Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/qf57quIOEAaCUEKbIAd1EVHwsfQ.roa
File: qf57quIOEAaCUEKbIAd1EVHwsfQ.roa (raw, json)
Hash identifier: nLcwDh2Qhx5edQobT8A/aNPTw1GjNrsnoxcLY2AunWw=
Subject key identifier: A9:FE:7B:AA:E2:0E:10:06:82:50:42:9B:20:07:75:11:51:F0:B1:F4
Certificate issuer: /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial: 01856EB8E903676DC157AAD3BF79107C395B
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/qf57quIOEAaCUEKbIAd1EVHwsfQ.roa
Signing time: Sun 01 Jan 2023 19:04:50 +0000
ROA not before: Sun 01 Jan 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61369
IP address blocks: 88.202.208.0/22 maxlen: 24
88.212.156.0/22 maxlen: 24
185.8.132.0/22 maxlen: 24
83.151.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:e9:03:67:6d:c1:57:aa:d3:bf:79:10:7c:39:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Validity
Not Before: Jan 1 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9fe7baae20e10068250429b2007751151f0b1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:4e:e8:67:c3:c6:f9:cb:dc:0d:26:db:0e:
3f:38:96:7e:38:39:d3:3f:d9:21:ad:3f:81:54:5d:
95:e3:c7:26:7f:49:2f:f1:ee:c6:7c:e8:5d:42:b6:
86:d9:66:66:88:e1:f3:50:ed:a6:7f:cc:b9:45:69:
c8:60:39:fa:95:24:ff:cb:5d:4a:4b:21:1f:ba:ba:
48:b4:03:fe:13:65:d6:03:e5:6f:d4:e1:2b:39:74:
ed:74:31:72:43:7e:fb:67:5d:c9:96:6f:24:0b:be:
36:65:a1:b9:0f:2b:5a:50:3f:58:31:69:af:24:1f:
38:c3:b1:91:53:18:67:99:bf:c0:51:d2:ac:65:90:
9b:dd:22:be:ca:94:02:73:00:48:e2:51:a0:78:3d:
cd:ba:99:4f:36:39:2b:d9:aa:88:b4:3d:7f:59:6a:
42:d5:2f:0d:f1:5d:d1:3e:d5:66:95:3c:9b:3c:84:
ed:a0:2d:71:77:fb:69:58:f2:83:7a:9f:f8:c9:5c:
2a:00:3d:c1:7a:f9:46:2a:c7:bd:6d:b8:13:16:80:
5e:4a:5c:35:0a:7d:ac:f1:82:5c:be:ca:e1:47:e7:
04:37:c1:84:69:04:a7:00:bc:af:c1:40:85:bd:a8:
13:d8:28:10:fe:6a:92:5d:ee:1f:44:ba:a3:40:39:
52:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FE:7B:AA:E2:0E:10:06:82:50:42:9B:20:07:75:11:51:F0:B1:F4
X509v3 Authority Key Identifier:
keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/qf57quIOEAaCUEKbIAd1EVHwsfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.151.192.0/22
88.202.208.0/22
88.212.156.0/22
185.8.132.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:1b:e5:04:21:bb:3a:0b:10:79:10:d8:9f:79:7c:46:41:25:
77:6b:45:60:33:e0:37:9f:89:9c:fd:fa:c0:0f:2d:32:04:e4:
8c:0d:8b:58:03:10:50:2e:df:69:93:c3:b3:4d:ef:79:73:d1:
b5:09:74:56:88:0d:d4:1c:31:f4:44:b2:df:6b:f8:cf:12:ff:
1c:60:ae:86:96:dd:0d:ea:7c:d7:f7:88:e4:21:4e:1c:20:14:
a6:a4:06:81:68:4b:ce:38:64:36:aa:3f:2f:b2:2d:c5:4a:d5:
e3:37:4e:1f:8e:23:4b:ab:3f:a4:24:63:9b:b4:99:42:94:19:
4a:c2:28:70:7f:5e:09:d7:9f:26:e5:6b:fb:ed:26:40:4d:f2:
fe:a3:e5:69:24:71:a1:ee:d3:b7:7d:49:b3:d1:26:4b:a7:52:
c5:f0:65:d4:ed:f0:0a:a8:3d:10:3a:a5:ef:ac:f6:3c:bb:49:
11:c5:c3:c7:43:0f:06:7a:26:9c:8c:ec:7d:2e:21:29:b4:60:
54:14:00:3a:73:6a:6e:fa:91:35:be:26:0d:bf:ae:c8:0f:bf:
c3:9e:08:1d:f2:e3:c4:a1:62:d2:28:22:0e:71:2a:4d:5b:bd:
31:ef:5b:1e:5a:9e:f2:aa:23:d9:e6:de:5d:d4:50:ee:32:15:
dc:41:ec:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuuOkDZ23BV6rTv3kQfDlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjMwMTAxMTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZlN2JhYWUyMGUxMDA2ODI1MDQyOWIyMDA3NzUxMTUxZjBiMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEVO6GfDxvnL3A0m2w4/OJZ+ODnT
P9khrT+BVF2V48cmf0kv8e7GfOhdQraG2WZmiOHzUO2mf8y5RWnIYDn6lST/y11K
SyEfurpItAP+E2XWA+Vv1OErOXTtdDFyQ377Z13Jlm8kC742ZaG5DytaUD9YMWmv
JB84w7GRUxhnmb/AUdKsZZCb3SK+ypQCcwBI4lGgeD3NuplPNjkr2aqItD1/WWpC
1S8N8V3RPtVmlTybPITtoC1xd/tpWPKDep/4yVwqAD3BevlGKse9bbgTFoBeSlw1
Cn2s8YJcvsrhR+cEN8GEaQSnALyvwUCFvagT2CgQ/mqSXe4fRLqjQDlSDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKn+e6riDhAGglBCmyAHdRFR8LH0MB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEvcWY1N3F1SU9FQWFDVUVLYklBZDFFVkh3c2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5fAAwQC
WMrQAwQCWNScAwQCuQiEMA0GCSqGSIb3DQEBCwUAA4IBAQBqG+UEIbs6CxB5ENif
eXxGQSV3a0VgM+A3n4mc/frADy0yBOSMDYtYAxBQLt9pk8OzTe95c9G1CXRWiA3U
HDH0RLLfa/jPEv8cYK6Glt0N6nzX94jkIU4cIBSmpAaBaEvOOGQ2qj8vsi3FStXj
N04fjiNLqz+kJGObtJlClBlKwihwf14J158m5Wv77SZATfL+o+VpJHGh7tO3fUmz
0SZLp1LF8GXU7fAKqD0QOqXvrPY8u0kRxcPHQw8GeiacjOx9LiEptGBUFAA6c2pu
+pE1viYNv67ID7/Dnggd8uPEoWLSKCIOcSpNW70x71seWp7yqiPZ5t5d1FDuMhXc
Qez5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:41 2024 by rpki-client on console-ams.rpki-client.org