Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/QpjmFPi2pVdEKClrLEnisx3VAk0.roa
File: QpjmFPi2pVdEKClrLEnisx3VAk0.roa (raw, json)
Hash identifier: aDie08YGjrtAL+nHSXKWesPD2IMtceGBX4foaB0LCaY=
Subject key identifier: 42:98:E6:14:F8:B6:A5:57:44:28:29:6B:2C:49:E2:B3:1D:D5:02:4D
Certificate issuer: /CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Certificate serial: 01865AD38761E3651441EEBAA82443B20FF8
Authority key identifier: BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/QpjmFPi2pVdEKClrLEnisx3VAk0.roa
Signing time: Thu 16 Feb 2023 15:24:17 +0000
ROA not before: Thu 16 Feb 2023 15:24:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 195.245.247.0/24 maxlen: 24
195.43.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5a:d3:87:61:e3:65:14:41:ee:ba:a8:24:43:b2:0f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Validity
Not Before: Feb 16 15:24:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4298e614f8b6a5574428296b2c49e2b31dd5024d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:69:3d:8d:cf:3c:0a:eb:dd:6d:43:ed:26:
fa:b3:5a:39:05:08:bb:fc:9d:a6:c1:d0:25:78:f0:
07:b3:51:82:d3:e9:ea:cf:25:fd:70:25:ee:a3:56:
f6:58:52:e1:04:c0:b3:8a:a8:92:77:cc:1f:0f:db:
6e:35:77:d2:93:00:dd:f0:db:a2:e7:fe:db:fb:a4:
55:73:5f:d5:3d:46:d5:8d:fd:3d:99:33:64:2c:14:
eb:be:80:45:f2:6b:ad:70:14:a5:18:99:0b:d3:09:
82:b6:bc:64:89:04:68:b4:c6:a0:2a:d8:08:21:cb:
5a:4b:de:c2:3c:96:7a:69:ce:76:67:65:16:a1:ec:
8d:b2:08:f8:a1:2e:88:e4:b1:87:4b:b1:2f:bb:f2:
28:f5:d3:0a:cf:66:90:e0:32:6a:fb:18:34:db:d7:
68:56:c6:6c:7a:d0:fb:e5:c7:d5:0f:8b:f3:56:e2:
e1:d3:04:9e:e9:b4:17:f2:97:20:eb:8c:28:05:cd:
be:7d:c2:7c:97:c8:aa:e1:aa:88:3a:f5:1b:4a:22:
47:7f:29:1b:00:23:c4:2b:02:46:15:0c:02:08:b0:
3a:9a:02:fa:33:b2:b0:b4:a0:3e:ee:05:40:f5:89:
1e:62:ee:30:ff:87:3b:fd:4e:c0:0f:af:09:99:a1:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:98:E6:14:F8:B6:A5:57:44:28:29:6B:2C:49:E2:B3:1D:D5:02:4D
X509v3 Authority Key Identifier:
keyid:BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/QpjmFPi2pVdEKClrLEnisx3VAk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.130.0/24
195.245.247.0/24
Signature Algorithm: sha256WithRSAEncryption
46:b3:bd:79:32:ab:18:d4:a9:b5:81:30:68:01:e2:9a:ad:30:
56:f4:59:80:df:80:db:d3:22:8f:b4:7a:a2:5b:99:e5:79:d2:
1f:75:d6:6a:4e:5a:50:fb:35:90:06:0f:9e:36:70:7a:26:1c:
d2:13:b6:d7:0b:00:5d:3f:e3:bc:a8:75:92:9f:71:e1:3e:cf:
8f:2d:d8:40:2d:90:92:5d:31:f0:b3:7a:5b:3d:08:a0:7c:d2:
15:8e:2a:8b:84:2b:99:be:30:71:02:1f:1e:97:60:e4:14:ca:
6f:56:aa:0f:da:54:91:c5:10:82:2f:4b:ca:d5:14:3d:ed:e0:
b2:29:e7:8a:e7:ba:f0:dc:6f:3c:f7:cb:b0:b3:93:ae:41:39:
60:2d:5f:21:26:1e:28:62:c2:7b:48:64:11:51:16:f5:70:59:
6b:64:1f:15:7d:e4:48:e5:f1:3b:f5:0d:20:15:a9:64:28:e1:
0f:e6:fc:c2:cf:63:b4:c2:82:db:3d:ae:76:0a:53:df:e1:a5:
ed:1e:d5:b0:83:91:04:6d:58:46:61:3e:30:4e:08:48:9a:00:
bc:f7:96:66:ab:cf:d3:5b:4b:1b:8c:b7:b0:21:8c:e9:86:45:
90:0d:0f:29:3b:0b:5e:8d:e8:ea:d8:61:b8:6a:3b:6a:c7:44:
e5:52:16:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZa04dh42UUQe66qCRDsg/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmQ0NmI3NmJmZDZkNDJiYmQ1NzVlMmYyNmZjZTEzNmI5
YjZhNmQwHhcNMjMwMjE2MTUyNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk4ZTYxNGY4YjZhNTU3NDQyODI5NmIyYzQ5ZTJiMzFkZDUwMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf1pPY3PPArr3W1D7Sb6s1o5BQi7
/J2mwdAlePAHs1GC0+nqzyX9cCXuo1b2WFLhBMCziqiSd8wfD9tuNXfSkwDd8Nui
5/7b+6RVc1/VPUbVjf09mTNkLBTrvoBF8mutcBSlGJkL0wmCtrxkiQRotMagKtgI
IctaS97CPJZ6ac52Z2UWoeyNsgj4oS6I5LGHS7Evu/Io9dMKz2aQ4DJq+xg029do
VsZsetD75cfVD4vzVuLh0wSe6bQX8pcg64woBc2+fcJ8l8iq4aqIOvUbSiJHfykb
ACPEKwJGFQwCCLA6mgL6M7KwtKA+7gVA9YkeYu4w/4c7/U7AD68JmaEDaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEKY5hT4tqVXRCgpayxJ4rMd1QJNMB8GA1UdIwQY
MBaAFLptRrdr/W1Cu9V14vJvzhNrm2ptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYt
ZGZmMWNmZmI3YjE4LzEvUXBqbUZQaTJwVmRFS0NsckxFbmlzeDNWQWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYtZGZmMWNmZmI3YjE4
LzEvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwyuCAwQA
w/X3MA0GCSqGSIb3DQEBCwUAA4IBAQBGs715MqsY1Km1gTBoAeKarTBW9FmA34Db
0yKPtHqiW5nledIfddZqTlpQ+zWQBg+eNnB6JhzSE7bXCwBdP+O8qHWSn3HhPs+P
LdhALZCSXTHws3pbPQigfNIVjiqLhCuZvjBxAh8el2DkFMpvVqoP2lSRxRCCL0vK
1RQ97eCyKeeK57rw3G8898uws5OuQTlgLV8hJh4oYsJ7SGQRURb1cFlrZB8VfeRI
5fE79Q0gFalkKOEP5vzCz2O0woLbPa52ClPf4aXtHtWwg5EEbVhGYT4wTghImgC8
95Zmq8/TW0sbjLewIYzphkWQDQ8pOwtejejq2GG4ajtqx0TlUhat
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:18 2024 by rpki-client on console-ams.rpki-client.org