz9O9v1HET1cM
0gYolUtS+wrOLrkwFws3H/1E6/jvcQmyRf8BbOLzLUxiodoevqL6kCJ74faTxqnI
Iw/PzNPJmZVST1iDx+kXglVXc0DNcaAhqORm7j3vWuE8ld4vceeIUwVq/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHEJ56g3we0Q5opQF2SO1W74b9m5MB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvY1FubnFEZkI3UkRtaWxBWFpJN1Zidmh2MmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW92EAwQB
w/QEMA0GCSqGSIb3DQEBCwUAA4IBAQCBNe/TMc/PZgEyhYalkejRNMTtYG/9S8gY
qml3M6dKux4OHVUav3CXiCsHUWlqQv9Ndnx76qRvaS2P9cQ2lD4eAW7o9HpcFD41
7txZlLkNtEfsHYsY/aJ1wEA6s+xWS/UjLzJpC3mvAYnCHgfktDeGByfC8R6HjvsN
tPGYcOXRlnLwWGMoX1OEmCgk3iujwXa+aivdH+1+5MsWvYGaTvsF+pHrq9lN2B8M
MLeltW+ASIBCEhY0vMCkRKmjwR4snN90N3nckxKnUaDBd4Gba9GGIWFHXlQJmQum
epy3P9HgWPtYCYlKwYaUEdzfzBwiHZE9F8In4uvCb9pavZ5O0zr4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:21 2024 by rpki-client on console-fra.rpki-client.org